On Thu, 17 Oct 2024 17:17:40 GMT, Xue-Lei Andrew Fan <xue...@openjdk.org> wrote:

> > > Does it happen in server side (server send plaintext) as well? I found 
> > > some cases that the client decryption failed.
> > 
> > 
> > Current reports indicate it happens on the server side only (server throws 
> > the exception). Please share any cases when it happens on the client side. 
> > This PR has a check to handle this scenario on the server side only.
> 
> Here is a stack trace:
> 
> ```
> javax.net.ssl.SSLHandshakeException: Insufficient buffer remaining for AEAD 
> cipher fragment (2). Needs to be more than tag size (16)
> at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:131)
> at 
> java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:378)
> at 
> java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:321)
> at 
> java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:316)
> at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:134)
> at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1510)
> at 
> java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1425)
> at 
> java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:455)
> at 
> java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:426)
> at 
> java.base/sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:576)
> at 
> java.base/sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:187)
> at 
> java.base/sun.net.www.protocol.http.HttpURLConnection.getOutputStream0(HttpURLConnection.java:1458)
> at 
> java.base/sun.net.www.protocol.http.HttpURLConnection$8.run(HttpURLConnection.java:1421)
> at 
> java.base/sun.net.www.protocol.http.HttpURLConnection$8.run(HttpURLConnection.java:1419)
> at 
> java.base/java.security.AccessController.doPrivileged(AccessController.java:712)
> at 
> java.base/java.security.AccessController.doPrivilegedWithCombiner(AccessController.java:962)
> at 
> java.base/sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1418)
> at 
> java.base/sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:220)
> ```

Please consider this case for the exception message.  Otherwise, a follow up 
update may be required to re-word it.

-------------

PR Comment: https://git.openjdk.org/jdk/pull/21043#issuecomment-2434471874

Reply via email to