RFR: 8263779: SSLEngine reports NEED_WRAP continuously without producing any further output

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

RFR: 8263779: SSLEngine reports NEED_WRAP continuously without producing any further output

Xue-Lei Andrew Fan
As described in the bug, by connecting the SSLEngine with a misbehaving peer SSL implementation, it can get into a state where it calling `wrap` reports getStatus == OK, getHandshakeStatus === NEED_WRAP but still doesn't produce any further output.   It happens when the output bound is not empty.

The handshake status could have more precise status if the out bound.  The patch was confirmed by the bug submitter.

-------------

Commit messages:
 - 8263779: SSLEngine reports NEED_WRAP continuously without producing any further output

Changes: https://git.openjdk.java.net/jdk/pull/3292/files
 Webrev: https://webrevs.openjdk.java.net/?repo=jdk&pr=3292&range=00
  Issue: https://bugs.openjdk.java.net/browse/JDK-8263779
  Stats: 44 lines in 3 files changed: 21 ins; 1 del; 22 mod
  Patch: https://git.openjdk.java.net/jdk/pull/3292.diff
  Fetch: git fetch https://git.openjdk.java.net/jdk pull/3292/head:pull/3292

PR: https://git.openjdk.java.net/jdk/pull/3292
Reply | Threaded
Open this post in threaded view
|

Re: RFR: 8263779: SSLEngine reports NEED_WRAP continuously without producing any further output

Xue-Lei Andrew Fan
On Wed, 31 Mar 2021 20:52:57 GMT, Xue-Lei Andrew Fan <[hidden email]> wrote:

> As described in the bug, by connecting the SSLEngine with a misbehaving peer SSL implementation, it can get into a state where it calling `wrap` reports getStatus == OK, getHandshakeStatus === NEED_WRAP but still doesn't produce any further output.   It happens when the output bound is not empty.
>
> The handshake status could have more precise status if the out bound.  The patch was confirmed by the bug submitter.

ping ...

-------------

PR: https://git.openjdk.java.net/jdk/pull/3292