RFR: 8331682: Slow networks/Impatient clients can potentially send unencrypted TLSv1.3 alerts that won't parse on the server [v9]
Daniel Jeliński
djelinski at openjdk.org
Mon Sep 30 07:19:38 UTC 2024
On Fri, 27 Sep 2024 19:51:01 GMT, Artur Barashev <abarashev at openjdk.org> wrote:
>> I was referring to `srcs[srcOffset]`; `packet` is a duplicate, so the position is independent from the original.
>
> No, the position was already advanced in `decodeInputRecord`. The test correctly reports `bytesConsumed = 7` when server unwraps the alerts.
ah, I see that now.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/21043#discussion_r1780556012
More information about the security-dev
mailing list