-
Type:
Enhancement
-
Status: Resolved
-
Priority:
P3
-
Resolution: Fixed
-
Affects Version/s: 11, 12, 13, 14
-
Fix Version/s: 14
-
Component/s: security-libs
-
Labels:
-
Subcomponent:
-
Introduced In Version:
-
Resolved In Build:b11
In the SSLSocketInputRecord.decodeInputRecord() implementation:
// skip the first byte: handshake type
byte handshakeType = handshakeFrag.get();
The handshake type was not checked until the handshake message get fully parsed. It's nice to check that the handshake type is known here and fail fast.
Similar to SSLEngineInputRecord.decodeInputRecord() and DTLSInputRecord.parseHandshakeMessage().
// skip the first byte: handshake type
byte handshakeType = handshakeFrag.get();
The handshake type was not checked until the handshake message get fully parsed. It's nice to check that the handshake type is known here and fail fast.
Similar to SSLEngineInputRecord.decodeInputRecord() and DTLSInputRecord.parseHandshakeMessage().