RFR: 8344366: Remove Security Manager dependencies from javax.net.ssl and sun.security.ssl packages
Sean Mullan
mullan at openjdk.org
Thu Nov 21 22:48:15 UTC 2024
On Thu, 21 Nov 2024 21:55:54 GMT, Alexey Bakhtin <abakhtin at openjdk.org> wrote:
>> Now that JEP 486 has been integrated, the `javax.net.ssl` and `sun.security.ssl` package implementation dependencies on `System.getSecurityManager`, `AccessController.doPrivileged` and `AccessControlContext` can be removed.
>>
>> Most of the changes are straightforward: removal of code calling `System.getSecurityManager()` and unwrapping of code inside `AccessController.doPrivileged`. However, two changes involved slightly more complicated work:
>>
>> 1. `sun.security.ssl.SSLConfiguration` no longer needs to capture the access control context of `javax.net.ssl.HandshakeCompletedListener` objects, which means it can store the listeners in a `HashSet` instead of a `HashMap`.
>> 2. `sun.security.ssl.SSLSessionImpl` (which implements `javax.net.ssl.SSLSession`) does not need to store attributes based on access control contexts anymore, which means it can store the keys as Strings instead of one that combines the key and the access control context.
>> 3. `sun.security.ssl.TransportContext` does not need to capture the access control context anymore.
>
> src/java.base/share/classes/javax/net/ssl/TrustManagerFactory.java line 72:
>
>> 70: * security property to the desired algorithm name.
>> 71: *
>> 72: * @see java.security.Security security properties
>
> it looks like unnecessary API changes here
Why do you think it is an API change? It produces the exact same javadoc. Technically it's not related, but minor cleanup changes like this are ok in my opinion.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/22301#discussion_r1853047852
More information about the net-dev
mailing list