Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8253368 TLS connection always receives close_notify exception
  3. JDK-8306089

Release Note: Behavior changes for SSLSocket input stream shut down

XMLWordPrintable

      The SunJSSE close notification checks for `SSLSocket` have been made less strict to conform to changes in the Transport Layer Security (TLS) RFCs.

      If an application tries to close the input stream of an `SSLSocket` (via `shutdownInput()` method) without having received a close notification message from its peer, the `SSLSocket` will no longer:

      1. trigger the transmission of a TLS fatal-level alert to the peer, and
      2. invalidate the current TLS session.

      The new behavior will still consider this condition an error and will throw a local `javax.net.ssl.SSLException`. A fatal-level alert will no longer be sent to the peer, and the underlying session will remain valid.

      In addition, the internal transport context for the `SSLSocket` will also now be closed. Previously, this step didn't occur if a fatal message was generated.

            coffeys Sean Coffey
            coffeys Sean Coffey
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: