RFR: 8042982: Unexpected RuntimeExceptions being thrown by SSLEngine
Bradford Wetmore
bradford.wetmore at oracle.com
Fri Aug 1 18:55:56 UTC 2014
BTW, if you feel like it in any backports, the casts to
SSLHandshakeException weren't needed.
Brad
On 8/1/2014 11:46 AM, Rob McKenna wrote:
> Thanks Brad, patch updated, built & tested.
>
> -Rob
>
> On 01/08/14 01:39, Bradford Wetmore wrote:
>> Rob,
>>
>> Looks ok to me too. There are probably other places with RTE's we
>> could fix, but this will solve the immediate problem.
>>
>> Two comments to consider:
>>
>> 1. Use a Multi-catch exception. JDK7+.
>>
>> 2. DHCrypt throws IOException. ECDHCrypt throws SSLException (which
>> is an IOException). Since DHCrypt/ECDHCrypt are essentially the same
>> kind of class, maybe update DHCrypt to throw the same?
>>
>> Brad
>>
>>
>> On 7/25/2014 5:52 PM, Xuelei Fan wrote:
>>> Looks fine to me.
>>>
>>> Thanks,
>>> Xuelei
>>>
>>> On 7/22/2014 9:37 PM, Rob McKenna wrote:
>>>> Hi folks,
>>>>
>>>> A simple change to use SSLHandshakeException instead of
>>>> RuntimeException
>>>> in getAgreedSecret in DHCrypt and ECDHCrypt. This will prevent these
>>>> RuntimeExceptions from propagating to the application and allow
>>>> application programmers to handle them as SSLHandshakeExceptions.
>>>>
>>>> http://cr.openjdk.java.net/~robm/8042982/webrev.01/
>>>>
>>>> -Rob
>>>>
>>>
>
More information about the security-dev
mailing list