On Wed, 5 Jul 2023 20:25:26 GMT, Kevin Driver <kdri...@openjdk.org> wrote:
> JDK-8295068: an NPE is thrown when an invalid `id` is found to match up a
> `ClientCertificateType`; rather than throwing the `NPE`, we now throw an
> `IllegalArgumentException`. This does not seem to be a scenario where
> recovery is possible or desired, so the `IAE` should be the proper behavior.
Changes requested by xuelei (Reviewer).
src/java.base/share/classes/sun/security/ssl/CertificateRequest.java line 134:
> 132: throw new IllegalArgumentException(id + " was " +
> 133: "not a valid ClientCertificateType id");
> 134: }
It may not comply to TLS specification if throwing exception here. Unknown
types should be ignored for compatibility.
- if (cct.isAvailable) {
+ if (cct != null && cct.isAvailable) {
-------------
PR Review: https://git.openjdk.org/jdk/pull/14778#pullrequestreview-1515892219
PR Review Comment: https://git.openjdk.org/jdk/pull/14778#discussion_r1254023615
