On Fri, 9 Jun 2023 17:23:00 GMT, Sean Mullan <mul...@openjdk.org> wrote:
>> Matthew Donovan has updated the pull request with a new target base due to a
>> merge or a rebase. The incremental webrev excludes the unrelated changes
>> brought in by the merge/rebase. The pull request contains three additional
>> commits since the last revision:
>>
>> - cleaned up code, combined individual executions
>> - Merge branch 'master' into JDK-8301379
>> - 8301379: Verify TLS_ECDH_* cipher suites cannot be negotiated
>
> test/jdk/javax/net/ssl/TLS/TLSWontNegotiateDisabledCipherAlgos.java line 119:
>
>> 117: public void run() throws IOException {
>> 118: try {
>> 119: socket.getOutputStream().write("SECRET
>> MESSAGE".getBytes(StandardCharsets.UTF_8));
>
> Should this fail if this handshake passes?
I updated the code to throw an exception here. It's useful for logging but if
the handshake is successful and data is transferred the server will report the
error.
> test/jdk/javax/net/ssl/TLS/TLSWontNegotiateDisabledCipherAlgos.java line 121:
>
>> 119: socket.getOutputStream().write("SECRET
>> MESSAGE".getBytes(StandardCharsets.UTF_8));
>> 120: } catch (SSLHandshakeException exc) {
>> 121: // handshake failures are expected
>
> Can you inspect the handshake failure message to make sure it is failing for
> the right reason as you do for the server case?
I added a check for the failure message.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/14316#discussion_r1227017797
PR Review Comment: https://git.openjdk.org/jdk/pull/14316#discussion_r1227018124
