RFR: 8133816: Display extra SSLServerSocket info in debug mode
Sean Coffey
coffeys at openjdk.org
Wed Aug 17 12:26:07 UTC 2022
On Wed, 3 Aug 2022 15:40:54 GMT, Weibing Xiao <duke at openjdk.org> wrote:
> Log the debugging info for server cipher suites when setting javax.net.debug == ssl, handshake.
src/java.base/share/classes/sun/security/ssl/ServerHello.java line 440:
> 438: }
> 439:
> 440: if (sun.security.ssl.SSLLogger.isOn && sun.security.ssl.SSLLogger.isOn("ssl,handshake")) {
avoid the FQ class name - for SSLLogger - no need.
src/java.base/share/classes/sun/security/ssl/ServerHello.java line 764:
> 762:
> 763: // no cipher suites in common
> 764: printServerEnabledCipherSuites(shc, null, null);
I'd suggest removing the debug flag checks from line 776 and wrapping each call of `printServerEnabledCipherSuites` with the debug flag check instead - it's more obvious to reader IMO.
src/java.base/share/classes/sun/security/ssl/ServerHello.java line 772:
> 770: * When debugging enabled with the value of "ssl, handshake", print out enabled cipher suites on the server side
> 771: */
> 772: private static void printServerEnabledCipherSuites(sun.security.ssl.ServerHandshakeContext shc,
maybe use `printServerSocketConfig` might suit better for method name ?
-------------
PR: https://git.openjdk.org/jdk/pull/9731
More information about the security-dev
mailing list