Well if there were a bug it's with NativePRNG as the operation is
suppose to be non-blocking. Even so, /dev/urandom is nonblocking. The
only reason this looks to have been detected by the tool is because it's
a blocking read op. This all seems like an extremely unlikely
situation. I don't see this as something SSLEngine should be
compensating for.
Tony
On 8/7/20 9:16 AM, Norman Maurer wrote:
I think the possibility that it may block should be enough to signal and so
offload to a task.
If it never blocks then it’s not a bug... that’s why I asked the question in
the first place .
Bye
Norman
Am 07.08.2020 um 18:13 schrieb Alan Bateman <alan.bate...@oracle.com>:
On 07/08/2020 16:00, Xuelei Fan wrote:
Hm, it's an interesting bug. I filed the issue on the Java Bug System.
https://bugs.openjdk.java.net/browse/JDK-8251304
It is a bug that a new random cookie is needed or it has from read from
/dev/urandom? I don't think the stack trace is enough to know if read is really
blocked.
-Alan
