[prev in list] [next in list] [prev in thread] [next in thread]
List: openjdk-security-dev
Subject: Re: RFR: 8294983: SSLEngine throws ClassCastException during handshake [v2]
From: Mark Powers <mpowers () openjdk ! org>
Date: 2023-04-28 22:11:52
Message-ID: 6BXxNg4GFFYBW45XqG79pNGrTZQsaJgrqoKh--ycLis=.dc8e1050-bc14-4cd4-afde-3d431b863479 () github ! com
[Download RAW message or body]
On Fri, 28 Apr 2023 20:49:30 GMT, Kevin Driver <kdriver@openjdk.org> wrote:
> > Fixes a scenario where a `ServerHandshakeContext` might be cast as a \
> > `ClientHandshakeContext`.
>
> Kevin Driver has updated the pull request with a new target base due to a merge or \
> a rebase. The incremental webrev excludes the unrelated changes brought in by the \
> merge/rebase. The pull request contains three additional commits since the last \
> revision:
> - updated copyright
> - Merge branch 'master' of github.com:openjdk/jdk into JDK-8294983
> - set consumer to null if we're not in client mode
src/java.base/share/classes/sun/security/ssl/HandshakeContext.java line 2:
> 1: /*
> 2: * Copyright (c) 2018, 2022, 2023, Oracle and/or its affiliates. All rights \
> reserved.
No need for 2022.
src/java.base/share/classes/sun/security/ssl/HandshakeContext.java line 457:
> 455: // For TLS 1.2 and prior versions, the HelloRequest message MAY
> 456: // be sent by the server at any time.
> 457: consumer = conContext.sslConfig.isClientMode ?
This seems reasonable, but could you update the bug report to say why this fixes the \
problem?
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/13727#discussion_r1180845624
PR Review Comment: https://git.openjdk.org/jdk/pull/13727#discussion_r1180846282
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic