-
Bug
-
Resolution: Fixed
-
P3
-
5.0
-
03
-
generic
-
generic
| Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
|---|---|---|---|---|---|---|
| JDK-2110298 | 5.0 | Bradford Wetmore | P3 | Resolved | Fixed | beta2 |
| JDK-2110297 | 1.4.2_05 | Bradford Wetmore | P3 | Resolved | Fixed | 05 |
Connect to a server using protocols TLSv1 and SSLv3, server
supports SSLv3 only with requires
com.sun.net.ssl.rsaPreMasterSecretFix. Do the initial connection, wait for
the server to timeout the session, forcing the next connection to be
a complete renegotiation. The second handshake starts, and the
client again tries to do a handshake but is using enabledProtocols.max (TLSv1)
in the PreMasterSecret, instead of the negotiated version (SSLv3), and you'll
get:
main, WRITE: SSLv3 Handshake, length = 56
main, READ: SSLv3 Alert, length = 2
main, RECV SSLv3 ALERT: fatal, bad_record_mac
main, called closeSocket()
main, handling exception: javax.net.ssl.SSLException: Received fatal alert: bad_record_mac
finished Wed Feb 18 18:04:38 PST 2004 good[1] bad[1]
javax.net.ssl.SSLException: Received fatal alert: bad_record_mac
Exception in thread "main" javax.net.ssl.SSLException: Received fatal alert: bad_record_mac
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:166)
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:117)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1542)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:863)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1025)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:619)
at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:59)
at java.io.OutputStream.write(OutputStream.java:58)
at SockCli.sendStream(SockCli.java:72)
at SockCli.main(SockCli.java:28)
###@###.### 2004-02-19
supports SSLv3 only with requires
com.sun.net.ssl.rsaPreMasterSecretFix. Do the initial connection, wait for
the server to timeout the session, forcing the next connection to be
a complete renegotiation. The second handshake starts, and the
client again tries to do a handshake but is using enabledProtocols.max (TLSv1)
in the PreMasterSecret, instead of the negotiated version (SSLv3), and you'll
get:
main, WRITE: SSLv3 Handshake, length = 56
main, READ: SSLv3 Alert, length = 2
main, RECV SSLv3 ALERT: fatal, bad_record_mac
main, called closeSocket()
main, handling exception: javax.net.ssl.SSLException: Received fatal alert: bad_record_mac
finished Wed Feb 18 18:04:38 PST 2004 good[1] bad[1]
javax.net.ssl.SSLException: Received fatal alert: bad_record_mac
Exception in thread "main" javax.net.ssl.SSLException: Received fatal alert: bad_record_mac
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:166)
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:117)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1542)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:863)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1025)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:619)
at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:59)
at java.io.OutputStream.write(OutputStream.java:58)
at SockCli.sendStream(SockCli.java:72)
at SockCli.main(SockCli.java:28)
###@###.### 2004-02-19
- backported by
-
JDK-2110297 Complete renegotiations of SSLv3 using strict rsaPreMasterSecretFix fail.
-
- Resolved
-
-
-
- Resolved
-