[jdk8u-dev] RFR: 8341964: Add mechanism to disable different parts of TLS cipher suite [v2]
Andrew John Hughes
andrew at openjdk.org
Wed Feb 18 15:56:50 UTC 2026
On Wed, 18 Feb 2026 10:47:00 GMT, David Sladký <duke at openjdk.org> wrote:
> > Within tests, the correct replacement for `List.of` is `Utils.listOf` in `jdk.testlibrary`.
>
> When including omitted changes to file `test/jdk/sun/security/ssl/CipherSuite/NoDesRC4CiphSuite.java` I noticed that in this test file is `Array.asList()` also used too. I look into other OpenJDK repos and it seem this is true up to the [openjdk/jdk](https://github.com/openjdk/jdk/blob/8b13fe31d0ba0a4c4453c6388bf68e0e7b5ee22d/test/jdk/sun/security/ssl/CipherSuite/NoDesRC4DesEdeCiphSuite.java#L4).
>
> Other than the above: Test for the changes you requested are being currently run and waiting for results.
Yes, it's not `Arrays.asList` on its own that is the issue, but the substitution of it for `List.of` (and similar with `Set.of`). [`Arrays.asList`](https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/util/Arrays.html#asList(T...)) gives you a `List` object that wraps the array you supplied and that `List` can be modified, writing through to the underlying array. On the other hand, the objects returned from the `*.of` methods are [unmodifiable](https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/util/List.html#unmodifiable). It may be that it makes little difference in the context that the replacement happens, but it could also result in subtle differences. It is therefore safer to use the internal copy of the `of` methods in the 8u test library and not have to worry about this.
-------------
PR Comment: https://git.openjdk.org/jdk8u-dev/pull/763#issuecomment-3921621167
More information about the jdk8u-dev
mailing list