RFR: 8294985: SSLEngine throws IAE during parsing of X500Principal [v6]
Kevin Driver
kdriver at openjdk.org
Mon May 15 19:48:47 UTC 2023
On Mon, 15 May 2023 19:37:44 GMT, Sean Mullan <mullan at openjdk.org> wrote:
>> It is not easy to understand the final behavior if throwing SSLException here. I would like to call `TransportContext.fatal()` directly to make the behavior more accuracy, by using Alert.DECODE_ERROR.
>
> You will need to pass in `TransportContext` as a parameter if you do that, unless you go back changing the callers of `getAuthorities()` to catch `IllegalArgumentException`. I'm now thinking it is better for the callers of `getAuthorities()` to catch `IllegalArgumentException` and then call `fatal`.
>
> One other minor comment:
>
> - I would remove the word "successfully" as this is a failure case so it is implied.
Sean, agreed. I had considered the above previously.
Also, I'll remove "successfully" with the next round of edits.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/13466#discussion_r1194292927
More information about the security-dev
mailing list