RFR: 8133816: Display extra SSLServerSocket info in debug mode
Weibing Xiao
duke at openjdk.org
Wed Aug 17 12:26:08 UTC 2022
On Mon, 8 Aug 2022 15:59:29 GMT, Sean Coffey <coffeys at openjdk.org> wrote:
>> Log the debugging info for server cipher suites when setting javax.net.debug == ssl, handshake.
>
> src/java.base/share/classes/sun/security/ssl/ServerHello.java line 440:
>
>> 438: }
>> 439:
>> 440: if (sun.security.ssl.SSLLogger.isOn && sun.security.ssl.SSLLogger.isOn("ssl,handshake")) {
>
> avoid the FQ class name - for SSLLogger - no need.
Updated the code, see new commit.
> src/java.base/share/classes/sun/security/ssl/ServerHello.java line 764:
>
>> 762:
>> 763: // no cipher suites in common
>> 764: printServerEnabledCipherSuites(shc, null, null);
>
> I'd suggest removing the debug flag checks from line 776 and wrapping each call of `printServerEnabledCipherSuites` with the debug flag check instead - it's more obvious to reader IMO.
Updated the code, see new commit.
> src/java.base/share/classes/sun/security/ssl/ServerHello.java line 772:
>
>> 770: * When debugging enabled with the value of "ssl, handshake", print out enabled cipher suites on the server side
>> 771: */
>> 772: private static void printServerEnabledCipherSuites(sun.security.ssl.ServerHandshakeContext shc,
>
> maybe use `printServerSocketConfig` might suit better for method name ?
Updated the code, see new commit.
-------------
PR: https://git.openjdk.org/jdk/pull/9731
More information about the security-dev
mailing list