From a11d50d55ca76ddc4de97d39b7cc9e026f5d02d4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Se=C3=A1n=20Coffey?= <sean.coffey@oracle.com>
Date: Tue, 12 Nov 2024 11:42:05 +0000
Subject: [PATCH] keep expand option and add test coverage

---
 .../share/classes/sun/security/ssl/SSLLogger.java   | 13 ++++++++++---
 .../security/ssl/SSLLogger/DebugPropertyValues.java | 13 +++++++++++++
 2 files changed, 23 insertions(+), 3 deletions(-)

diff --git a/src/java.base/share/classes/sun/security/ssl/SSLLogger.java b/src/java.base/share/classes/sun/security/ssl/SSLLogger.java
index 0c1aa93db8f..a9a25116f1d 100644
--- a/src/java.base/share/classes/sun/security/ssl/SSLLogger.java
+++ b/src/java.base/share/classes/sun/security/ssl/SSLLogger.java
@@ -79,9 +79,15 @@ public final class SSLLogger {
             }
             isOn = true;
             // log almost everything for the "ssl" value.
-            // anything else specified with "ssl" in the property value implies
-            // a subcomponent value is to be logged.
-            sslOn = property.equals("ssl");
+            // anything else specified with "ssl" value implies
+            // a subset of ssl debugging statements. The separator value
+            // for subset values has never been specified.
+            // Allow the expand operator here also (e.g. ssl:expand)
+            sslOn = property.equals("ssl") ||
+                    (property.startsWith("ssl")
+                            && property.length() == 10
+                            && !Character.isLetterOrDigit(property.charAt(3))
+                            && property.endsWith("expand"));
         } else {
             property = null;
             logger = null;
@@ -93,6 +99,7 @@ public final class SSLLogger {
     private static void help() {
         System.err.println();
         System.err.println("help           print this help message and exit");
+        System.err.println("expand         expand debugging information");
         System.err.println();
         System.err.println("all            turn on all debugging");
         System.err.println("ssl            turn on ssl debugging");
diff --git a/test/jdk/sun/security/ssl/SSLLogger/DebugPropertyValues.java b/test/jdk/sun/security/ssl/SSLLogger/DebugPropertyValues.java
index 9d600b8538a..ec4478ababc 100644
--- a/test/jdk/sun/security/ssl/SSLLogger/DebugPropertyValues.java
+++ b/test/jdk/sun/security/ssl/SSLLogger/DebugPropertyValues.java
@@ -76,6 +76,19 @@ public class DebugPropertyValues extends SSLSocketTemplate {
                                 "trigger seeding of SecureRandom",
                                 "supported_versions"),
                         List.of("Plaintext before ENCRYPTION")),
+                // allow expand option for more verbose output
+                Arguments.of(List.of("-Djavax.net.debug=ssl,expand"),
+                        List.of("\"logger\".*: \"javax.net.ssl\",",
+                                "\"message\".*: \"Produced ClientHello handshake message:",
+                                "adding as trusted certificates",
+                                "trigger seeding of SecureRandom",
+                                "supported_versions"),
+                        List.of("Plaintext before ENCRYPTION")),
+                 Arguments.of(List.of("-Djavax.net.debug=ssl:record,expand"),
+                        List.of("\"logger\".*: \"javax.net.ssl\",",
+                                "\"message\".*: \"READ: TLSv1.2 application_data"),
+                        List.of("Plaintext before ENCRYPTION",
+                                "\"message\".*: \"Produced ClientHello handshake message:")),
                 // ssl:plaintext isn't valid. "plaintext" is sub-option for "record"
                 Arguments.of(List.of("-Djavax.net.debug=ssl:plaintext"),
                         null,