Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

8277881: Missing SessionID in TLS1.3 resumption in compatibility mode #807

Closed
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
16 changes: 8 additions & 8 deletions src/java.base/share/classes/sun/security/ssl/ClientHello.java
Expand Up @@ -568,15 +568,15 @@ public byte[] produce(ConnectionContext context) throws IOException {
"No new session is allowed and " +
"no existing session can be resumed");
}

if (chc.maximumActiveProtocol.useTLS13PlusSpec() &&
SSLConfiguration.useCompatibilityMode) {
// In compatibility mode, the TLS 1.3 legacy_session_id
// field MUST be non-empty, so a client not offering a
// pre-TLS 1.3 session MUST generate a new 32-byte value.
sessionId =
}
if (sessionId.length() == 0 &&
chc.maximumActiveProtocol.useTLS13PlusSpec() &&
SSLConfiguration.useCompatibilityMode) {
// In compatibility mode, the TLS 1.3 legacy_session_id
// field MUST be non-empty, so a client not offering a
// pre-TLS 1.3 session MUST generate a new 32-byte value.
sessionId =
new SessionId(true, chc.sslContext.getSecureRandom());
}
}

ProtocolVersion minimumVersion = ProtocolVersion.NONE;
Expand Down
Expand Up @@ -97,7 +97,7 @@ final class SSLConfiguration implements Cloneable {
static final boolean allowLegacyMasterSecret =
Utilities.getBooleanProperty("jdk.tls.allowLegacyMasterSecret", true);

// Allow full handshake without Extended Master Secret extension.
// Use TLS1.3 middlebox compatibility mode.
static final boolean useCompatibilityMode = Utilities.getBooleanProperty(
"jdk.tls.client.useCompatibilityMode", true);

Expand Down
7 changes: 5 additions & 2 deletions test/jdk/javax/net/ssl/SSLSession/ResumeTLS13withSNI.java
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2018, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
Expand All @@ -26,7 +26,7 @@

/*
* @test
* @bug 8211806
* @bug 8211806 8277881
* @summary TLS 1.3 handshake server name indication is missing on a session resume
* @run main/othervm ResumeTLS13withSNI
*/
Expand Down Expand Up @@ -338,6 +338,9 @@ private static void checkResumedClientHelloSNI(ByteBuffer resCliHello)

// Get the legacy session length and skip that many bytes
int sessIdLen = Byte.toUnsignedInt(resCliHello.get());
if (sessIdLen == 0) {
throw new Exception("SessionID field empty");
}
resCliHello.position(resCliHello.position() + sessIdLen);

// Skip over all the cipher suites
Expand Down