On Fri, 30 May 2025 01:25:37 GMT, Bradford Wetmore <[email protected]> wrote:
>> src/java.base/share/classes/sun/security/ssl/SSLSessionImpl.java line 1494:
>>
>>> 1492: if (exporterMasterSecret == null) {
>>> 1493: throw new RuntimeException(
>>> 1494: "Exporter master secret not captured");
>>
>> Do you want to choose another exception type? Like `ProviderException`.
>> Actually, how unlikely this is? If you believe this would never happen
>> (unless there is a programming error), you can even throw an
>> `AssertionError`.
>>
>> Same question in `useTLS10PlusSpec()` for the two randoms.
>
> @wangweij asked if `SSLSession` are ever in a partially completed state. The
> answer is yes, during handshaking the
> `SSLSocket/SSLEngine.getHandshakeSession()` methods can return `SSLSession`
> that is incomplete. As such, it makes more sense for this to be an
> `IllegalArgumentException`.
>
> Drafted the CSR, made the update, and refinalized it. Hopefully the wording
> is acceptable. ;)
Updates look good.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/24976#discussion_r2116081641
