On Fri, 27 Oct 2023 20:15:41 GMT, Sean Mullan <mul...@openjdk.org> wrote:
>> src/java.base/share/classes/sun/security/ssl/SSLConfiguration.java line 160:
>>
>>> 158: "jdk.tls.server.maxInboundCertificateChainLength");
>>> 159: if (inboundClientLen == null || inboundClientLen < 0) {
>>> 160: inboundClientLen = 8;
>>
>> The logic is little too long for me to digest. I wonder if we can just
>> rewrite the line above to
>>
>> inboundClientLen = globalPropSet ? maxCertificateChainLength : 8;
>>
>> then there is no need for `serverPropSet` and `clientPropSet`.
>
> Hmm, but how does this work? The inbound properties override the global
> property if both are set.
This belongs to the `if (inboundClientLen == null || inboundClientLen < 0)`
side. The else side stays the same.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/15163#discussion_r1375009903
