[7u] Request for approval for CR 8012082: SASL: auth-conf negotiated, but unencrypted data is accepted, reset to unencrypt
weijun.wang at oracle.com
Tue May 7 23:24:04 PDT 2013
This is a request to backport a jdk8 fix into jdk7u-dev.
8012082: SASL: auth-conf negotiated, but unencrypted data is accepted,
reset to unencrypt
The qop (quality of protection) value is shared between wrap and unwrap,
so the protection level of an incoming message will be used as the one
of an outgoing message. The result is something like "if you don't care
neither do I", but actually it should be "I care no matter what you do".
The fix is already included in jdk8 as:
The patch for jdk7u-dev is identical to the one in jdk8.
The fix is low-risk, and isolated. new regression test added. Existing
tests also run fine.
More information about the jdk7u-dev