Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8011313

OCSP timeout set to wrong value if com.sun.security.ocsp.timeout not defined

    XMLWordPrintable

Details

    • 8
    • b88
    • Verified

    Backports

      Description

         int tmp = java.security.AccessController.doPrivileged(
        + new GetIntegerAction("com.sun.security.ocsp.timeout",
        + DEFAULT_CONNECT_TIMEOUT));
        + if (tmp < 0) {
        + return DEFAULT_CONNECT_TIMEOUT;
        + }
        + // Convert to milliseconds, as the system property will be
        + // specified in seconds
        + return tmp * 1000;

        This would still fail and set timeout to 4 hours if "com.sun.security.ocsp.timeout" is not defined.

        Since GetIntegerAction is used with default value, if the property is not defined then tmp will be set to DEFAULT_CONNECT_TIMEOUT of 15000 and method will return 15000 * 1000.

        Suggestion would be to change DEFAULT_CONNECT_TIMEOUT to be in seconds instead of milliseconds. This would be consistent with the timeout property value.

        Attachments

          Issue Links

            backported by

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8012959 OCSP timeout set to wrong value if com.sun.security.ocsp.timeout not defined

            • P3 - Major loss of function.
            • Closed

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8013709 OCSP timeout set to wrong value if com.sun.security.ocsp.timeout not defined

            • P3 - Major loss of function.
            • Closed

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8013963 OCSP timeout set to wrong value if com.sun.security.ocsp.timeout not defined

            • P3 - Major loss of function.
            • Closed
            relates to

            Bug - A problem which impairs or prevents the functions of the product. JDK-8006853 OCSP timeout set to wrong value if com.sun.security.ocsp.timeout < 0

            • P4 - Minor loss of function, or other problem where easy workaround is present.
            • Closed

            Enhancement - null JDK-7199143 RFE: OCSP revocation checker should provide possibility to specify connection timeout

            • P3 - Major loss of function.
            • Closed

            Activity

              People

                mullan Sean Mullan
                rhalade Rajan Halade
                Votes:
                0 Vote for this issue
                Watchers:
                5 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved: