RFR: 8339403: sun.security.ssl.StatusResponseManager.get swallows interrupt status
Jamil Nimeh
jnimeh at openjdk.org
Wed Oct 2 22:44:40 UTC 2024
On Wed, 2 Oct 2024 21:44:08 GMT, Valerie Peng <valeriep at openjdk.org> wrote:
>> This PR corrects a flaw in the StatusResponseManager where it was incorrectly swallowing the interrupt status when either an invokeAll was called (spawning the threads to fetch each OCSP response) or when attempting to grab the data from one of the Futures returned from the fetches.
>> Additionally, I made a small change that, in the unlikely event of a non-IOException being thrown, only that specific fetch is affected, but other successful fetches on different threads can complete and can be added to the resulting responseMap.
>
> src/java.base/share/classes/sun/security/ssl/StatusResponseManager.java line 271:
>
>> 269: SSLLogger.fine("Exception during OCSP fetch: " +
>> 270: cause);
>> 271: }
>
> Q: Do we need a 'continue;' here?
Yes, I think a continue here would be a good thing to do. It doesn't strictly need it, because if you fall into the catch block info is null and so it will eventually fall through to the next iteration. But it does fall into the else block of the next if/else and that log message is unnecessary since it was logged earlier. I'll add the continue. Thanks for catching that!
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/21230#discussion_r1785320403
More information about the security-dev
mailing list