RFR: 8349910: Implement JEP 517: HTTP/3 for the HTTP Client API [v7]
Artur Barashev
abarashev at openjdk.org
Tue Jun 10 22:58:44 UTC 2025
On Tue, 22 Apr 2025 19:36:00 GMT, Artur Barashev <abarashev at openjdk.org> wrote:
>> Daniel Fuchs has updated the pull request with a new target base due to a merge or a rebase. The pull request now contains 499 commits:
>>
>> - merge latest changes from master branch
>> - http3: improve H3ConnectionPoolTest.java
>> - Fix snippet
>> - Improve key destruction
>> - merge latest changes from master branch
>> - http3: fix bug introduced by Http3ConnectionPool and improved debug logs
>> - http3: refactor HTTP/3 connection pool management in a separate class
>> - Ignore DestroyFailedExceptions
>> - Remove outdated TODO
>> - Remove outdated TODO
>> - ... and 489 more: https://git.openjdk.org/jdk/compare/65fda5c0...a5a0c7f8
>
> src/java.base/share/classes/sun/security/ssl/CertificateMessage.java line 1221:
>
>> 1219: tm.checkClientTrusted(
>> 1220: certs.clone(),
>> 1221: authType);
>
> This call doesn't check against `SSLAlgorithmConstraints` unlike 2 calls for `SSLSocket` and `SSLEngine` above.
What would be the reason it's not addressed like in `checkServerCerts` below?
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/24751#discussion_r2138892993
More information about the core-libs-dev
mailing list