ppkarwasz commented on code in PR #4002: URL: https://github.com/apache/logging-log4j2/pull/4002#discussion_r2619008358
########## src/changelog/.2.x.x/6666_fix_SslSocketAppender_verifyHostName.xml: ########## @@ -0,0 +1,12 @@ +<?xml version="1.0" encoding="UTF-8"?> +<entry xmlns="https://logging.apache.org/xml/ns"; + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; + xsi:schemaLocation=" + https://logging.apache.org/xml/ns + https://logging.apache.org/xml/ns/log4j-changelog-0.xsd"; + type="fixed"> + <issue id="6666" link="https://github.com/apache/logging-log4j2/pull/6666"/> Review Comment: _Nit_: Can you replace the placeholder issue number? In Poland, the bus 666 from Gdynia to Hel had to be renamed due to the opposition of locals. ########## log4j-core/src/main/java/org/apache/logging/log4j/core/net/ssl/SslConfiguration.java: ########## @@ -158,9 +160,11 @@ private static KeyManager[] loadKeyManagers(@Nullable final KeyStoreConfiguratio return factory.getKeyManagers(); } + @Nullable + @NullUnmarked private static TrustManager[] loadTrustManagers(@Nullable final TrustStoreConfiguration config) throws Exception { if (config == null) { - return new TrustManager[0]; + return null; Review Comment: Great catch! :100: This effectively allows users to fall back on the standard JRE trust store, unless they provide their own. The previous behavior (empty trust store) effectively prevented any connections, unless the trust store was explicitly provided. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
