Details
-
Bug
-
Resolution: Fixed
-
P4
-
8, 11, 17, 21, 22
-
b08
-
generic
-
generic
Description
ADDITIONAL SYSTEM INFORMATION :
All JDK's and OS types
A DESCRIPTION OF THE PROBLEM :
The SSLExtension class, which is part of the security libs contains the wrong value for heartbeat per RFC 6520. Its specifies 14 when it should be 15; while its set to 14, this value conflicts with use_srtp which is correctly set as 14.
References:
* https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml
* https://www.rfc-editor.org/rfc/rfc6520.html
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
Check the class SSLExtension, notice the value of heartbeat duplicates use_srtp as 14 vs 15 as it should be.
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
heartbeat == 15
ACTUAL -
heartbeat == 14
CUSTOMER SUBMITTED WORKAROUND :
No workaround
FREQUENCY : always
All JDK's and OS types
A DESCRIPTION OF THE PROBLEM :
The SSLExtension class, which is part of the security libs contains the wrong value for heartbeat per RFC 6520. Its specifies 14 when it should be 15; while its set to 14, this value conflicts with use_srtp which is correctly set as 14.
References:
* https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml
* https://www.rfc-editor.org/rfc/rfc6520.html
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
Check the class SSLExtension, notice the value of heartbeat duplicates use_srtp as 14 vs 15 as it should be.
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
heartbeat == 15
ACTUAL -
heartbeat == 14
CUSTOMER SUBMITTED WORKAROUND :
No workaround
FREQUENCY : always
Attachments
Issue Links
- links to
-
Commit(master)
openjdk/jdk/fd741a88
-
Review(master)
openjdk/jdk/20261