On Tue, 20 Feb 2024 06:24:49 GMT, Jaikiran Pai <[email protected]> wrote:
> Can I please get a review for this change which proposes to fix > https://bugs.openjdk.org/browse/JDK-8326233? > > As noted in the issue, when the `java.net.HttpClient.Builder` is configured > with a `SSLParameters` instance whose `needClientAuth` is set to true, then > it is expected that the `HttpClient` that's built from such a build will have > its `SSLParameters` with `needClientAuth` as `true` and `wantClientAuth` as > `false`. But due to a bug in the internal implementation of a the > `HttpClient`, the value for `needClientAuth` was getting reset to `false`. > The commit in this PR fixes that issue and introduces a jtreg tests which > reproduces the issue and verifies the fix. It wasn't noticed because the wantClientAuth / needClientAuth only make sense on the server side. I wonder if this was detected by code inspection, or if some (application) code actually depends on this. While at this, I noticed that we don't copy signatureSchemes and namedGroups either. We should probably fix that. ------------- PR Comment: https://git.openjdk.org/jdk/pull/17923#issuecomment-1953781537
