-
Sub-task
-
Resolution: Unresolved
-
P3
-
None
-
None
-
None
-
generic
-
generic
The parent bug fix has grown large. I'm creating this sub-task to track the specific issue of fixing up how "javax.net.debug=ssl" should work. Problem description as per parent bug
-Djavax.net.debug=ssl only prints 2 lines of info for below program. In JDK 8u and earlier, verbose ssl info would be available with the same setting and would print 100's of lines of debug data for similar operation.
$ cat SSLConnect.java
import java.io.*;
import java.net.*;
import javax.net.ssl.*;
public class SSLConnect {
public static void main(String[] args) throws Exception {
URL u = new URL("https://<website>");
BufferedReader in = new BufferedReader(new InputStreamReader(u.openStream()));
}
}
$ ~/jdk/jdk-11.0.2/bin/java -Djavax.net.debug=ssl SSLConnect
javax.net.ssl|DEBUG|01|main|2019-04-15 18:45:56.692 IST|SSLCipher.java:437|jdk.tls.keyLimits: entry = AES/GCM/NoPadding KeyUpdate 2^37. AES/GCM/NOPADDING:KEYUPDATE = 137438953472
javax.net.ssl|DEBUG|01|main|2019-04-15 18:45:57.056 IST|Utilities.java:73|the previous server name in SNI (type=host_name (0), value=bugs.xxxx.java.net) was replaced with (type=host_name (0), value=bugs.xxxx.java.net)
-Djavax.net.debug=ssl only prints 2 lines of info for below program. In JDK 8u and earlier, verbose ssl info would be available with the same setting and would print 100's of lines of debug data for similar operation.
$ cat SSLConnect.java
import java.io.*;
import java.net.*;
import javax.net.ssl.*;
public class SSLConnect {
public static void main(String[] args) throws Exception {
URL u = new URL("https://<website>");
BufferedReader in = new BufferedReader(new InputStreamReader(u.openStream()));
}
}
$ ~/jdk/jdk-11.0.2/bin/java -Djavax.net.debug=ssl SSLConnect
javax.net.ssl|DEBUG|01|main|2019-04-15 18:45:56.692 IST|SSLCipher.java:437|jdk.tls.keyLimits: entry = AES/GCM/NoPadding KeyUpdate 2^37. AES/GCM/NOPADDING:KEYUPDATE = 137438953472
javax.net.ssl|DEBUG|01|main|2019-04-15 18:45:57.056 IST|Utilities.java:73|the previous server name in SNI (type=host_name (0), value=bugs.xxxx.java.net) was replaced with (type=host_name (0), value=bugs.xxxx.java.net)
- links to
-
Review(master) openjdk/jdk/23781