RFR: 8298381: Improve handling of session tickets for multiple SSLContexts
Sergey Bylokhov
serb at openjdk.org
Mon Dec 12 11:08:37 UTC 2022
On Mon, 12 Dec 2022 10:06:19 GMT, Volker Simonis <simonis at openjdk.org> wrote:
> `encrypt()` will call `getCurrentKey()` which isn't synchronized.
If we think that all that try/catch blocks in the encode/cleanup will save us, then why we added the sync block around cleanup. But If we try synchronize work with keys, and added the new block around cleanup then why the usage of the keys(who call getCurrentKey) are not synchronized by anything, am I not sure that it is safe to use the key after/during destruction, probably some write/read locks will [help](http://hg.openjdk.java.net/jdk/jdk/rev/dfba4e321ab3#l12.15).
-------------
PR: https://git.openjdk.org/jdk/pull/11590
More information about the security-dev
mailing list