code review request: 7081817, java/classes_secu, test/sun/security/provider/certpath/X509CertPath/IllegalCertiticates.java failing
Alan Bateman
Alan.Bateman at oracle.com
Mon Aug 22 11:31:05 UTC 2011
Xuelei Fan wrote:
> Simple fix, no webrev.
>
> % hg diff src/share/classes/sun/security/provider/certpath/X509CertPath.java
> --- a/src/share/classes/sun/security/provider/certpath/X509CertPath.java
> +++ b/src/share/classes/sun/security/provider/certpath/X509CertPath.java
> @@ -105,7 +105,13 @@
> super("X.509");
>
> // Ensure that the List contains only X509Certificates
> - for (Certificate obj : certs) {
> + //
> + // Note; The certs parameter is not necessarily to be of Certificate
> + // for some old code. For compatibility, to make sure the exception
> + // is CertificateException, rather than ClassCastException, please
> + // don't use
> + // for (Certificate obj : certs)
> + for (Object obj : certs)
> if (obj instanceof X509Certificate == false) {
> throw new CertificateException
> ("List is not all X509Certificates: "
>
>
The fix looks okay to me. I'm not sure that the note is really needed as
it's clear from the code (and the javadoc) that CertificateException is
what is intended for this case.
-Alan.
More information about the security-dev
mailing list