On Fri, 27 Oct 2023 20:15:41 GMT, Sean Mullan <mul...@openjdk.org> wrote:
>> src/java.base/share/classes/sun/security/ssl/SSLConfiguration.java line 160: >> >>> 158: "jdk.tls.server.maxInboundCertificateChainLength"); >>> 159: if (inboundClientLen == null || inboundClientLen < 0) { >>> 160: inboundClientLen = 8; >> >> The logic is little too long for me to digest. I wonder if we can just >> rewrite the line above to >> >> inboundClientLen = globalPropSet ? maxCertificateChainLength : 8; >> >> then there is no need for `serverPropSet` and `clientPropSet`. > > Hmm, but how does this work? The inbound properties override the global > property if both are set. This belongs to the `if (inboundClientLen == null || inboundClientLen < 0)` side. The else side stays the same. ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/15163#discussion_r1375009903