Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8207009

TLS 1.3 half-close and synchronization issues

    XMLWordPrintable

Details

    Backports

      Description

        TLS 1.3 issues:
        1. Existing specification of SSLEngine#closeInbound states the following

        Throws:
            SSLException - if this engine has not received the proper SSL/TLS/DTLS close notification message from the peer.

        However, starting from JDKb20 this exception is not thrown because of half-close policy implementation requirement for TLSv1.3

        Also TLS 1.2 and prior versions in JDK are updated to use the half-close policy as well.

        2. Does not support half-close in the current TLS 1.3 implementation.

        3. Deadlock issues in the current TLS 1.3 implementation if read, write and handshake use different threads.

        Attachments

          Issue Links

            Activity

              People

                xuelei Xuelei Fan
                bnallakaluva Bharath Nallakaluva (Inactive)
                Votes:
                0 Vote for this issue
                Watchers:
                6 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved: