On Wed, 10 Aug 2022 15:40:26 GMT, Xue-Lei Andrew Fan <xue...@openjdk.org> wrote:
> Could it be a TLS implementation problem that the server should not read > application data as handshaking data? Not really; `SSLEngine#unwrap` does not have to consume the entire ByteBuffer, and it's the application's responsibility to preserve unconsumed data for subsequent `unwrap` calls in case of buffer underflow/overflow. There are 2 problems with the existing implementation: - `unwrap` in `handshaking` can consume (and discard) application data because `peerAppData` has nonzero size (does not happen in practice) - `handshaking` can lose unconsumed `peerNetData` Both are fixed here. ------------- PR: https://git.openjdk.org/jdk/pull/9773
