-
Enhancement
-
Resolution: Fixed
-
P3
-
9
-
b74
| Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
|---|---|---|---|---|---|---|
| JDK-8136114 | emb-9 | Xuelei Fan | P3 | Resolved | Fixed | team |
We may want to consider the spec update request by Redhat in OpenJDK:
Subject: New status code in SSLEngineResult.HandshakeStatus
Date: Wed, 01 Jul 2015 11:45:52 -0500
From: David M. Lloyd <david.lloyd@redhat.com>
To: security-dev@openjdk.java.net, Xuelei Fan <xuelei.fan@oracle.com>
It has caused some consternation among certain of our engineers that
there is a new possible status code in SSLEngineResult.HandshakeStatus.
If a new status were generally added, it would cause subtle or not so
subtle breakage amount current SSLEngine consumers.
I request that it be made more clear in the documentation that the new
status code applies only to DTLS; something like this:
diff --git
a/src/java.base/share/classes/javax/net/ssl/SSLEngineResult.java
b/src/java.base/share/classes/javax/net/ssl/SSLEngineResult.java
index e2865e6..5473188 100644
--- a/src/java.base/share/classes/javax/net/ssl/SSLEngineResult.java
+++ b/src/java.base/share/classes/javax/net/ssl/SSLEngineResult.java
@@ -156,6 +156,9 @@ public class SSLEngineResult {
* This value is used to indicate that not-yet-interpreted data
* has been previously received from the remote side, and does
* not need to be received again.
+ * <P>
+ * This result code is only used by DTLS and is not a possible
+ * result for stream-oriented TLS.
*
* @since 1.9
*/
Thanks.
--
- DML
Subject: New status code in SSLEngineResult.HandshakeStatus
Date: Wed, 01 Jul 2015 11:45:52 -0500
From: David M. Lloyd <david.lloyd@redhat.com>
To: security-dev@openjdk.java.net, Xuelei Fan <xuelei.fan@oracle.com>
It has caused some consternation among certain of our engineers that
there is a new possible status code in SSLEngineResult.HandshakeStatus.
If a new status were generally added, it would cause subtle or not so
subtle breakage amount current SSLEngine consumers.
I request that it be made more clear in the documentation that the new
status code applies only to DTLS; something like this:
diff --git
a/src/java.base/share/classes/javax/net/ssl/SSLEngineResult.java
b/src/java.base/share/classes/javax/net/ssl/SSLEngineResult.java
index e2865e6..5473188 100644
--- a/src/java.base/share/classes/javax/net/ssl/SSLEngineResult.java
+++ b/src/java.base/share/classes/javax/net/ssl/SSLEngineResult.java
@@ -156,6 +156,9 @@ public class SSLEngineResult {
* This value is used to indicate that not-yet-interpreted data
* has been previously received from the remote side, and does
* not need to be received again.
+ * <P>
+ * This result code is only used by DTLS and is not a possible
+ * result for stream-oriented TLS.
*
* @since 1.9
*/
Thanks.
--
- DML
- backported by
-
JDK-8136114 HandshakeStatus.NEED_UNWRAP_AGAIN applies only to DTLS
-
- Resolved
-