RFR: 8258833: Cancel multi-part cipher operations in SunPKCS11 after failures [v2]
Martin Balao
mbalao at openjdk.java.net
Thu Jan 7 20:31:58 UTC 2021
On Tue, 5 Jan 2021 19:41:27 GMT, Valerie Peng <valeriep at openjdk.org> wrote:
>> Martin Balao has updated the pull request incrementally with one additional commit since the last revision:
>>
>> Comment describing the CancelMultipart test assertion.
>
> test/jdk/sun/security/pkcs11/Cipher/CancelMultipart.java line 50:
>
>> 48: }
>> 49:
>> 50: private static class SessionLeaker {
>
> The term "leak/leaker" is used extensively in the test, however, this is not really a leak conceptually, but rather sessions w/ active states/operations which are unusable and lead to unexpected PKCS#11 errors subsequently. Maybe replace it with other terms like "corrupt/corruptor" or other similar terms would be more suitable?
I chose the term 'leak' in the sense of a resource not properly cleaned up. In this case, the 'leak' would not cause a memory/sockets/file-descriptors but a 'usable-sessions' exhaustion. It's always an analogy, but the sense is that something (a Session) unexpectedly (with an active operation) passes from one side (a P11Cipher instance) to another (the Session Manager). I don't believe 'corruptor' describes the concept better than 'leaker'. The Session is not corrupt, it can be used for for a specific purpose (the same operation that previously failed). Any other suggestion? Hmm... I cannot think of something better.
-------------
PR: https://git.openjdk.java.net/jdk/pull/1901
More information about the security-dev
mailing list