[JDK-4461429] Start TLS should use SSLSocketFactory.getDefault() - Java Bug System

Type: Bug
Resolution: Fixed
Priority: P3
Fix Version/s: 1.4.0
Affects Version/s: 1.4.0
Component/s: core-libs
Labels:
- beta2

Subcomponent:
javax.naming
Resolved In Build:
beta2
CPU:

sparc
OS:

solaris_2.6

StartTlsResponseImpl has the following definition:

private SSLSocketFactory getDefaultFactory() throws IOException {
if (defaultFactory != null) {
return defaultFactory;
}

try {
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, null, null); // no client certificate
defaultFactory = (SSLSocketFactory) sslContext.getSocketFactory();

} catch (java.security.NoSuchAlgorithmException e) {

IOException ie = new IOException(e.getMessage());
throw ie;

} catch (java.security.KeyManagementException e) {

IOException ie = new IOException(e.getMessage());
throw ie;
}
return defaultFactory;
}

Is there any reason to do this instead of simply:

if (defaultFactory != null) {
return defaultFactory;
}

return (defaultFactory = (SSLSocketFactory)
SSLSocketFactory.getDefault());

The old way seems to prevent the standard JSSE defaults from kicking in.
For example, the setting of javax.net.ssl.keyStore* properties are ignored.
Ditto for the javax.net.ssl.trustStore* properties. Why not just
use getDefault() and let JSSE take care of initializing the SSLContext
appropriately?

Assignee:: Vincent Ryan

Reporter:: Rosanna Lee (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Created:: 2001-05-21 16:29

Updated:: 2001-06-28 16:10

Resolved:: 2001-06-28 16:10

Imported:: 16/Sep/12 8:00 PM

Indexed:: 18/Jul/12 2:26 PM

Details

Description

Attachments

Activity

People

Dates