Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8207009

TLS 1.3 half-close and synchronization issues

    Details

      Backports

        Description

        TLS 1.3 issues:
        1. Existing specification of SSLEngine#closeInbound states the following

        Throws:
            SSLException - if this engine has not received the proper SSL/TLS/DTLS close notification message from the peer.

        However, starting from JDKb20 this exception is not thrown because of half-close policy implementation requirement for TLSv1.3

        Also TLS 1.2 and prior versions in JDK are updated to use the half-close policy as well.

        2. Does not support half-close in the current TLS 1.3 implementation.

        3. Deadlock issues in the current TLS 1.3 implementation if read, write and handshake use different threads.

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  xuelei Xue-Lei Fan
                  Reporter:
                  bnallakaluva Bharath Nallakaluva (Inactive)
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  5 Start watching this issue

                  Dates

                  • Due:
                    Created:
                    Updated:
                    Resolved: