SSLLogger.java (was Re: Code Review Request: TLS 1.3 Implementation)
Weijun Wang
weijun.wang at oracle.com
Thu Jun 7 03:24:40 UTC 2018
I think I understand. So if a user sets it to empty, they will also need to create a customized logger/formatter like SSLLogger that is able to output a parameter without a placeholder in msg.
--Max
> On Jun 7, 2018, at 9:51 AM, Xuelei Fan <xuelei.fan at oracle.com> wrote:
>
> In this implementation, the SunJSSE logging is updated to (the class comment lines):
>
> /**
> * Implementation of SSL logger.
> *
> * If the system property "javax.net.debug" is not defined, the debug logging
> * is turned off. If the system property "javax.net.debug" is defined as
> * empty, the debug logger is specified by System.getLogger("javax.net.ssl"),
> * and applications can customize and configure the logger or use external
> * logging mechanisms. If the system property "javax.net.debug" is defined
> * and non-empty, a private debug logger implemented in this class is used.
> */
>
> On 6/6/2018 6:37 PM, Weijun Wang wrote:
>> But will any application use the logger named "javax.net.debug"? I think that's only for JSSE.
> If using System Logger, the "javax.net.debug" system property will be used to turn on/off the logger (define with empty or not defined).
>
> Xuelei
>
>>> On Jun 7, 2018, at 9:35 AM, Xuelei Fan<xuelei.fan at oracle.com> wrote:
>>>
>>> I see your concerns now. Currently, we don't fine the format if using System logger. Applications can define the format and output style for themselves if needed. That's also the purpose why we introduce the System Logger in the provider.
More information about the security-dev
mailing list