Re: RFR: 8311596: Add separate system properties for TLS server and client for maximum chain length

Mark Powers Mon, 07 Aug 2023 08:52:00 -0700

On Fri, 4 Aug 2023 17:30:06 GMT, Hai-May Chao <hc...@openjdk.org> wrote:


> Please review the enhancement for JDK-8311596 and its CSR JDK-8313236. Thank 
> you.

All of the other changes look fine to me.
Does this need a test?

src/java.base/share/classes/sun/security/ssl/SSLConfiguration.java line 115:

> 113:             "jdk.tls.maxCertificateChainLength", 10);
> 114: 
> 115:     // Limit the maximum certificate chain length accepted from clients

Should these be moved to after line 89?

src/java.base/share/classes/sun/security/ssl/SSLConfiguration.java line 150:

> 148:      */
> 149:     static {
> 150:         Integer clientLen = GetIntegerAction.privilegedGetProperty(

I think you could call `privilegedGetProperty` with the default value as second 
argument.

-------------

PR Review: https://git.openjdk.org/jdk/pull/15163#pullrequestreview-1565630479
PR Review Comment: https://git.openjdk.org/jdk/pull/15163#discussion_r1286053347
PR Review Comment: https://git.openjdk.org/jdk/pull/15163#discussion_r1286074504

Re: RFR: 8311596: Add separate system properties for TLS server and client for maximum chain length

Reply via email to