On Fri, 20 Sep 2024 16:41:13 GMT, Daniel Jeliński <djelin...@openjdk.org> wrote:
>> Not yet. I'm currently learning the internals of TLS code and going through
>> TLS RFC in order to understand if it's an expected behavior or not. What do
>> you think?
>
> you can't clear the sTOc buffer if you want this to work; TLS is running over
> TCP, and TCP never loses data. So, the final client unwrap is expected to
> deal with serverHello and all handshake messages before receiving the
> encrypted close_notify alert.
@djelinski I see, thanks! But here is the exception I'm getting, it's not about
unexpected command. Can we get it because server is using TLSv1.3 and client is
using TLSv1.2? How do we switch server to TLSv1.2 after encontering this
situation?
`---Last Client Unwrap---
javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
at
java.base/sun.security.ssl.SSLEngineInputRecord.bytesInCompletePacket(SSLEngineInputRecord.java:145)
at
java.base/sun.security.ssl.SSLEngineInputRecord.bytesInCompletePacket(SSLEngineInputRecord.java:64)
at
java.base/sun.security.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:613)
at
java.base/sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:507)
at
java.base/sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:483)
at java.base/javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:679)
at
SSLEngineNoServerHelloClientShutdown.runTestUserCancelled(SSLEngineNoServerHelloClientShutdown.java:244)
at
SSLEngineNoServerHelloClientShutdown.main(SSLEngineNoServerHelloClientShutdown.java:140)
at
java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:103)
at java.base/java.lang.reflect.Method.invoke(Method.java:573)
`
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/21043#discussion_r1768925025
