RFR: 8296343: CPVE thrown on missing content-length in OCSP response [v2]

Jamil Nimeh jnimeh at openjdk.org
Thu Jan 12 15:46:47 UTC 2023


On Thu, 12 Jan 2023 15:31:30 GMT, Matthew Donovan <duke at openjdk.org> wrote:

>> Jamil Nimeh has updated the pull request incrementally with two additional commits since the last revision:
>> 
>>  - Throw exception directly from non 200 HTTP response codes
>>  - Moved SimpleOCSPServer to use CountdownLatch for ready state, updated tests
>
> test/jdk/sun/security/provider/certpath/OCSP/OCSPNoContentLength.java line 154:
> 
>> 152: //        if (!rootOcsp.isServerReady()) {
>> 153: //            throw new RuntimeException("Server not ready yet");
>> 154: //        }
> 
> Lines 149-154 can be deleted

I thought I caught all the dead comments, but I guess I missed this one.  Good catch, will fix.

-------------

PR: https://git.openjdk.org/jdk/pull/11917



More information about the security-dev mailing list