[jdk9] RFR: 8154947: Send empty list of authorities in CertificateRequest, if server has too many of them
xuelei.fan at oracle.com
Tue Apr 26 14:33:21 UTC 2016
jdk.tls.handleCertReqAuthoritesOverflow is a little bit long.
May not need to define the "none" property value.
Using enum for HAO_NONE, HAO_EMPTY and HAO_TRUNC?
line 1920: Overflow should be rare, what about print only when overflow?
On 4/26/2016 9:56 PM, Seán Coffey wrote:
> Looks like a fair approach to solving this issue Ivan. A few comments
> from me :
> typo : authoririesOverflow --> authoritiesOverflow
> typo : handleAuthoritesOverflow --> handleAuthoritiesOverflow
> typo : jdk.tls.handleCertReqAuthoritesOverflow -->
> + throw new RuntimeException("Value of " + prop
> + + " must be one of '" + HAO_NONE + "', '"
> + + HAO_EMPTY + "', '" + HAO_TRUNC + "'");
> I think it would be good to print the value of s in above exception
> also. something like + ". Received: \"" + s + "\"");
> s.println("Cert Authorities:" + (authoririesOverflow ? " (overflow)" :
> I would also be good to indicate the handleAuthoritiesOverflow string
> value in above printing *if* authoritiesOverflow turns out to be true.
> We should be able to determine from the next message printed - but no
> harm to future proof.
> Maybe :
> s.println("Cert Authorities:" + (authoritiesOverflow ? " (overflow" +
> "[" + handleAuthoritiesOverflow + "])" : ""));
> On 26/04/2016 11:57, Ivan Gerasimov wrote:
>> Here's a modified version of the fix.
>> Instead of a boolean-type property, a string-type property is introduced.
>> It is used to specify the strategy to use, if we encounter the
>> overflow during filling the list of authorities.
>> The default strategy is to throw an exception (just like the currently
>> implemented behavior.)
>> It can also be set to the values 'empty' or 'truncate', which will
>> make the server to send an empty or truncated list upon overflow.
>> Would you please help review it?
>> With kind regards,
>> On 22.04.2016 20:09, Ivan Gerasimov wrote:
>>> Hello everyone!
>>> During TLS handshake, a server may be required to send a
>>> CertificateRequest, which contains a list of authorities.
>>> If the list happens to be too long, the server is throwing an
>>> exception, indicating an overflow.
>>> It may be convenient to be able to just drop the list altogether, and
>>> let the client to choose a certificate randomly.
>>> In certain situation this may be more preferable that just block
>>> Would you please help review a patch, which introduces an
>>> command-line option that controls this behavior of the server?
>>> If the approach is approved, I'll file a CCC request for that option.
>>> BUGURL: https://bugs.openjdk.java.net/browse/JDK-8154947
>>> WEBREV: http://cr.openjdk.java.net/~igerasim/8154947/00/webrev/
>>> With the proposed fix all the security-related regression tests,
>>> including the modified one, passed on all supported platforms.
>>> With kind regards,
More information about the security-dev