[8u] RFR 8241248: NullPointerException in sun.security.ssl.HKDF.extract(HKDF.java:93)

Severin Gehwolf sgehwolf at redhat.com
Fri Apr 23 15:35:12 UTC 2021

Hi Alexey,

On Fri, 2021-04-23 at 14:54 +0000, Alexey Bakhtin wrote:
> Hello All,
> Could you please review fix for the JDK-8241248
> Issue happens during the TLSv1.3 handshake in case of server receives
> several parallel requests with the same pre_shared_key.
> The main idea of the fix is to remove resuming session from the
> session cache on the early stage.
> JBS: https://bugs.openjdk.java.net/browse/JDK-8241248
> Webrev: http://cr.openjdk.java.net/~abakhtin/8241248/webrev.v0/
> The test from the bug report using OpenSSL is passed
> javax/net/ssl and sun/security/ssl jtreg tests passed

As far as I can see this bug isn't fix in latest JDK head. It should
get fixed there first before we attempt to address it in OpenJDK 8.


More information about the jdk8u-dev mailing list