On Tue, 10 Jan 2023 06:02:29 GMT, Jamil Nimeh <jni...@openjdk.org> wrote:
> This fixes an issue where HTTP responses that do not have an explicit > Content-Length are causing an EOFException which unravels into a > CertPathValidatorException during validations that involve OCSP checks. > > - JBS: https://bugs.openjdk.org/browse/JDK-8296343 src/java.base/share/classes/sun/security/provider/certpath/OCSP.java line 217: > 215: > 216: int contentLength = con.getContentLength(); > 217: return (contentLength == -1) ? > con.getInputStream().readAllBytes() : For the returned OCSP bytes, what if the response code is not OK? ------------- PR: https://git.openjdk.org/jdk/pull/11917
