[jdk11u-dev] RFR: 8296343: CPVE thrown on missing content-length in OCSP response
Alexey Pavlyutkin
duke at openjdk.org
Tue Oct 3 08:41:21 UTC 2023
On Wed, 31 May 2023 16:56:07 GMT, Alexey Pavlyutkin <duke at openjdk.org> wrote:
> Hi!
>
> Here is backport of [JDK-8296343](https://bugs.openjdk.org/browse/JDK-8296343). The patch fixes CertPathValidatorException taking place if OCSP response does not contain ContentLength field.
>
> Original patch is applied cleanly except a conflict in Copyright record in `src/java.base/share/classes/sun/security/provider/certpath/OCSP.java`
>
> Verification (amd64/20.04): newly added `test/jdk/sun/security/provider/certpath/OCSP/OCSPNoContentLength.java` FAILS, to be fixed by backporting of [JDK-8300939](https://bugs.openjdk.org/browse/JDK-8300939) (see https://github.com/openjdk/jdk11u-dev/pull/1921)
> Regression (amd64/20.04): `jdk_security`
no blocker anymore
-------------
PR Comment: https://git.openjdk.org/jdk11u-dev/pull/1920#issuecomment-1744472436
More information about the jdk-updates-dev
mailing list