Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8210843

Expose SSLContextImpl#AbstractTrustManagerWrapper functionality

    XMLWordPrintable

    Details

      Description

      A DESCRIPTION OF THE PROBLEM :
      Would it be possible to consider exposing SSLContextImpl#AbstractTrustManagerWrapper somehow so it would be possible to reuse it when a custom SSLEngine / SSLContextSpi is provided ?

      I am asking because it provides really nice extra functionality by wrapping for X509TrustManager implementation and do extra hostname checks etc. At the moment we can not make use of this extra functionality in netty with our custom SSLEngine implementation as there is no way to access this. Which means depending on if the user use our implementation or the default implementation the behaviour if quite different when using a X509TrustManager in the sense that when using the default implementation a lot of extra checks are done.

      As the extra checks done in AbstractTrustManagerWrapper is not really depending on the underlying SSLContextSpi implementation (at least as far as I was able to understand it so far) it would be nice to be able to make use of it.

      Creating the issue as requested here:

      http://mail.openjdk.java.net/pipermail/security-dev/2018-September/018249.html


        Attachments

          Activity

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            webbuggrp Webbug Group
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated: