On Thu, 29 May 2025 14:35:11 GMT, Michael McMahon <micha...@openjdk.org> wrote:
>> Hi, >> >> Enhanced exception messages are designed to hide sensitive information such >> as hostnames, IP >> addresses from exception message strings, unless the enhanced mode for the >> specific category >> has been explicitly enabled. Enhanced exceptions were first introduced in >> 8204233 in JDK 11 and >> updated in 8207846. >> >> This PR aims to increase the coverage of enhanced exception messages in the >> networking code. >> A limited number of exceptions are already hidden (restricted) by default. >> The new categories and >> exceptions in this PR will be restricted on an opt-in basis, ie. the default >> mode will be enhanced >> (while preserving the existing behavior). >> >> The mechanism is controlled by the security/system property >> "jdk.includeInExceptions" which takes as value >> a comma separated list of category names, which identify groups of >> exceptions where the exception >> message may be enhanced. Any category not listed is "restricted" which means >> that potentially >> sensitive information (such as hostnames, IP addresses, user identities) are >> excluded from the message text. >> >> The changes to the java.security conf file describe the exact changes in >> terms of the categories now >> supported and any changes in behavior. >> >> Thanks, >> Michael > > Michael McMahon has updated the pull request incrementally with one > additional commit since the last revision: > > Additional callsites identified by Mark S. src/java.base/share/classes/sun/net/www/protocol/https/HttpsClient.java line 566: > 564: > filterNonSocketInfo(url.getHost()) > 565: .prefixWith("should be <") > 566: .suffixWith(">"))); Suggestion: throw new IOException(formatMsg("Wrong HTTPS hostname%s", filterNonSocketInfo(url.getHost()) .prefixWith(": should be <") .suffixWith(">"))); src/java.base/share/classes/sun/nio/ch/NioSocketImpl.java line 560: > 558: if (isa.isUnresolved()) { > 559: throw new UnknownHostException( > 560: formatMsg("%s", filterNonSocketInfo(isa.getHostName()))); Suggestion: formatMsg(filterNonSocketInfo(isa.getHostName()))); src/java.base/share/classes/sun/nio/ch/SocketAdaptor.java line 99: > 97: close(); > 98: throw new UnknownHostException( > 99: formatMsg("%s", filterNonSocketInfo(remote.toString()))); Suggestion: throw new UnknownHostException( formatMsg(filterNonSocketInfo(remote.toString()))); src/java.naming/share/classes/com/sun/jndi/ldap/LdapURL.java line 125: > 123: protected MalformedURLException newInvalidURISchemeException(String > uri) { > 124: return new MalformedURLException(formatMsg("Not an LDAP URL: %s", > 125: > filterNonSocketInfo(uri))); Suggestion: return new MalformedURLException(formatMsg("Not an LDAP URL%s", filterNonSocketInfo(uri).prefixWith(": "))); src/java.naming/share/classes/com/sun/jndi/toolkit/url/Uri.java line 238: > 236: > 237: private MalformedURLException newMalformedURLException(String > prefix, String msg) { > 238: return new MalformedURLException(formatMsg(prefix + " %s", > filterNonSocketInfo(msg))); Suggestion: return new MalformedURLException(prefix + formatMsg(filterNonSocketInfo(msg).withPrefix(prefix.isEmpty()? "" : ": ")); src/java.naming/share/classes/com/sun/jndi/toolkit/url/Uri.java line 250: > 248: URI u = new URI(uri); > 249: scheme = u.getScheme(); > 250: if (scheme == null) throw > newMalformedURLException("Invalid URI:", uri); Suggestion: if (scheme == null) throw newMalformedURLException("Invalid URI", uri); src/java.naming/share/classes/com/sun/jndi/toolkit/url/Uri.java line 262: > 260: if (!hostport.equals(auth)) { > 261: // throw if we have user info or regname > 262: throw newMalformedURLException("unsupported > authority:", auth); Suggestion: throw newMalformedURLException("unsupported authority", auth); src/java.naming/share/classes/com/sun/jndi/toolkit/url/Uri.java line 271: > 269: if (u.getRawFragment() != null) { > 270: if (!acceptsFragment()) { > 271: throw newMalformedURLException("URI fragments > not supported:", uri); Suggestion: throw newMalformedURLException("URI fragments not supported", uri); src/java.naming/share/classes/com/sun/jndi/toolkit/url/Uri.java line 308: > 306: int fmark = uri.indexOf('#'); > 307: if (i < 0 || slash > 0 && i > slash || qmark > 0 && i > qmark || > fmark > 0 && i > fmark) { > 308: throw newMalformedURLException("Invalid URI:", uri); Suggestion: throw newMalformedURLException("Invalid URI", uri); src/java.naming/share/classes/com/sun/jndi/toolkit/url/Uri.java line 312: > 310: if (fmark > -1) { > 311: if (!acceptsFragment()) { > 312: throw newMalformedURLException("URI fragments not > supported:", uri); Suggestion: throw newMalformedURLException("URI fragments not supported", uri); src/java.naming/share/classes/com/sun/jndi/toolkit/url/Uri.java line 358: > 356: String ui = u.getRawUserInfo(); > 357: if (ui != null) { > 358: throw newMalformedURLException("user info not > supported in authority:", ui); Suggestion: throw newMalformedURLException("user info not supported in authority", ui); src/java.naming/share/classes/com/sun/jndi/toolkit/url/Uri.java line 361: > 359: } > 360: if (!"