RFR: 8357033: Reduce stateless session ticket size [v2]
Artur Barashev
abarashev at openjdk.org
Tue May 20 21:45:56 UTC 2025
On Tue, 20 May 2025 09:39:09 GMT, Daniel Jeliński <djelinski at openjdk.org> wrote:
>> Artur Barashev has updated the pull request incrementally with one additional commit since the last revision:
>>
>> Log error and return null no compress/decompress failure
>
> src/java.base/share/classes/sun/security/ssl/SSLSessionImpl.java line 424:
>
>> 422:
>> 423: if (pos == null) {
>> 424: throw hc.conContext.fatal(Alert.HANDSHAKE_FAILURE,
>
> I don't think using `fatal` is the right choice here; ideally we should fall back to a full handshake instead. Consider setting invalidated=true instead
Done.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/25310#discussion_r2098923061
More information about the security-dev
mailing list