RFR: 8294985: SSLEngine throws IAE during parsing of X500Principal [v6]
Sean Mullan
mullan at openjdk.org
Fri May 12 20:17:46 UTC 2023
On Thu, 11 May 2023 20:43:49 GMT, Kevin Driver <kdriver at openjdk.org> wrote:
>> Fixes: [JDK-8294985](https://bugs.openjdk.org/browse/JDK-8294985)
>
> Kevin Driver has updated the pull request incrementally with two additional commits since the last revision:
>
> - update copyright
> - reworking the fix in light of encouragement to change the problematic method signature
Do you have any plans to write a test? If not, the bug needs a `noreg` label.
src/java.base/share/classes/sun/security/ssl/CertificateAuthoritiesExtension.java line 136:
> 134: } catch (IllegalArgumentException iae) {
> 135: throw new SSLException("X500Principal could not be parsed " +
> 136: "successfully", iae);
Is it ok to throw a general `SSLException` here? Or do you need to call `TransportContext.fatal()` so that additional cleanup happens? Perhaps @XueleiFan would know.
-------------
PR Comment: https://git.openjdk.org/jdk/pull/13466#issuecomment-1546242429
PR Review Comment: https://git.openjdk.org/jdk/pull/13466#discussion_r1192759621
More information about the security-dev
mailing list