RFR CSR for 8200400 Restrict Sasl mechanisms

Weijun Wang weijun.wang at oracle.com
Thu Apr 18 02:19:38 UTC 2019


Pinga again for JDK 13.

> On Nov 27, 2018, at 10:27 AM, Weijun Wang <weijun.wang at oracle.com> wrote:
> 
> Please review the CSR at
> 
>   https://bugs.openjdk.java.net/browse/JDK-8214331
> 
> One concern:
> 
> When a disabled mechanism is requested, Sasl.createClient and Sasl.createServer might silently return null and if a user has already taken for granted that a client should be returned an NPE will thrown somewhere. This is not quite friendly.
> 
> Thanks
> Max




More information about the security-dev mailing list