On Thu, 17 Oct 2024 18:51:57 GMT, Xue-Lei Andrew Fan <xue...@openjdk.org> wrote:
>> Artur Barashev has updated the pull request incrementally with one
>> additional commit since the last revision:
>>
>> Adjust line length
>
> src/java.base/share/classes/sun/security/ssl/SSLTransport.java line 150:
>
>> 148: int contentLen = Record.getInt16(currentFlight);
>> // pos: 3, 4
>> 149:
>> 150: if (contentLen == 2 &&
>> ContentType.ALERT.equals(ContentType.valueOf(contentType))) {
>
> The timeout case could happen during rekeying as well. For rekeying, the
> content might be encrypted with previous keys and cannot decrypted with the
> current keys. As may void the condition "contentLen == 2".
KEY UPDATE happens after handshake, so `!context.isNegotiated` check above
won't pass.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/21043#discussion_r1805341907
