On Thu, 26 Oct 2023 20:44:45 GMT, Hai-May Chao <hc...@openjdk.org> wrote:

>> Please review the enhancement for JDK-8311596 and its CSR JDK-8313236. Thank 
>> you.
>
> Hai-May Chao has updated the pull request incrementally with one additional 
> commit since the last revision:
> 
>   Change property names to clearly indicate client side and server side

src/java.base/share/classes/sun/security/ssl/SSLConfiguration.java line 154:

> 152:             globalPropSet = true;
> 153:         }
> 154:         maxCertificateChainLength = certLen;

There is no need to set `certLen` or `maxCertificateChainLength` when 
`globalPropSet` is false.

src/java.base/share/classes/sun/security/ssl/SSLConfiguration.java line 160:

> 158:                 "jdk.tls.server.maxInboundCertificateChainLength");
> 159:         if (inboundClientLen == null || inboundClientLen < 0) {
> 160:             inboundClientLen = 8;

The logic is little too long for me to digest. I wonder if we can just rewrite 
the line above to

inboundClientLen = globalPropSet ? maxCertificateChainLength : 8;

then there is no need for `serverPropSet` and `clientPropSet`.

-------------

PR Review Comment: https://git.openjdk.org/jdk/pull/15163#discussion_r1375001797
PR Review Comment: https://git.openjdk.org/jdk/pull/15163#discussion_r1375000423

Reply via email to