PVA: Log, instanceof

Author: kasemir

core/pva/src/main/java/org/epics/pva/common/SecureSockets.java

@@ -213,7 +213,7 @@ public static Socket createClientSocket(final InetSocketAddress address, final b
                             logger.log(Level.FINE, "  - Self-signed");
 
                         byte[] value = x509.getExtensionValue("1.3.6.1.4.1.37427.1");
-                        logger.log(Level.FINE, "  - Status PV: " + decodeDERString(value));
+                        logger.log(Level.FINE, "  - Status PV: '" + decodeDERString(value) + "'");
                     }
             }
             catch (Exception ex)
@@ -227,13 +227,13 @@ public static Socket createClientSocket(final InetSocketAddress address, final b
 
     /** Decode DER String
      *  @param der_value
-     *  @return
+     *  @return String, never null
      *  @throws Exception on error
      */
     public static String decodeDERString(final byte[] der_value) throws Exception
     {
         if (der_value == null)
-            return null;
+            return "";
         // https://en.wikipedia.org/wiki/X.690#DER_encoding:
         // Type 4, length 0..127, characters
         if (der_value.length < 2)
@@ -328,7 +328,7 @@ public static TLSHandshakeInfo fromSocket(final SSLSocket socket) throws Excepti
 
                         byte[] value = x509.getExtensionValue("1.3.6.1.4.1.37427.1");
                         String pv_name = SecureSockets.decodeDERString(value);
-                        logger.log(Level.FINER, "  - Status PV: " + pv_name);
+                        logger.log(Level.FINER, "  - Status PV: '" + pv_name + "'");
 
                         if (is_principal_cert  &&  pv_name != null  &&  !pv_name.isBlank())
                             status_pv_name = pv_name;

core/pva/src/main/java/org/epics/pva/server/ServerTCPListener.java

@@ -34,7 +34,6 @@
  *
  *  @author Kay Kasemir
  */
-@SuppressWarnings("nls")
 class ServerTCPListener
 {
     private final ExecutorService thread_pool = Executors.newCachedThreadPool(runnable ->
@@ -222,16 +221,13 @@ private void listen()
                     {   // Check TLS
                         final Socket client = tls_server_socket.accept();
                         TLSHandshakeInfo tls_info = null;
-                        if (client instanceof SSLSocket)
+                        if (client instanceof SSLSocket ssl_client)
                         {
                             logger.log(Level.FINE, () -> Thread.currentThread().getName() + " accepted TLS client " + client.getRemoteSocketAddress());
                             try
                             {
-                                tls_info = TLSHandshakeInfo.fromSocket((SSLSocket) client);
+                                tls_info = TLSHandshakeInfo.fromSocket(ssl_client);
                                 logger.log(Level.FINE, "Client TLS info: " + tls_info);
-                                // TODO Monitor status PV, close connection when PV shows expired/revoked cert
-                                // if (! tls_info.status_pv_name.isEmpty()  /* &&  PVASettings.CHECK_CERT_STATUS */)
-                                //    logger.log(Level.INFO, "Should check " + tls_info.status_pv_name);
                             }
                             catch (SSLHandshakeException ssl)
                             {