Re: NPE in SupportedGroupsExtension

Wed, 12 Sep 2018 18:19:00 -0700 

Thomas,

>> i found another bug with firefox nigthly "64.0a1 (2018-09-08)
>> (64-bit)" and "OpenJDK Runtime Environment 18.9 (build 11+28)".
Max/I are running a slightly later builds, 64.0a1 (2018-09-10) and (2018-09-12) respectively, and we're now seeing the psk_key_exchange_modes extension.
Can you confirm if you're seeing this (or not) with a more recent build of FF 64.0a1? 

    "psk_key_exchange_modes (45)": {
      "ke_modes": [psk_dhe_ke]
    }

Thanks much,

Brad




On 9/9/2018 9:11 PM, Jamil Nimeh wrote:

Hi Thomas,
This is a known issue captured in JDK-8210334 and the fix for it was committed to JDK 12 a few days ago.  Looks like the backport of the fix is planned for 11.0.2.  The backport ID is JDK-8210445 in case you're interested. 

--Jamil

On 9/9/2018 2:44 PM, Thomas Lußnig wrote:

Hi,
i found another bug with firefox nigthly "64.0a1 (2018-09-08) (64-bit)" and "OpenJDK Runtime Environment 18.9 (build 11+28)". It is not possible to establish an connection. The exception i receive is "pre_shared_key key extension is offered without a psk_key_exchange_modes extension". If there is an PSK without an matching extension this should not kill the connection i think. Nearly all other server accept this. 

Gruß Thomas Lußnig
javax.net.ssl.SSLHandshakeException: pre_shared_key key extension is offered without a psk_key_exchange_modes extension
    at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:128)     at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117)     at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:308)     at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:264)     at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:255)     at java.base/sun.security.ssl.PskKeyExchangeModesExtension$PskKeyExchangeModesOnTradeAbsence.absent(PskKeyExchangeModesExtension.java:327)     at java.base/sun.security.ssl.SSLExtension.absentOnTrade(SSLExtension.java:572)     at java.base/sun.security.ssl.SSLExtensions.consumeOnTrade(SSLExtensions.java:180)     at java.base/sun.security.ssl.ServerHello$T13ServerHelloProducer.produce(ServerHello.java:522)     at java.base/sun.security.ssl.SSLHandshake.produce(SSLHandshake.java:436)     at java.base/sun.security.ssl.ClientHello$T13ClientHelloConsumer.goServerHello(ClientHello.java:1189)     at java.base/sun.security.ssl.ClientHello$T13ClientHelloConsumer.consume(ClientHello.java:1125)     at java.base/sun.security.ssl.ClientHello$ClientHelloConsumer.onClientHello(ClientHello.java:831)     at java.base/sun.security.ssl.ClientHello$ClientHelloConsumer.consume(ClientHello.java:792)     at java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:392)     at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:444)     at java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:1065)     at java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:1052)     at java.base/java.security.AccessController.doPrivileged(Native Method)     at java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask.run(SSLEngineImpl.java:999)

Reply via email to