On Tue, 12 Nov 2024 11:49:25 GMT, Sean Coffey <coff...@openjdk.org> wrote:
>> The `javax.net.debug` TLS debug option is buggy since TLSv1.3 implementation >> was introduced many years ago. >> >> Where "ssl" was previously a value to obtain all TLS debug traces (except >> network type dumps, verbose data), it now prints only a few lines for a >> standard client TLS connection. >> >> The property parsing was also lax and allowed users to declare verbose >> logging options by themselves where the documentation stated that such >> verbose options were only meant to be used in conjunction with other TLS >> options : >> >> >> System.err.println("help print the help messages"); >> System.err.println("expand expand debugging information"); >> System.err.println(); >> System.err.println("all turn on all debugging"); >> System.err.println("ssl turn on ssl debugging"); >> System.err.println(); >> System.err.println("The following can be used with ssl:"); >> System.err.println("\trecord enable per-record tracing"); >> System.err.println("\thandshake print each handshake message"); >> System.err.println("\tkeygen print key generation data"); >> System.err.println("\tsession print session activity"); >> System.err.println("\tdefaultctx print default SSL >> initialization"); >> System.err.println("\tsslctx print SSLContext tracing"); >> System.err.println("\tsessioncache print session cache tracing"); >> System.err.println("\tkeymanager print key manager tracing"); >> System.err.println("\ttrustmanager print trust manager tracing"); >> System.err.println("\tpluggability print pluggability tracing"); >> System.err.println(); >> System.err.println("\thandshake debugging can be widened with:"); >> System.err.println("\tdata hex dump of each handshake >> message"); >> System.err.println("\tverbose verbose handshake message >> printing"); >> System.err.println(); >> System.err.println("\trecord debugging can be widened with:"); >> System.err.println("\tplaintext hex dump of record plaintext"); >> System.err.println("\tpacket print raw SSL/TLS packets"); >> >> >> as part of this patch, I've also moved the log call to the more performant >> friendly >> `System.Logger#log(java.lang.System.Logger.Level,java.util.function.Supplier)` >> method. >> >> the output has changed slightly with respect to that - less verbose >> >> e.g. old... > > Sean Coffey has updated the pull request incrementally with one additional > commit since the last revision: > > keep expand option and add test coverage Last comments for this round of review. ------------- Changes requested by wetmore (Reviewer). PR Review: https://git.openjdk.org/jdk/pull/18764#pullrequestreview-2437482275