RFR: 8263743: redundant lock in SSLSocketImpl
Jamil Nimeh
jnimeh at openjdk.java.net
Thu Mar 25 04:58:37 UTC 2021
On Wed, 17 Mar 2021 17:23:03 GMT, Xue-Lei Andrew Fan <xuelei at openjdk.org> wrote:
> Remove redundant lock in SSLSocketImpl.
>
> In the SSLSocketImpl, there is a socket level lock while reading application data (see readApplicationRecord).
>
> socketLock.lock();
> try {
> plainText = decode(buffer);
> } finally {
> socketLock.unlock();
> }
> If an application data read is in progress, other calling to SSLSocket APIs (for example getUseClientMode() in a handshake complete listener) could be blocked if socket level locks are used.
>
> No new regression test. Simple fix, hard to trigger the deadlock.
After reading over the description in the bug I think this looks fine.
-------------
Marked as reviewed by jnimeh (Reviewer).
PR: https://git.openjdk.java.net/jdk/pull/3053
More information about the security-dev
mailing list