<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<p>Thanks Norman, I'm going to file a bug on this one. After
playing with it a bit more I found cases where even
SSLServerSockets do run into the issue but it doesn't always
happen. Still working on characterizing it.</p>
<p>--Jamil<br>
</p>
<div class="moz-cite-prefix">On 3/31/2020 7:11 AM, Norman Maurer
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:DF08DC63-3056-4982-ADC1-029C9A5417E2@googlemail.com">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
Yes thats about right… if setting to false it works as expected.
<div class=""><br class="">
</div>
<div class="">
<div><br class="">
</div>
<div>Bye</div>
<div>Norman</div>
<div><br class="">
</div>
<div><br class="">
<blockquote type="cite" class="">
<div class="">On 31. Mar 2020, at 01:50, Jamil Nimeh <<a
href="mailto:jamil.j.nimeh@Oracle.Com" class=""
moz-do-not-send="true">jamil.j.nimeh@Oracle.Com</a>>
wrote:</div>
<br class="Apple-interchange-newline">
<div class="">
<meta http-equiv="Content-Type" content="text/html;
charset=UTF-8" class="">
<div class="">
<p class="">Hi Norman,</p>
<p class="">I've been able to run your test code and I
can reproduce it. Interestingly enough, it appears to
happen when
-Djdk.tls.server.enableSessionTicketExtension=true,
which is the default position. With session tickets
enabled, I would see the issue in TLS 1.3 and 1.2
connections just as you did. Setting the above
property to false however allowed me to make
successful connections. Would you mind setting that
property to false, just to make sure you and I see the
same thing?</p>
<p class="">I did go back and run SSLServerSocket-based
connections just to see if the session ticket settings
had any impact on things, but they don't. I can make
connections to a socket based SSL server regardless of
the property value on the server side.</p>
<p class="">Thanks,</p>
<p class="">--Jamil<br class="">
</p>
<div class="moz-cite-prefix">On 3/30/2020 5:31 AM,
Norman Maurer wrote:<br class="">
</div>
<blockquote type="cite"
cite="mid:41271A68-2A81-4E87-ACE3-6409C7D7DCEE@googlemail.com"
class="">
<meta http-equiv="Content-Type" content="text/html;
charset=UTF-8" class="">
Hey Sean,
<div class=""><br class="">
</div>
<div class="">There is not much to share as its just a
simple handshake :)</div>
<div class=""><br class="">
</div>
<div class="">Anyway here is a reproducer:</div>
<div class=""><br class="">
</div>
<div class=""><a
href="https://github.com/normanmaurer/jdk_ssl_session_context_reproducer"
class="" moz-do-not-send="true">https://github.com/normanmaurer/jdk_ssl_session_context_reproducer</a></div>
<div class=""><br class="">
</div>
<div class="">It basically does nothing more then
complete the handshake and then calling
engine.getSession().getSessionContext() which will
return null on the server side since JDK 14 (earlier
versions work).</div>
<div class="">I tested it with TLSv1.2 and TLSv1.3 and
both times it produced the error on JDK 14.</div>
<div class=""><br class="">
</div>
<div class=""><br class="">
</div>
<div class="">Bye</div>
<div class="">Norman</div>
<div class=""><br class="">
<div class="">
<div class=""><br class="">
<blockquote type="cite" class="">
<div class="">On 30. Mar 2020, at 13:22, Seán
Coffey <<a
href="mailto:sean.coffey@oracle.com"
class="" moz-do-not-send="true">sean.coffey@oracle.com</a>>
wrote:</div>
<br class="Apple-interchange-newline">
<div class="">
<div class="">Looks interesting Norman. Do
you want to share some more details about
the peculiarities of this handshake before
considering a fully fledged testcase ?<br
class="">
<br class="">
regards,<br class="">
Sean.<br class="">
<br class="">
On 27/03/2020 12:48, Norman Maurer wrote:<br
class="">
<blockquote type="cite" class="">Hi there,<br
class="">
<br class="">
I am just about to add JDK14 to the test
matrix for netty and think I found a
regression. Before I will invest time to
write a standalone reproducer please let
me know if you think this is a
regression or not.<br class="">
Basically after the handshake is
complete
SSLEngine.getSession().getSessionContext()
returns null on the serverside when
using JDK14. Running the same test with
any previous version (JDK13 and earlier)
doesn’t show the same result.<br
class="">
<br class="">
Does this sounds like a regression and
if so should I provide a standalone
reproducer here ?<br class="">
<br class="">
Bye<br class="">
Norman<br class="">
<br class="">
</blockquote>
</div>
</div>
</blockquote>
</div>
<br class="">
</div>
</div>
</blockquote>
</div>
</div>
</blockquote>
</div>
<br class="">
</div>
</blockquote>
</body>
</html>