RFR: 8200566: DistributionPointFetcher fails to fetch CRLs if the DistributionPoints field contains more than one DistributionPoint and the first one fails [v2]
Sean Mullan
mullan at openjdk.org
Fri Apr 5 18:56:59 UTC 2024
On Fri, 5 Apr 2024 13:59:41 GMT, Weijun Wang <weijun at openjdk.org> wrote:
>> Sean Mullan has updated the pull request incrementally with one additional commit since the last revision:
>>
>> Remove unnecessary module java.base/sun.security.provider.certpath.
>
> src/java.base/share/classes/sun/security/provider/certpath/DistributionPointFetcher.java line 116:
>
>> 114: results.addAll(crls);
>> 115: } catch (CertStoreException cse) {
>> 116: savedCSE = cse;
>
> Are you going to `addSuppressed` the exception if `savedCSE` is already not null here? Also, better to print out a debug info.
Yes, that would be a good idea to call `addSupressed` in case there is more than one exception. For debug, there is already a debug statement further down the call stack in either the URICertStore or LDAPCertStore code where the exception cause is captured so I didn't want to duplicate that info.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/18656#discussion_r1554162329
More information about the security-dev
mailing list