On Wed, 24 Sep 2025 14:55:57 GMT, Alice Pellegrini <d...@openjdk.org> wrote:
>> According to RFC 8446 section 5.4, third paragraph >>> Application Data records may contain a zero-length >>> TLSInnerPlaintext.content if the sender desires. This permits >>> generation of plausibly sized cover traffic in contexts where the >>> presence or absence of activity may be sensitive. Implementations >>> MUST NOT send Handshake and Alert records that have a zero-length >>> TLSInnerPlaintext.content; if such a message is received, the >>> receiving implementation MUST terminate the connection with an >>> "unexpected_message" alert. >> >> >> The proposed change removes an off by 1 error in the SSLCipher >> implementation, forces the correct Alert message to be sent in response to >> zero-length Alert fragments, as well as updating some tests which detected >> the BadPaddingException but now detect a SSLProtocolException, which is >> thrown by `TransportContext.fatal` > > Alice Pellegrini has updated the pull request incrementally with one > additional commit since the last revision: > > Update copyright, apply suggestions from review, more consistent style for > for loop between the two ciphers > > Co-authored-by: Daniel Jelinski <daniel.jelin...@oracle.com> @friedbyalice Your change (at version a76fa9c3fc50b92947659c638bbfb7437ac5c6b0) is now ready to be sponsored by a Committer. ------------- PR Comment: https://git.openjdk.org/jdk/pull/27438#issuecomment-3329457790
