[jdk17u-dev] RFR: 8296343: CPVE thrown on missing content-length in OCSP response
Alexey Pavlyutkin
duke at openjdk.org
Thu May 18 16:07:27 UTC 2023
Hi!
Here is backport of [JDK-8296343](https://bugs.openjdk.org/browse/JDK-8296343). The patch fixes CertPathValidatorException taking place if OCSP response does not contain `ContentLength` field.
Original patch is applied cleanly.
Verification/regression (amd64/20.04 LTS): `jdk_security` including newly added `test/jdk/sun/security/provider/certpath/OCSP/OCSPNoContentLength.java`
-------------
Commit messages:
- Backport 1a3cb8c5018bc016c2ad6b078e4abe13b39d151c
Changes: https://git.openjdk.org/jdk17u-dev/pull/1361/files
Webrev: https://webrevs.openjdk.org/?repo=jdk17u-dev&pr=1361&range=00
Issue: https://bugs.openjdk.org/browse/JDK-8296343
Stats: 399 lines in 9 files changed: 283 ins; 37 del; 79 mod
Patch: https://git.openjdk.org/jdk17u-dev/pull/1361.diff
Fetch: git fetch https://git.openjdk.org/jdk17u-dev.git pull/1361/head:pull/1361
PR: https://git.openjdk.org/jdk17u-dev/pull/1361
More information about the jdk-updates-dev
mailing list