<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<p>Hello Ben,</p>
<p>Like Xuelei noted in his reply, the latest upstream JDK mainline
code has the necessary fix for this issue. The fix seems to have
been done as part of some other bigger changes (in Java 16). What
you discovered is still an issue in versions previous to that
(specifically Java 8 and Java 11). Do you have a JBS account so
that you can create an issue here
<a class="moz-txt-link-freetext" href="https://bugs.openjdk.org/browse/JDK">https://bugs.openjdk.org/browse/JDK</a> to track and have this fixed
in those Java versions? If not, let me know and I'll go ahead
create them on your behalf.</p>
<p>-Jaikiran<br>
</p>
<div class="moz-cite-prefix">On 20/06/22 8:08 pm, Ben Smyth wrote:<br>
</div>
<blockquote type="cite"
cite="mid:CA+_8xu0TEB4qS-fw4YA_ZsJSwYkW9dPJKOqDKGftDQP=hbP42Q@mail.gmail.com">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<div dir="ltr">
<div dir="ltr">Xuelei, <br>
<br>
</div>
<div>You're right, OpenJDK/jdk GitHub is correct. I was looking
at <a href="http://hg.openjdk.java.net/jdk/jdk"
moz-do-not-send="true">hg.openjdk.java.net/jdk/jdk</a>,
specifically <br>
</div>
<div><br>
</div>
<div> <a
href="https://hg.openjdk.java.net/jdk/jdk/file/ee1d592a9f53/src/java.base/share/classes/sun/security/ssl/SSLExtension.java"
moz-do-not-send="true" class="moz-txt-link-freetext">https://hg.openjdk.java.net/jdk/jdk/file/ee1d592a9f53/src/java.base/share/classes/sun/security/ssl/SSLExtension.java</a><br>
</div>
<div><br>
</div>
<div><br>
</div>
<div>Ben<br>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">On Mon, 20 Jun 2022 at
16:19, xueleifan(XueleiFan) <<a
href="mailto:xueleifan@tencent.com" moz-do-not-send="true"
class="moz-txt-link-freetext">xueleifan@tencent.com</a>>
wrote:<br>
</div>
<blockquote class="gmail_quote" style="margin:0px 0px 0px
0.8ex;border-left:1px solid
rgb(204,204,204);padding-left:1ex">
<div style="overflow-wrap: break-word;">
Would you mind post the source code or the repository
link? It looks like <a
href="https://urldefense.com/v3/__https://github.com/openjdk/jdk/blob/master/src/java.base/share/classes/sun/security/ssl/SSLExtension.java__;!!ACWV5N9M2RV99hQ!NKebj9uKrLF6gb-37saVUyukQr-EnHuECUvPsDhJS_U2FQ__HEdRupoxA-eK7zAJ1ueKd3-K-vp2clOGvK0QlWU2uHdasaI$"
target="_blank" moz-do-not-send="true">the code</a> is
good in OpenJDK/jdk GitHub.
<div><br>
</div>
<div>Regards,</div>
<div>Xuelei<br>
<div><br>
<blockquote type="cite">
<div>On Jun 20, 2022, at 5:48 AM, Ben Smyth <<a
href="mailto:subscriptions@bensmyth.com"
target="_blank" moz-do-not-send="true"
class="moz-txt-link-freetext">subscriptions@bensmyth.com</a>>
wrote:</div>
<br>
<div>
<div dir="ltr">
<div>We have <br>
</div>
<div><br>
</div>
<div> // extensions defined in RFC 7250<br>
CLIENT_CERT_TYPE (0x0013,
"padding"),<br>
SERVER_CERT_TYPE (0x0014,
"server_certificate_type"),<br>
<br>
// extensions defined in RFC 7685<br>
PADDING (0x0015,
"client_certificate_type"),</div>
<div><br>
</div>
<div>We should have</div>
<div><br>
</div>
<div> // extensions defined in RFC 7250<br>
CLIENT_CERT_TYPE (0x0013,
"client_certificate_type"),<br>
SERVER_CERT_TYPE (0x0014,
"server_certificate_type"),<br>
<br>
// extensions defined in RFC 7685<br>
PADDING (0x0015,
"padding"),</div>
</div>
</div>
</blockquote>
</div>
<br>
</div>
</div>
</blockquote>
</div>
</div>
</blockquote>
</body>
</html>