On Wed, 18 Sep 2024 13:59:59 GMT, Artur Barashev <d...@openjdk.org> wrote:
>> test/jdk/javax/net/ssl/TLSv13/SSLEngineNoServerHelloClientShutdown.java line
>> 204:
>>
>>> 202: // Server unwrap should process an unencrypted 2 byte packet,
>>> 203: log("---Server Unwrap user_cancelled alert---");
>>> 204: serverResult = serverEngine.unwrap(cTOs, serverIn);
>>
>> does that mean that we don't throw a SSLHandshakeException on receipt of
>> close_notify in the middle of the handshake?
>
> Our own client code is unable to produce `close_notify` during the handshake,
> it sends `user_cancelled` as per RFC. If `close_notify` alert is received
> during handshake and it doesn't follow the `user_cancelled` alert, then we
> throw UNEXPECTED_MESSAGE SSLHandshakeException.
Please disregard my last comment. Our own client code does produce
`close_notify` after `user_cancelled` during the handshake, as it SHOULD per
RFC. I've updated the test to reflect that.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/21043#discussion_r1765679626
