-
Type:
Enhancement
-
Resolution: Duplicate
-
Priority:
P3
-
Affects Version/s: None
-
Component/s: security-libs
-
None
During TLS connection, it is possible to throw an exception [1]:
javax.net.ssl.SSLHandshakeException: Insufficient buffer remaining for AEAD cipher fragment (2). Needs to be more than tag size (16)
The exception message shows Insufficient buffer, but it should never happen in practice for TLS connections. However, it happens a lot but the message itself does not show up enough information for trouble shooting.
The issue may happen if the connection get interrupted and there is a race condition in the peer and plaintext alert message sent to local. However, the local may expect a cipher-text instead.
It would be nice to improve the message for better debugging experiences.
[1]: https://github.com/opensearch-project/security/issues/3299
javax.net.ssl.SSLHandshakeException: Insufficient buffer remaining for AEAD cipher fragment (2). Needs to be more than tag size (16)
The exception message shows Insufficient buffer, but it should never happen in practice for TLS connections. However, it happens a lot but the message itself does not show up enough information for trouble shooting.
The issue may happen if the connection get interrupted and there is a race condition in the peer and plaintext alert message sent to local. However, the local may expect a cipher-text instead.
It would be nice to improve the message for better debugging experiences.
[1]: https://github.com/opensearch-project/security/issues/3299
- duplicates
-
-
- Resolved
-
- links to
-
Review(master)
openjdk/jdk/21529