RFR: 8133816: Display extra SSLServerSocket info in debug mode

Weibing Xiao duke at openjdk.org
Wed Aug 17 12:26:08 UTC 2022


On Mon, 8 Aug 2022 15:59:29 GMT, Sean Coffey <coffeys at openjdk.org> wrote:

>> Log the debugging info for server cipher suites when setting javax.net.debug == ssl, handshake.
>
> src/java.base/share/classes/sun/security/ssl/ServerHello.java line 440:
> 
>> 438:                 }
>> 439: 
>> 440:                 if (sun.security.ssl.SSLLogger.isOn && sun.security.ssl.SSLLogger.isOn("ssl,handshake")) {
> 
> avoid the FQ class name - for SSLLogger - no need.

Updated the code, see new commit.

> src/java.base/share/classes/sun/security/ssl/ServerHello.java line 764:
> 
>> 762: 
>> 763:             // no cipher suites in common
>> 764:             printServerEnabledCipherSuites(shc, null, null);
> 
> I'd suggest removing the debug flag checks from line 776 and wrapping each call of `printServerEnabledCipherSuites` with the debug flag check instead - it's more obvious to reader IMO.

Updated the code, see new commit.

> src/java.base/share/classes/sun/security/ssl/ServerHello.java line 772:
> 
>> 770:      *  When debugging enabled with the value of "ssl, handshake", print out enabled cipher suites on the server side
>> 771:      */
>> 772:     private static void printServerEnabledCipherSuites(sun.security.ssl.ServerHandshakeContext shc,
> 
> maybe use `printServerSocketConfig` might suit better for method name ?

Updated the code, see new commit.

-------------

PR: https://git.openjdk.org/jdk/pull/9731



More information about the security-dev mailing list