-
Bug
-
Resolution: Fixed
-
P3
-
1.4.1
-
mantis
-
generic
-
generic
email discussion with brad and andreas
>Harish Lodwal wrote:
>> hi!
>> When we access the any https URL with SSLSocket class as client
>> It is giving two diffrent error message for same situation means perticular
protocol is enabled
>> CASE 1
>>
>> Client Server Exception
>> SSLv3 TLSv1,SSLv2 SSLProtocolException
>> Case 2
>> TLSv1 SSLv3,SSLv2 SSLHandshakeException
>>
>> I think it is the right behaviour acording to spec.
>> But it is intraorp issue if one want to catch the error condition
Andreas responds:
>The type of exception thrown and also the alert codes we sent to the
>peer is not totally consistent throughout JSSE. Probably something we
>should look at in a future release.
>
>Brad, any comments?
Yes, this should be consistent. IMO, it should be a
SSLHandshakeException, as the SSLProtocolException is supposed to be
used when one side detects unexpected/invalid data in the messages
received from the other side. Having a null intersection of SSL
versions sounds like a handshaking issue.
Jeff, do you agree with the use of these exceptions?
Andreas or Harish, can one of you please file a bug on this?
Thanks,
Brad
>Harish Lodwal wrote:
>> hi!
>> When we access the any https URL with SSLSocket class as client
>> It is giving two diffrent error message for same situation means perticular
protocol is enabled
>> CASE 1
>>
>> Client Server Exception
>> SSLv3 TLSv1,SSLv2 SSLProtocolException
>> Case 2
>> TLSv1 SSLv3,SSLv2 SSLHandshakeException
>>
>> I think it is the right behaviour acording to spec.
>> But it is intraorp issue if one want to catch the error condition
Andreas responds:
>The type of exception thrown and also the alert codes we sent to the
>peer is not totally consistent throughout JSSE. Probably something we
>should look at in a future release.
>
>Brad, any comments?
Yes, this should be consistent. IMO, it should be a
SSLHandshakeException, as the SSLProtocolException is supposed to be
used when one side detects unexpected/invalid data in the messages
received from the other side. Having a null intersection of SSL
versions sounds like a handshaking issue.
Jeff, do you agree with the use of these exceptions?
Andreas or Harish, can one of you please file a bug on this?
Thanks,
Brad