[8] code review request: 8019259: Failover to CRL checking does not happen if wrong OCSP responder URL is set
Vincent Ryan
vincent.x.ryan at oracle.com
Tue Jul 2 18:49:36 UTC 2013
I see your point Sean. My motivation for wrapping the RuntimeException was to ensure
that the failover mechanism (from OCSP to CRLs) did not get interrupted. But this is a
case when the failover should be interrupted. I've filed a new bug to address the issue:
Bug: 8019627: RuntimeException gets obscured during OCSP cert revocation checking
Webrev: http://cr.openjdk.java.net/~vinnie/8019627/webrev.00/
It simply re-throws RuntimeExceptions.
On 2 Jul 2013, at 16:19, Sean Mullan wrote:
> On 07/01/2013 07:02 PM, Xuelei Fan wrote:
>> On 7/1/2013 8:56 PM, Vincent Ryan wrote:
>>> I think that wrapping a RuntimeException (in CPVE) is acceptable in this case
>>> because the goal is to activate the failover mechanism from OCSP to CRL.
>>>
>>> Do you want RuntimeException to be re-thrown?
>>>
>> No. It is acceptable to me to wrap the RuntimeException. It is not a
>> real runtime exception, but a wrong message. I prefer to use CPVE.
>
> Sorry I was on vacation yesterday and was unable to review this until now. I'm not sure I like the fix. Catching a runtime exception and rethrowing it as a checked exception is generally not a good idea. In this case you have a situation where someone has misconfigured the property to specify an OCSP responder. Hiding that exception and allowing the revocation check to fallback to CRLs is dubious, even if we still capture the exception in a log file. I think it should be thrown as is, so the user knows about the issue immediately and can fix the configuration. So, even though it is technically a change in behavior from JDK 7, I think the current behavior is more correct, and I doubt this would cause many compatibility issues since it is a configuration error that needs manual intervention to be properly fixed.
>
> Thanks,
> Sean
>
>>
>> Xuelei
>>
>>> On 29 Jun 2013, at 01:53, Xuelei Fan wrote:
>>>
>>>> Looks fine to me.
>>>>
>>>> Hmm, it is a case to learn that RuntimeException should be token care of
>>>> sometimes.
>>>>
>>>> Thanks,
>>>> Xuelei
>>>>
>>>> On 6/29/2013 2:41 AM, Vincent Ryan wrote:
>>>>> Hello,
>>>>>
>>>>> Please review the following JDK 8 fix:
>>>>>
>>>>> Bug: http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=8019259
>>>>> Webrev: http://cr.openjdk.java.net/~vinnie/8019259/webrev.00/
>>>>>
>>>>> It corrects a problem during X.509 certificate revocation checking where failover to using CRLs is not
>>>>> performed in the case when a malformed URL has been supplied as the URL of the OCSP responder.
>>>>> The fix ensures all exceptions during OCSP are caught and wrapped so that the failover mechanism
>>>>> does not get skipped.
>>>>>
>>>>> Thanks.
>>>>>
>>>>
>>>
>>
>
More information about the security-dev
mailing list