On Thu, 30 Apr 2026 16:47:49 GMT, Artur Barashev <[email protected]> wrote:
>> SunJSSE implementation of `SSLEngine` throws an exception if being used >> before calling `setUseClientMode()`. Javadoc wording in `SSLContextSpi` and >> `SSLContext` classes should be improved. >> >> --------- >> - [x] I confirm that I make this contribution in accordance with the >> [OpenJDK Interim AI Policy](https://openjdk.org/legal/ai). > > Artur Barashev has updated the pull request with a new target base due to a > merge or a rebase. The incremental webrev excludes the unrelated changes > brought in by the merge/rebase. The pull request contains five additional > commits since the last revision: > > - Add @throws section to getUseClientMode() > - Merge branch 'master' into JDK-8382270 > - Throw an exception when getUseClientMode() is called before > setUseClientMode(). Remove any notion of default from SSLEngine javadoc > - Address review comments > - 8382270: Update SSLContex API javadoc: require setUseClientMode call for > SunJSSE src/java.base/share/classes/javax/net/ssl/SSLContext.java line 352: > 350: * Some cipher suites (such as Kerberos) require remote hostname > 351: * information, in which case this factory method should not be used. > 352: * <P> Put `SSLEngine` here and the one at the end of the `@implNote` into `{@code}`. src/java.base/share/classes/javax/net/ssl/SSLContext.java line 361: > 359: * be set explicitly by calling > 360: * {@link SSLEngine#setUseClientMode(boolean) > SSLEngine.setUseClientMode()} > 361: * before invoking other methods of the SSLEngine. Is it all "other methods"? src/java.base/share/classes/javax/net/ssl/SSLEngine.java line 1: > 1: /* The class spec at line 332 has Note that the default mode for a new {@code SSLEngine} is provider-specific. To me this sounds like there is always a default mode which is not correct. I think this is a good place to add more description about the mode might be "set" to a default value, or a provider may require the user to "set" it explicitly. This will make it clear what "mode has not yet been set" means exactly. src/java.base/share/classes/javax/net/ssl/SSLEngine.java line 1142: > 1140: * handshaking. > 1141: * <P> > 1142: * This method must be called before any handshaking occurs. This is not a "must". Either "should" or "is recommended". ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/30754#discussion_r3169701774 PR Review Comment: https://git.openjdk.org/jdk/pull/30754#discussion_r3169703586 PR Review Comment: https://git.openjdk.org/jdk/pull/30754#discussion_r3169655744 PR Review Comment: https://git.openjdk.org/jdk/pull/30754#discussion_r3169695883
