On Wed, 18 Aug 2021 19:03:10 GMT, djelinski <github.com+30433125+djelin...@openjdk.org> wrote:
>> Corner case where a session resumption can fail if the TLS server changes >> supported protocol versions in relation to a cached SSLSession. This is >> primarily an issue where the legacy TLS version is used in place of the >> newer "supported_versions" TLS extension. > > Also fixes resumption when server is a Java application run with > `-Djdk.tls.allowLegacyResumption=false`, client is a Java application with > `-Djdk.tls.useExtendedMasterSecret=false`, and TLSv1.2 is negotiated. > As a side note, it should be possible to merge > `HandshakeContext#handshakeSession` and `HandshakeContext#resumingSession` > into a single field now thanks for the comments @djelinski - per Dev advise, I've split this issue into 2 bugs. This issue will focus on altering the legacy maximum TLS protocol version field sent in the ClientHello. Patch just updated. A follow on fix will focus on the session invalidation issue (JDK-8272653) ------------- PR: https://git.openjdk.java.net/jdk/pull/5110