Re: RFR: 8044609: javax.net.debug options not working and documented as expected [v8]

Sean Coffey Tue, 12 Nov 2024 03:50:35 -0800

> The `javax.net.debug` TLS debug option is buggy since TLSv1.3 implementation 
> was introduced many years ago.
> 
> Where "ssl" was previously a value to obtain all TLS debug traces (except 
> network type dumps, verbose data), it now prints only a few lines for a 
> standard client TLS connection. 
> 
> The property parsing was also lax and allowed users to declare verbose 
> logging options by themselves where the documentation stated that such 
> verbose options were only meant to be used in conjunction with other TLS 
> options :
> 
> 
>         System.err.println("help           print the help messages");
>         System.err.println("expand         expand debugging information");
>         System.err.println();
>         System.err.println("all            turn on all debugging");
>         System.err.println("ssl            turn on ssl debugging");
>         System.err.println();
>         System.err.println("The following can be used with ssl:");
>         System.err.println("\trecord       enable per-record tracing");
>         System.err.println("\thandshake    print each handshake message");
>         System.err.println("\tkeygen       print key generation data");
>         System.err.println("\tsession      print session activity");
>         System.err.println("\tdefaultctx   print default SSL initialization");
>         System.err.println("\tsslctx       print SSLContext tracing");
>         System.err.println("\tsessioncache print session cache tracing");
>         System.err.println("\tkeymanager   print key manager tracing");
>         System.err.println("\ttrustmanager print trust manager tracing");
>         System.err.println("\tpluggability print pluggability tracing");
>         System.err.println();
>         System.err.println("\thandshake debugging can be widened with:");
>         System.err.println("\tdata         hex dump of each handshake 
> message");
>         System.err.println("\tverbose      verbose handshake message 
> printing");
>         System.err.println();
>         System.err.println("\trecord debugging can be widened with:");
>         System.err.println("\tplaintext    hex dump of record plaintext");
>         System.err.println("\tpacket       print raw SSL/TLS packets");
> 
> 
> as part of this patch, I've also moved the log call to the more performant 
> friendly 
> `System.Logger#log(java.lang.System.Logger.Level,java.util.function.Supplier)`
>  method. 
> 
> the output has changed slightly with respect to that  - less verbose
> 
> e.g. old style:
> 
> 
> javax.net.ssl|DEBUG|10|main|2024-04-12 15:47:24.302 GMT|SSLSocketOut...


Sean Coffey has updated the pull request incrementally with one additional 
commit since the last revision:

  keep expand option and add test coverage

-------------

Changes:
  - all: https://git.openjdk.org/jdk/pull/18764/files
  - new: https://git.openjdk.org/jdk/pull/18764/files/fb724d3a..a11d50d5

Webrevs:
 - full: https://webrevs.openjdk.org/?repo=jdk&pr=18764&range=07
 - incr: https://webrevs.openjdk.org/?repo=jdk&pr=18764&range=06-07

  Stats: 23 lines in 2 files changed: 20 ins; 0 del; 3 mod
  Patch: https://git.openjdk.org/jdk/pull/18764.diff
  Fetch: git fetch https://git.openjdk.org/jdk.git pull/18764/head:pull/18764

PR: https://git.openjdk.org/jdk/pull/18764

Re: RFR: 8044609: javax.net.debug options not working and documented as expected [v8]

Reply via email to