Request for review: 8144093: JEP 244/8051498 - TLS Application-Layer Protocol Negotiation Extension

Vincent Ryan vincent.x.ryan at oracle.com
Mon Nov 30 23:24:30 UTC 2015


Thanks for the review.

I’ve incorporated your comments and  Xuelei’s comments in a revised webrev:
  http://cr.openjdk.java.net/~vinnie/8144093/webrev.01/ <http://cr.openjdk.java.net/~vinnie/8144093/webrev.01/>


> On 30 Nov 2015, at 21:10, Sean Mullan <sean.mullan at oracle.com> wrote:
> 
> SSLParameters.java
> 
> 649         applicationProtocols = protocols.clone();
> 
> You should clone the parameters before checking if they are valid. Move this to line 642, and check the validity of the cloned array. Also, use a temporary variable for the clone, so as not to pollute the applicationProtocols field until you confirm the values are valid, and then assign it to applicationProtocols.
> 
> ExtensionType.java
> 
> 47             new ArrayList<ExtensionType>(15);
> 
> nit - you can use diamond operator above
> 
> --Sean
> 
> On 11/29/2015 07:08 PM, Vincent Ryan wrote:
>> Hello,
>> 
>> Following on from Brad’s recent email, here is the full webrev of the
>> API and the implementation classes for ALPN:
>> http://cr.openjdk.java.net/~vinnie/8144093/webrev.00/
>> 
>> In adds the implementation classes (sun/security/ssl) to the public API
>> classes (javax/net/ssl) which have already been agreed.
>> Some basic tests (test/javax/net/ssl) are also included.
>> 
>> Please send any code review comments by close-of-business on Tuesday 1
>> December.
>> Thanks.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20151130/ce77fce7/attachment.htm>


More information about the security-dev mailing list