RFR: JDK-8145854 SSLContextImpl.statusResponseManager should be generated if required
Jamil Nimeh
jamil.j.nimeh at oracle.com
Sun Feb 21 20:37:12 UTC 2016
Hello all,
This fix makes a change to SSLContextImpl so it only creates a
StatusResponseManager if OCSP stapling has been enabled on the server
side. This fix also takes care of a deviation from the design in terms
of how SSLSockets/Engines determine if stapling has been enabled. The
new code matches the design, that SSLSockets/SSLEngines created from an
SSLContextImpl will all share the enable/disable state at the time the
SSLContext was created. If changes happen to the properties and another
SSLContextImpl is made then those properties will be evaluated at
instantiation time.
Bug: https://bugs.openjdk.java.net/browse/JDK-8145854
Webrev: http://cr.openjdk.java.net/~jnimeh/reviews/8145854/webrev.01/
Thanks,
--Jamil
More information about the security-dev
mailing list