RFR CSR for 8200400 Restrict Sasl mechanisms
Weijun Wang
weijun.wang at oracle.com
Thu Apr 18 02:19:38 UTC 2019
Pinga again for JDK 13.
> On Nov 27, 2018, at 10:27 AM, Weijun Wang <weijun.wang at oracle.com> wrote:
>
> Please review the CSR at
>
> https://bugs.openjdk.java.net/browse/JDK-8214331
>
> One concern:
>
> When a disabled mechanism is requested, Sasl.createClient and Sasl.createServer might silently return null and if a user has already taken for granted that a client should be returned an NPE will thrown somewhere. This is not quite friendly.
>
> Thanks
> Max
More information about the security-dev
mailing list