<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class="">Please add a link to the bug once it is created.<div class=""><br class=""></div><div class="">Bye</div><div class="">Norman</div><div class=""><br class=""><div><br class=""><blockquote type="cite" class=""><div class="">On 31. Mar 2020, at 17:35, Jamil Nimeh <<a href="mailto:jamil.j.nimeh@Oracle.Com" class="">jamil.j.nimeh@Oracle.Com</a>> wrote:</div><br class="Apple-interchange-newline"><div class="">
  
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" class="">
  
  <div class=""><p class="">Thanks Norman, I'm going to file a bug on this one.  After
      playing with it a bit more I found cases where even
      SSLServerSockets do run into the issue but it doesn't always
      happen.  Still working on characterizing it.</p><p class="">--Jamil<br class="">
    </p>
    <div class="moz-cite-prefix">On 3/31/2020 7:11 AM, Norman Maurer
      wrote:<br class="">
    </div>
    <blockquote type="cite" cite="mid:DF08DC63-3056-4982-ADC1-029C9A5417E2@googlemail.com" class="">
      <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" class="">
      Yes thats about right… if setting to false it works as expected.
      <div class=""><br class="">
      </div>
      <div class="">
        <div class=""><br class="">
        </div>
        <div class="">Bye</div>
        <div class="">Norman</div>
        <div class=""><br class="">
        </div>
        <div class=""><br class="">
          <blockquote type="cite" class="">
            <div class="">On 31. Mar 2020, at 01:50, Jamil Nimeh <<a href="mailto:jamil.j.nimeh@Oracle.Com" class="" moz-do-not-send="true">jamil.j.nimeh@Oracle.Com</a>>
              wrote:</div>
            <br class="Apple-interchange-newline">
            <div class="">
              <meta http-equiv="Content-Type" content="text/html;
                charset=UTF-8" class="">
              <div class=""><p class="">Hi Norman,</p><p class="">I've been able to run your test code and I
                  can reproduce it.  Interestingly enough, it appears to
                  happen when
                  -Djdk.tls.server.enableSessionTicketExtension=true,
                  which is the default position.  With session tickets
                  enabled, I would see the issue in TLS 1.3 and 1.2
                  connections just as you did.  Setting the above
                  property to false however allowed me to make
                  successful connections.  Would you mind setting that
                  property to false, just to make sure you and I see the
                  same thing?</p><p class="">I did go back and run SSLServerSocket-based
                  connections just to see if the session ticket settings
                  had any impact on things, but they don't.  I can make
                  connections to a socket based SSL server regardless of
                  the property value on the server side.</p><p class="">Thanks,</p><p class="">--Jamil<br class="">
                </p>
                <div class="moz-cite-prefix">On 3/30/2020 5:31 AM,
                  Norman Maurer wrote:<br class="">
                </div>
                <blockquote type="cite" cite="mid:41271A68-2A81-4E87-ACE3-6409C7D7DCEE@googlemail.com" class="">
                  <meta http-equiv="Content-Type" content="text/html;
                    charset=UTF-8" class="">
                  Hey Sean,
                  <div class=""><br class="">
                  </div>
                  <div class="">There is not much to share as its just a
                    simple handshake :)</div>
                  <div class=""><br class="">
                  </div>
                  <div class="">Anyway here is a reproducer:</div>
                  <div class=""><br class="">
                  </div>
                  <div class=""><a href="https://github.com/normanmaurer/jdk_ssl_session_context_reproducer" class="" moz-do-not-send="true">https://github.com/normanmaurer/jdk_ssl_session_context_reproducer</a></div>
                  <div class=""><br class="">
                  </div>
                  <div class="">It basically does nothing more then
                    complete the handshake and then calling
                    engine.getSession().getSessionContext() which will
                    return null on the server side since JDK 14 (earlier
                    versions work).</div>
                  <div class="">I tested it with TLSv1.2 and TLSv1.3 and
                    both times it produced the error on JDK 14.</div>
                  <div class=""><br class="">
                  </div>
                  <div class=""><br class="">
                  </div>
                  <div class="">Bye</div>
                  <div class="">Norman</div>
                  <div class=""><br class="">
                    <div class="">
                      <div class=""><br class="">
                        <blockquote type="cite" class="">
                          <div class="">On 30. Mar 2020, at 13:22, Seán
                            Coffey <<a href="mailto:sean.coffey@oracle.com" class="" moz-do-not-send="true">sean.coffey@oracle.com</a>>
                            wrote:</div>
                          <br class="Apple-interchange-newline">
                          <div class="">
                            <div class="">Looks interesting Norman. Do
                              you want to share some more details about
                              the peculiarities of this handshake before
                              considering a fully fledged testcase ?<br class="">
                              <br class="">
                              regards,<br class="">
                              Sean.<br class="">
                              <br class="">
                              On 27/03/2020 12:48, Norman Maurer wrote:<br class="">
                              <blockquote type="cite" class="">Hi there,<br class="">
                                <br class="">
                                I am just about to add JDK14 to the test
                                matrix for netty and think I found a
                                regression. Before I will invest time to
                                write a standalone reproducer please let
                                me know if you think this is a
                                regression or not.<br class="">
                                Basically after the handshake is
                                complete
                                SSLEngine.getSession().getSessionContext()
                                returns null on the serverside when
                                using JDK14. Running the same test with
                                any previous version (JDK13 and earlier)
                                doesn’t show the same result.<br class="">
                                <br class="">
                                Does this sounds like a regression and
                                if so should I provide a standalone
                                reproducer here ?<br class="">
                                <br class="">
                                Bye<br class="">
                                Norman<br class="">
                                <br class="">
                              </blockquote>
                            </div>
                          </div>
                        </blockquote>
                      </div>
                      <br class="">
                    </div>
                  </div>
                </blockquote>
              </div>
            </div>
          </blockquote>
        </div>
        <br class="">
      </div>
    </blockquote>
  </div>

</div></blockquote></div><br class=""></div></body></html>