RFR: 8298381: Improve handling of session tickets for multiple SSLContexts
Sergey Bylokhov
serb at openjdk.org
Sun Dec 11 23:54:52 UTC 2022
On Sun, 11 Dec 2022 16:28:05 GMT, Volker Simonis <simonis at openjdk.org> wrote:
> You're right, but that's actually an improvement compared to the initial implementation where cleanup/destroy wasn't synchronized at all :)
> With regards to the missing synchronization of key usage and key destruction, I think this patch doesn't change the existing behavior because it wasn't synchronized before either.
I think behavior is changed, since the synchronization problem was hidden by generation of many keys. And if we start to use one key by many threads, we will need to carefully sync it, but if we just add synchronization per ssl contex we will make encode/decode methods single threaded per ssl context, which is unfortunate.
-------------
PR: https://git.openjdk.org/jdk/pull/11590
More information about the security-dev
mailing list