Code Review Request, JDK-8207029 Unable to use custom SSLEngine with default TrustManagerFactory after updating to JDK 11 b21
Xuelei Fan
xuelei.fan at oracle.com
Thu Jul 12 13:33:22 UTC 2018
Hi Alan,
Yes, it is likely to introduce the issue again. We should consider a
regression test. I just filed a follow-up bug in the JBS:
https://bugs.openjdk.java.net/browse/JDK-8207174
Thanks,
Xuelei
On 7/11/2018 11:53 PM, Alan Bateman wrote:
> On 12/07/2018 05:47, Xuelei Fan wrote:
>> Hi,
>>
>> Please review the update:
>> http://cr.openjdk.java.net/~xuelei/8207029/webrev.00/
>>
>> It's an interesting user case of the TrustManagerFactory and
>> KeyManagerFactory. The KeyManager or TrustManager implementation may
>> be not implemented in the same provider as SSLSocket/SSLEngine.
>>
>> See also
>> http://mail.openjdk.java.net/pipermail/security-dev/2018-July/017536.html.
>>
> Xuelei - is there follow-up work to develop some tests that use custom
> KeyManager or TrustManager implementations that are in different
> providers to the SSLEngine. I realize not many will do that but it seems
> easy to break these type of scenarios if we don't have tests.
>
> -Alan.
More information about the security-dev
mailing list