On Fri, 20 Sep 2024 15:33:05 GMT, Hai-May Chao <hc...@openjdk.org> wrote:
> The change involves handling an unusual situation, and to help with
> debugging, I’d like to suggest to log a message when server continues
> processing an unencrypted alert.
Will add the logging, thanks!
> src/java.base/share/classes/sun/security/ssl/SSLTransport.java line 126:
>
>> 124: throw context.fatal(Alert.BAD_RECORD_MAC, bte);
>> 125: } catch (BadPaddingException bpe) {
>> 126: // Check for unexpected plaintext alert message during
>> TLSv1.3 handshake, @bug 8331682
>
> Suggest to modify the comments here where re-constructing the plaintext
> instead of @bug 8331682.
Will do, thanks!
> test/jdk/javax/net/ssl/TLSv13/SSLEngineNoServerHelloClientShutdown.java line
> 239:
>
>> 237:
>> 238: /* TODO: Final client unwrap fails because server doesn't send
>> an alert to terminate
>> 239: the handshake after receiving close_notify alert from the
>> client. Investigate why.
>
> Is this TODO item done?
Not yet. I'm currently learning the internals of TLS code and going through TLS
RFC in order to understand if it's an expected behavior or not. What do you
think?
-------------
PR Comment: https://git.openjdk.org/jdk/pull/21043#issuecomment-2364083286
PR Review Comment: https://git.openjdk.org/jdk/pull/21043#discussion_r1768882473
PR Review Comment: https://git.openjdk.org/jdk/pull/21043#discussion_r1768881285
