RFR: 8348986: Improve coverage of enhanced exception messages [v8]

Alan Bateman alanb at openjdk.org
Mon Apr 28 14:57:49 UTC 2025 

On Fri, 25 Apr 2025 14:26:43 GMT, Michael McMahon <michaelm at openjdk.org> wrote:

>> Hi,
>> 
>> Enhanced exception messages are designed to hide sensitive information such as hostnames, IP 
>> addresses from exception message strings, unless the enhanced mode for the specific category 
>> has been explicitly enabled. Enhanced exceptions were first introduced in 8204233 in JDK 11 and 
>> updated in 8207846.
>> 
>> This PR aims to increase the coverage of enhanced exception messages in the networking code.
>> A limited number of exceptions are already hidden (restricted) by default. The new categories and 
>> exceptions in this PR will be restricted on an opt-in basis, ie. the default mode will be enhanced
>> (while preserving the existing behavior).
>> 
>> The mechanism is controlled by the security/system property "jdk.includeInExceptions" which takes as value
>> a comma separated list of category names, which identify groups of exceptions where the exception
>> message may be enhanced. Any category not listed is "restricted" which means that potentially
>> sensitive information (such as hostnames, IP addresses, user identities) are excluded from the message text.
>> 
>> The changes to the java.security conf file describe the exact changes in terms of the categories now
>> supported and any changes in behavior.
>> 
>> Thanks,
>> Michael
>
> Michael McMahon has updated the pull request with a new target base due to a merge or a rebase. The pull request now contains 22 commits:
> 
>  - Merge branch 'master' into 8348986-exceptions
>  - Review update
>  - review update
>  - Merge branch 'master' into 8348986-exceptions
>  - update to minimise code changes
>  - Merge branch 'master' into 8348986-exceptions
>  - Merge branch 'master' into 8348986-exceptions
>  - Apply suggestions from code review
>    
>    from turbanoff review
>    
>    Co-authored-by: Andrey Turbanov <turbanoff at gmail.com>
>  - doc + copyright update
>  - remove file added by mistake
>  - ... and 12 more: https://git.openjdk.org/jdk/compare/5c067232...9401d4c8

src/java.base/share/conf/security/java.security line 1311:

> 1309: #  hostInfo - Special value which signifies the three categories above combined
> 1310: #             (socket, addressLookup, net). This is provided for compatibility
> 1311: #             with previous releases.

Are you sure "socket", "addressLookup", and "net" categories are useful and needed? I would think someone configuring this is looking to keeping sensitive fields out of the exception messages without knowing exactly which APIs are used.

-------------

PR Review Comment: https://git.openjdk.org/jdk/pull/23929#discussion_r2063849188

More information about the net-dev mailing list