RFR: 8133816: Display extra SSLServerSocket info in debug mode
Weibing Xiao
duke at openjdk.org
Wed Aug 17 17:11:36 UTC 2022
On Wed, 17 Aug 2022 14:25:40 GMT, Xue-Lei Andrew Fan <xuelei at openjdk.org> wrote:
>> Log the debugging info for server cipher suites when setting javax.net.debug == ssl, handshake.
>
> src/java.base/share/classes/sun/security/ssl/ServerHello.java line 409:
>
>> 407: if (shc.sslConfig.preferLocalCipherSuites) {
>> 408: preferred = shc.activeCipherSuites;
>> 409: proposed = clientHello.cipherSuites;
>
> Instead of wrapping all information in one block, I may prefer to break down and place them in the close place where is happens.
>
> I may dump the debug log here for cipher suite preference and server activated cipher suites.
The intention to group all the information together allows the developer to find the configuration of the server socket in one place. Previously the log message will only print out the error message of "on cipher suite in common" when the handshake failed between the client and server.
-------------
PR: https://git.openjdk.org/jdk/pull/9731
More information about the security-dev
mailing list