RFR: JDK-8311644 Server should not send bad_certificate alert when the client does not send any certificates
Anthony Scarpino
ascarpino at openjdk.org
Mon Feb 12 22:40:14 UTC 2024
Hi,
I need a code review of what is really a text change. This changes the alert type returned during some TLS CertificateMessage failures to what is recommended in [RFC 8446](https://tools.ietf.org/html/rfc8446). An additional change was to add the alert description to the thrown exception. This makes it easier for the user to know the alert type and makes testing easier. Two of the three changes are tested as the final one is too hard to test. A few tests needed change as they did string comparing on exception messages.
Tony
-------------
Commit messages:
- extra msgs for test
- Merge branch 'master' into tlscertmsg
- change old tests to use endWith()
- merge
- Change exception to add alert
- merge
- changed alert status
Changes: https://git.openjdk.org/jdk/pull/17717/files
Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=17717&range=00
Issue: https://bugs.openjdk.org/browse/JDK-8311644
Stats: 272 lines in 8 files changed: 195 ins; 23 del; 54 mod
Patch: https://git.openjdk.org/jdk/pull/17717.diff
Fetch: git fetch https://git.openjdk.org/jdk.git pull/17717/head:pull/17717
PR: https://git.openjdk.org/jdk/pull/17717
More information about the security-dev
mailing list