RFR: 8350582: Correct the parsing of the ssl value in javax.net.debug [v4]

Bradford Wetmore wetmore at openjdk.org
Tue Apr 15 00:04:51 UTC 2025 

On Mon, 14 Apr 2025 18:42:40 GMT, Sean Coffey <coffeys at openjdk.org> wrote:

>> Breaking the parent JDK-8044609 JBS issue into sub tasks. 
>> 
>> This patch addresses the main issue which is that `javax.net.debug=ssl ` option is completely broken since TLSv1.3 support was introduced.  This patch should be easier for backporting also.
>> 
>> Wider corrections can be followed up via parent bug.
>
> Sean Coffey has updated the pull request with a new target base due to a merge or a rebase. The incremental webrev excludes the unrelated changes brought in by the merge/rebase. The pull request contains six additional commits since the last revision:
> 
>  - Review comments from Brad
>  - Merge branch 'master' into 8350582-javax-debug
>  - Incorporate latest review feedback
>  - Feedback from Mikhail
>  - correct bug id
>  - 8210430

Thanks for addressing the other issues in the test e.g. `main`, `../..`, and bug description.

In looking at the proposed test for this issue, what I was thinking of is actually a mix of 8350582 and future bug [JDK-8044609](https://bugs.openjdk.org/browse/JDK-8044609) which cleans up the cat/subcats assignments.  

This bug only handles the `ssl` change, so I'm thinking we should change the regtest for this bug to be a simple test looking for the effects of `ssl` with no `data/verbose/plaintext/packet` output, and move (or update) this more general test to be done for 8044609.  

Thoughts?

test/jdk/sun/security/ssl/SSLLogger/DebugPropertyValuesTest.java line 79:

> 77:         debugMessages.put("logger",
> 78:                 List.of("FINE: adding as trusted certificates",
> 79:                         "FINE: WRITE: TLSv1.3 application_data"));

Missing a few more test cases for the more general test case.
  
`session` -> `Session initialized:`
`packet`  -> `Raw write`
`defaultctx` -> (may not be able to add if you're using non-default contexts)
`verbose` -> `Ignore unsupported cipher suite:`

-------------

PR Review: https://git.openjdk.org/jdk/pull/23781#pullrequestreview-2765771586
PR Review Comment: https://git.openjdk.org/jdk/pull/23781#discussion_r2042989284

More information about the security-dev mailing list