Update for the following comment:
   http://hg.openjdk.java.net/jdk/sandbox/rev/fe938437f7ba

This update will be included in the next webrev for further review.

Xuelei

On 5/31/2018 10:04 PM, Xuelei Fan wrote:
CertificateVerify.java
----------------------
-129  if (x509Credentials == null) {
+129  if (x509Credentials == null ||
              x509Credentials.popPublicKey == null) {
  130      shc.conContext.fatal(Alert.HANDSHAKE_FAILURE,
  131         "No X509 credentials negotiated for CertificateVerify");
  132  }

May be safe to check the x509Credentials.popPublicKey as well.  Similar to line 357-360, 607-610, 916-919.


-233  if (x509Possession == null) {
+233  if (x509Possession == null ||
               x509Possession.popPrivateKey == null) {
  234      if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
  235         SSLLogger.fine(
  236         "No X.509 credentials negotiated for CertificateVerify");
  237      }
  238
  239     return null;
  240  }

May be safe to check the x509Possession.popPrivateKey as well. Similar to line 458-466, 697-704, 1021-1027.

Otherwise, looks fine to me.

Reply via email to