Comment 17 for bug 1800792

I think I have a Jenkins build system that has hit this error twice. Once involving git polling (okhttp), and once involving svn checkouts.

If I understand @mirabilos's comment from Nov 2 correctly, people are claiming that any software that breaks due to this change is by definition broken and should be fixed. That at best Ubuntu/Debian may be willing to temporarily unbreak such software, but the working assumption is that eventually that temporary reprieve would be revoked.

If I'm right, could someone please help identify which software in this stack trace is doing something "wrong" per the new definition?

From my read of the stack, org.tmatesoft.svn.core.internal.util.SVNSocketFactory.createSSLSocket calls sun.security.ssl.SSLSocketImpl.startHandshake which then spends a large number of frames within sun.security.ssl until it eventually can't access sun.security.ssl.SSLSessionImpl.<init>(Lsun/security/ssl/ProtocolVersion;Lsun/security/ssl/CipherSuite;Ljava/util/Collection;Lsun/security/ssl/SessionId;Ljava/lang/String;IZ)V

Naïvely, I'd blame the maintainers of sun.security.ssl. If I'm not mistaken, I believe that sun.security.ssl is also part of the jdk/jre packages.