TKSS-739: Backport JDK-8326643: JDK server does not send a dummy chan…

…ge_cipher_spec record after HelloRetryRequest message
Tencent · Mar 22, 2024 · 2ec1a5a · 2ec1a5a
1 parent ceee95b
commit 2ec1a5a
Showing 1 changed file with 10 additions and 1 deletion.
diff --git a/kona-ssl/src/main/java/com/tencent/kona/sun/security/ssl/ServerHello.java b/kona-ssl/src/main/java/com/tencent/kona/sun/security/ssl/ServerHello.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2015, 2022, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2015, 2024, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -803,6 +803,15 @@ public byte[] produce(ConnectionContext context,
             hhrm.write(shc.handshakeOutput);
             shc.handshakeOutput.flush();
 
+            // In TLS1.3 middlebox compatibility mode the server sends a
+            // dummy change_cipher_spec record immediately after its
+            // first handshake message. This may either be after
+            // a ServerHello or a HelloRetryRequest.
+            // (RFC 8446, Appendix D.4)
+            shc.conContext.outputRecord.changeWriteCiphers(
+                SSLWriteCipher.nullTlsWriteCipher(),
+                    (clientHello.sessionId.length() != 0));
+
             // Stateless, shall we clean up the handshake context as well?
             shc.handshakeHash.finish();     // forgot about the handshake hash
             shc.handshakeExtensions.clear();