/".equals(p)) { > 361: throw newMalformedURLException("invalid > authority:", auth); Suggestion: throw newMalformedURLException("invalid authority", auth); src/java.naming/share/classes/com/sun/jndi/toolkit/url/Uri.java line 364: > 362: } > 363: if (q != null) { > 364: throw newMalformedURLException("invalid trailing > characters in authority: ?", q); Suggestion: throw new MalformedURLException("invalid trailing characters in authority: ?" + formatMsg(filterNonSocketInfo(q))); src/java.naming/share/classes/com/sun/jndi/toolkit/url/Uri.java line 374: > 372: // throw if we have user info or regname > 373: throw newMalformedURLException("Authority > component is not server-based, " + > 374: "or contains user info. > Unsupported authority:", auth); Suggestion: "or contains user info. Unsupported authority", auth); src/java.rmi/share/classes/java/rmi/Naming.java line 227: > 225: > 226: private static MalformedURLException newMalformedURLException(String > prefix, String msg) { > 227: return new MalformedURLException(formatMsg(prefix + " %s", > filterNonSocketInfo(msg))); Suggestion: return new MalformedURLException(prefix + formatMsg(filterNonSocketInfo(msg).prefixWith(": ")); src/java.rmi/share/classes/java/rmi/Naming.java line 250: > 248: */ > 249: MalformedURLException mue = newMalformedURLException( > 250: "invalid URL String:", str); Suggestion: "invalid URL String", str); src/java.rmi/share/classes/java/rmi/Naming.java line 282: > 280: if (uri.isOpaque()) { > 281: throw newMalformedURLException( > 282: "not a hierarchical URL:", str); Suggestion: "not a hierarchical URL", str); src/java.rmi/share/classes/java/rmi/Naming.java line 286: > 284: if (uri.getFragment() != null) { > 285: throw newMalformedURLException( > 286: "invalid character, '#', in URL name:", str); Suggestion: "invalid character, '#', in URL name", str); src/java.rmi/share/classes/java/rmi/Naming.java line 289: > 287: } else if (uri.getQuery() != null) { > 288: throw newMalformedURLException( > 289: "invalid character, '?', in URL name:", str); Suggestion: "invalid character, '?', in URL name", str); src/java.rmi/share/classes/java/rmi/Naming.java line 292: > 290: } else if (uri.getUserInfo() != null) { > 291: throw newMalformedURLException( > 292: "invalid character, '@', in URL host:", str); Suggestion: "invalid character, '@', in URL host", str); src/java.rmi/share/classes/java/rmi/Naming.java line 296: > 294: String scheme = uri.getScheme(); > 295: if (scheme != null && !scheme.equals("rmi")) { > 296: throw newMalformedURLException("invalid URL scheme:", str); Suggestion: throw new MalformedURLException(formatMsg("invalid URL scheme%s", filterNonSocketInfo(str).prefixWith(": ").replaceWith(": rmi")); ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/23929#discussion_r2114314118 PR Review Comment: https://git.openjdk.org/jdk/pull/23929#discussion_r2114338001 PR Review Comment: https://git.openjdk.org/jdk/pull/23929#discussion_r2114341371 PR Review Comment: https://git.openjdk.org/jdk/pull/23929#discussion_r2114325981 PR Review Comment: https://git.openjdk.org/jdk/pull/23929#discussion_r2114336092 PR Review Comment: https://git.openjdk.org/jdk/pull/23929#discussion_r2114343715 PR Review Comment: https://git.openjdk.org/jdk/pull/23929#discussion_r2114344189 PR Review Comment: https://git.openjdk.org/jdk/pull/23929#discussion_r2114344732 PR Review Comment: https://git.openjdk.org/jdk/pull/23929#discussion_r2114349684 PR Review Comment: https://git.openjdk.org/jdk/pull/23929#discussion_r2114360771 PR Review Comment: https://git.openjdk.org/jdk/pull/23929#discussion_r2114361269 PR Review Comment: https://git.openjdk.org/jdk/pull/23929#discussion_r2114361808 PR Review Comment: https://git.openjdk.org/jdk/pull/23929#discussion_r2114372438 PR Review Comment: https://git.openjdk.org/jdk/pull/23929#discussion_r2114373811 PR Review Comment: https://git.openjdk.org/jdk/pull/23929#discussion_r2114380353 PR Review Comment: https://git.openjdk.org/jdk/pull/23929#discussion_r2114381257 PR Review Comment: https://git.openjdk.org/jdk/pull/23929#discussion_r2114381615 PR Review Comment: https://git.openjdk.org/jdk/pull/23929#discussion_r2114381991 PR Review Comment: https://git.openjdk.org/jdk/pull/23929#discussion_r2114382430 PR Review Comment: https://git.openjdk.org/jdk/pull/23929#discussion_r2114382678 PR Review Comment: https://git.openjdk.org/jdk/pull/23929#discussion_r2114383025