RFR: 8311596: Add separate system properties for TLS server and client for maximum chain length [v2]
Hai-May Chao
hchao at openjdk.org
Wed Sep 6 20:02:10 UTC 2023
On Mon, 7 Aug 2023 15:36:54 GMT, Mark Powers <mpowers at openjdk.org> wrote:
>> Hai-May Chao has updated the pull request incrementally with one additional commit since the last revision:
>>
>> Set to default if a negative value is set
>
> src/java.base/share/classes/sun/security/ssl/SSLConfiguration.java line 115:
>
>> 113: "jdk.tls.maxCertificateChainLength", 10);
>> 114:
>> 115: // Limit the maximum certificate chain length accepted from clients
>
> Should these be moved to after line 89?
Remain to stay after the related maxCertificateChainLength.
> src/java.base/share/classes/sun/security/ssl/SSLConfiguration.java line 150:
>
>> 148: */
>> 149: static {
>> 150: Integer clientLen = GetIntegerAction.privilegedGetProperty(
>
> I think you could call `privilegedGetProperty` with the default value as second argument.
Done.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/15163#discussion_r1317760306
PR Review Comment: https://git.openjdk.org/jdk/pull/15163#discussion_r1317760395
More information about the security-dev
mailing list