RFR: 8294985: SSLEngine throws IAE during parsing of X500Principal [v11]
Xue-Lei Andrew Fan
xuelei at openjdk.org
Thu May 18 16:59:40 UTC 2023
On Thu, 18 May 2023 16:15:39 GMT, Kevin Driver <kdriver at openjdk.org> wrote:
>> Fixes: [JDK-8294985](https://bugs.openjdk.org/browse/JDK-8294985)
>
> Kevin Driver has updated the pull request incrementally with one additional commit since the last revision:
>
> review comments addressed
src/java.base/share/classes/sun/security/ssl/CertificateAuthoritiesExtension.java line 290:
> 288: shc.peerSupportedAuthorities = spec.getAuthorities();
> 289: } catch (IllegalArgumentException iae) {
> 290: shc.conContext.fatal(Alert.DECODE_ERROR, "X500Principal could not be parsed", iae);
In the context, it may be easier to catch the idea if the message is about the authorities, and easier to update getAuthorities() implementation, for example X500Principal is not used any longer, if needed in the future.
- "X500Principal could not be parsed"
+ "Peer authorities could not be parsed"
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/13466#discussion_r1198051462
More information about the security-dev
mailing list