RFR: 8366261: Provide utility methods for sun.security.util.Password [v2]

Naoto Sato naoto at openjdk.org
Thu Aug 28 16:06:42 UTC 2025


On Thu, 28 Aug 2025 13:41:47 GMT, Chen Liang <liach at openjdk.org> wrote:

>> Naoto Sato has updated the pull request incrementally with one additional commit since the last revision:
>> 
>>   @Native annotated
>
> src/java.base/share/classes/jdk/internal/io/JdkConsoleImpl.java line 117:
> 
>> 115:         return INSTANCE.orElseSet(() -> {
>> 116:             // If there's already a proper console, throw an exception
>> 117:             if (System.console() != null) {
> 
> Since this initializes the console, this means the console can only be available when there is no provider and stdin is tty, but stdout is not. Is this intended? (In other words, should we make System.console() lazy, as it is initialized with java.io.Console as Console.cons?)

Yes, this is intentional. This entry is dedicated solely to `Password`, and it is expected that `System.console()` will be called beforehand so that normal cases (without redirection) are handled by `System.console()`. The null check is a safeguard to prevent future `Password` refactoring from invoking this method without first calling `System.console()` in the standard case.

-------------

PR Review Comment: https://git.openjdk.org/jdk/pull/26973#discussion_r2307880758


More information about the security-dev mailing list