On Tue, 29 Oct 2024 19:35:54 GMT, Artur Barashev <abaras...@openjdk.org> wrote:
>> Check for unexpected plaintext alert message during TLSv1.3 handshake. This
>> can happen if client doesn't receive ServerHello due to network timeout and
>> tries to close the connection by sending an alert message.
>
> Artur Barashev has updated the pull request incrementally with one additional
> commit since the last revision:
>
> Remove logging
Thank you for the update!
src/java.base/share/classes/sun/security/ssl/SSLCipher.java line 1875:
> 1873: "fragment (" + bb.remaining() + "). Needs
> to be " +
> 1874: "more than tag size (" + tagSize + ")");
> 1875: }
>From the context, we only know the record is an alert message. We don't
>actually know it is plaintext or not. But I will have you for the final
>decision.
There are another "Insufficient buffer remaining" exception in the SSLCipher
class, we may want to keep the behavior consistent, with similar update. But I
am fine to do it separately.
I am going to approve it.
-------------
Marked as reviewed by xuelei (Reviewer).
PR Review: https://git.openjdk.org/jdk/pull/21043#pullrequestreview-2402936758
PR Review Comment: https://git.openjdk.org/jdk/pull/21043#discussion_r1821443097
