code review request: 7081817, java/classes_secu, test/sun/security/provider/certpath/X509CertPath/IllegalCertiticates.java failing

Weijun Wang weijun.wang at oracle.com
Mon Aug 22 11:38:02 UTC 2011



On 08/22/2011 07:31 PM, Alan Bateman wrote:
> Xuelei Fan wrote:
>> Simple fix, no webrev.
>>
>> % hg diff
>> src/share/classes/sun/security/provider/certpath/X509CertPath.java
>> --- a/src/share/classes/sun/security/provider/certpath/X509CertPath.java
>> +++ b/src/share/classes/sun/security/provider/certpath/X509CertPath.java
>> @@ -105,7 +105,13 @@
>> super("X.509");
>>
>> // Ensure that the List contains only X509Certificates
>> - for (Certificate obj : certs) {
>> + //
>> + // Note; The certs parameter is not necessarily to be of Certificate
>> + // for some old code. For compatibility, to make sure the exception
>> + // is CertificateException, rather than ClassCastException, please
>> + // don't use
>> + // for (Certificate obj : certs)
>> + for (Object obj : certs)

for (Object obj : certs) {
                          ^

>> if (obj instanceof X509Certificate == false) {
>> throw new CertificateException
>> ("List is not all X509Certificates: "
>>
> The fix looks okay to me. I'm not sure that the note is really needed as
> it's clear from the code (and the javadoc) that CertificateException is
> what is intended for this case.

The note is needed, otherwise it won't be changed last time.

Thanks
Max

>
> -Alan.



More information about the security-dev mailing list