RFR: 8133816: Display extra SSLServerSocket info in debug mode

Weibing Xiao duke at openjdk.org
Wed Aug 17 17:11:36 UTC 2022


On Wed, 17 Aug 2022 14:25:40 GMT, Xue-Lei Andrew Fan <xuelei at openjdk.org> wrote:

>> Log the debugging info for server cipher suites when setting javax.net.debug == ssl, handshake.
>
> src/java.base/share/classes/sun/security/ssl/ServerHello.java line 409:
> 
>> 407:             if (shc.sslConfig.preferLocalCipherSuites) {
>> 408:                 preferred = shc.activeCipherSuites;
>> 409:                 proposed = clientHello.cipherSuites;
> 
> Instead of wrapping all information in one block, I may prefer to break down and place them in the close place where is happens.
> 
> I may dump the debug log here for cipher suite preference and server activated cipher suites.

The intention to group all the information together allows the developer to find the configuration of the server socket in one place. Previously the log message will only print out the error message of "on cipher suite in common" when the handshake failed between the client and server.

-------------

PR: https://git.openjdk.org/jdk/pull/9731



More information about the security-dev mailing list