java.net.Socket should report the attempted address and port
Michael McMahon
michael.x.mcmahon at oracle.com
Mon Jun 18 12:15:29 UTC 2018
Hi all,
I agree with Sean's suggestion below that a multi-valued property
captures the generality in the name and the specific case implemented
here with the value "hostInfo". So, how about exactly as suggested:
property name - "jdk.net.includeInExceptions" with possible value limited to
"hostinfo" for now?
Michael
On 15/06/2018, 15:28, Sean Mullan wrote:
> Hi Michael,
>
> I agree with Alan and Peter that the name should more clearly identify
> the security implications of setting it.
>
> Alternatively, if you think you may build on this you might want to
> add support for a multi-valued property, like
> jdk.net.includeInExceptions=hostInfo,...
>
> --Sean
>
> On 6/14/18 1:41 PM, Michael McMahon wrote:
>> Hi Alan,
>>
>> Thanks for looking at it.
>>
>> On 14/06/2018, 18:10, Alan Bateman wrote:
>>> On 06/06/2018 08:45, Michael McMahon wrote:
>>>> Hi all,
>>>>
>>>> Finally to return to this topic. We have looked at a few different
>>>> approaches
>>>> and it seems the best way is to define a security property that can
>>>> be set
>>>> in the java.security configuration file, but which can be
>>>> overridden as a
>>>> system property. The current behavior will remain the default, but
>>>> setting
>>>> the property will add addressing information to exception texts.
>>>> The change applies to all TCP socket types in java.net and java.nio.
>>>> Webrev at:
>>>> http://cr.openjdk.java.net/~michaelm/8204233/webrev.1/index.html
>>> This looks quite good and the ability to use a system property to
>>> override the java.security file is useful for ad hoc enabling. The
>>> property name can probably be improved The jdk.net prefix looks
>>> right but jdk.net.enhanceExceptionText isn't very clear, esp. when
>>> used on the command line. It feels it should something like
>>> jdk.net.includeHostInfoInExceptions or something that makes it clear
>>> that it adds host information to socket exceptions.
>>>
>> That seems too specific to me. My feeling was that other exceptions
>> might be enhanced in the same way and would
>> hang off the same property name. If we use a name that is specific to
>> hostinfo, then we would need a new property
>> for other information types.
>>
>>> I see Jaikiran Pai spotted the close was accidentally removed from
>>> AbstractPlainSocketImpl so I assume you'll fix that.
>>>
>> Yes, that was fixed and the webrev updated in place.
>>
>>> Aside from AsynchronousCloseException, are there are other
>>> IOException classes that don't have the 1-arg String constructor.
>>> Just wondering if it would be better to special case that to not use
>>> SocketExceptions or alternative not rely on catching
>>> NoSuchMethodException.
>>>
>> The problem was I wrote it first checking types statically, and there
>> were a lot of different exception types,
>> which is ugly enough to begin with but I also overlooked those NIO
>> types completely.
>> It was just difficult to write a test that generated all the possible
>> exceptions. So, my concern was overlooking
>> any future change in that area. Or are you suggesting we just not
>> implement this for the async socket channels?
>>
>> Thanks,
>>
>> Michael
>>> -Alan
>>>
>>>
>>>
>>>
>>>
>>>
>>>
More information about the net-dev
mailing list