RFR: JDK-8145854 SSLContextImpl.statusResponseManager should be generated if required

Jamil Nimeh jamil.j.nimeh at oracle.com
Sun Feb 21 20:37:12 UTC 2016


Hello all,

This fix makes a change to SSLContextImpl so it only creates a 
StatusResponseManager if OCSP stapling has been enabled on the server 
side.  This fix also takes care of a deviation from the design in terms 
of how SSLSockets/Engines determine if stapling has been enabled.  The 
new code matches the design, that SSLSockets/SSLEngines created from an 
SSLContextImpl will all share the enable/disable state at the time the 
SSLContext was created.  If changes happen to the properties and another 
SSLContextImpl is made then those properties will be evaluated at 
instantiation time.

Bug: https://bugs.openjdk.java.net/browse/JDK-8145854
Webrev: http://cr.openjdk.java.net/~jnimeh/reviews/8145854/webrev.01/

Thanks,
--Jamil


More information about the security-dev mailing list