On Wed, 5 Jul 2023 20:25:26 GMT, Kevin Driver <kdri...@openjdk.org> wrote:
> JDK-8295068: an NPE is thrown when an invalid `id` is found to match up a > `ClientCertificateType`; rather than throwing the `NPE`, we now throw an > `IllegalArgumentException`. This does not seem to be a scenario where > recovery is possible or desired, so the `IAE` should be the proper behavior. Changes requested by xuelei (Reviewer). src/java.base/share/classes/sun/security/ssl/CertificateRequest.java line 134: > 132: throw new IllegalArgumentException(id + " was " + > 133: "not a valid ClientCertificateType id"); > 134: } It may not comply to TLS specification if throwing exception here. Unknown types should be ignored for compatibility. - if (cct.isAvailable) { + if (cct != null && cct.isAvailable) { ------------- PR Review: https://git.openjdk.org/jdk/pull/14778#pullrequestreview-1515892219 PR Review Comment: https://git.openjdk.org/jdk/pull/14778#discussion_r1254023615