RFR [14]: JDK-8235263, Aftermath of TLS 1.3 in Java 11 with wrapped IOExceptions
Sean Mullan
sean.mullan at oracle.com
Tue Dec 3 21:08:36 UTC 2019
Looks fine. The bug description is a bit dramatic though :) I would
change it to not mention the Java version (which is already in the
affectsVersion/Introduced in fields) and more descriptive of what is
being changed, ex: "Revert TLS 1.3 change that wrapped IOExceptions".
--Sean
On 12/3/19 3:15 PM, Xuelei Fan wrote:
> Hi,
>
> Could I get the following update reviewed?
> http://cr.openjdk.java.net/~xuelei/8235263/webrev.00/
>
>
> In the SunJSSE provider, IOExceptions in application output stream was
> updated to be wrapped into SSLException so as to close underlying
> connections automatically. However, there are compatibility impact
> reported [1].
>
> It is not a good solution to use specific exception and JSSE
> implementation details to switch business flow. However, as applications
> have used this way, we may want to fix the compatibility issue.
>
> Simple fix, no new regression test. The HttpComponents community had
> confirmed the patch [1].
>
> Thanks,
> Xuelei
>
> [1]:
> https://mail.openjdk.java.net/pipermail/security-dev/2019-December/020956.html
>
More information about the security-dev
mailing list