> Hello All, > > Could you please review the fix for the JDK-8241248? > The issue happens during the TLSv1.3 handshake without server stateless > session resumption in case of server receives several parallel requests with > the same pre_shared_key. > The main idea of the fix is to remove resuming session from the session cache > in the early stage. > > JBS: https://bugs.openjdk.java.net/browse/JDK-8241248 > Webrev 8u: http://cr.openjdk.java.net/~abakhtin/8241248/webrev.v0/ > > The test from the bug report using OpenSSL is passed ( > -Djdk.tls.server.enableSessionTicketExtension=false ) > javax/net/ssl and sun/security/ssl jtreg tests passed > > Regards > Alexey
Alexey Bakhtin has updated the pull request incrementally with one additional commit since the last revision: Use ReentrantLock for session cache synchronization ------------- Changes: - all: https://git.openjdk.java.net/jdk/pull/3664/files - new: https://git.openjdk.java.net/jdk/pull/3664/files/c3afeb18..aac8eee7 Webrevs: - full: https://webrevs.openjdk.java.net/?repo=jdk&pr=3664&range=01 - incr: https://webrevs.openjdk.java.net/?repo=jdk&pr=3664&range=00-01 Stats: 230 lines in 3 files changed: 125 ins; 96 del; 9 mod Patch: https://git.openjdk.java.net/jdk/pull/3664.diff Fetch: git fetch https://git.openjdk.java.net/jdk pull/3664/head:pull/3664 PR: https://git.openjdk.java.net/jdk/pull/3664
