Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

TLSv1.3 client handshake stall #791

Closed
jfallows opened this issue Feb 9, 2024 · 0 comments · Fixed by #790
Closed

TLSv1.3 client handshake stall #791

jfallows opened this issue Feb 9, 2024 · 0 comments · Fixed by #790
Assignees
@jfallows
Labels
bug Something isn't working

Comments

@jfallows
Copy link
Contributor

jfallows commented Feb 9, 2024
edited
Loading

Describe the bug
When tls``client binding is configured to use TLSv1.3 (default) and remote TLS endpoint also supports TLSv1.3 then the TLS handshake can stall.

To Reproduce
Configure zilla.yaml to use tls client binding with TLSv1.3 and attempt to complete TLS handshake.

Expected behavior
TLSv1.3 handshake should complete successfully.

Additional context
As a workaround, explicitly configuring the tls client binding version to use TLSv1.2 prevents the stall.

SSLEngine handshake status immediately after the handshake can be NOT_HANDSHAKING rather than FINISHED with TLSv1.3

See https://bugs.openjdk.org/browse/JDK-8240871 for details.
@jfallows jfallows added the bug Something isn't working label Feb 9, 2024
@jfallows jfallows self-assigned this Feb 9, 2024
@jfallows jfallows mentioned this issue Feb 9, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jfallows jfallows

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Support TLSv1.3 handshake completion jfallows/zilla
1 participant
@jfallows