[8u] TLSv1.3 RFR: 8245472: Backport JDK-8038893 for TLSv1.3

Alexey Bakhtin alexey at azul.com
Thu Jun 4 19:30:19 UTC 2020


Hello Martin,

Thank you a lot for review
New webrev : http://cr.openjdk.java.net/~abakhtin/tls1.3/8245466/8245472/webrev.v2/

Regards
Alexey

> On 4 Jun 2020, at 21:27, Martin Balao <mbalao at redhat.com> wrote:
> 
> Hi Alexey,
> 
> Thanks for your feedback. We want 8038893 to be backported to JDK-8. I
> cannot comment more on the reasons at this time, though.
> 
> Comments on v1:
> 
> * java/net/SocketPermission.java
>  * My understanding is that we bump the copyright date to the one in
> the backported patch if newer than the one in the actual file.

Changed to 2017.

> 
> * sun/security/util/HostnameChecker.java
>  * Shouldn't "SSLLogger.isOn" be "SSLLogger.isOn && SSLLogger.isOn("ssl")"?

Yes, you are right. Fixed

>  * Things being logged do not look for a "fine" level to me, as they
> are errors on the certificate DNS name. In 8038893, these messages were
> sent to "System.err". What do you think?

In the original patch for JDK9 it is logged as debug.println
In the JDK11 it was changed to SSLLogger.fine()
So, I think we should keep it “fine”

> 
> Regards,
> Martin.-
> 



More information about the jdk8u-dev mailing list