RFR: 8298381: Improve handling of session tickets for multiple SSLContexts [v3]
Volker Simonis
simonis at openjdk.org
Thu Dec 22 13:41:58 UTC 2022
On Wed, 21 Dec 2022 22:53:49 GMT, Anthony Scarpino <ascarpino at openjdk.org> wrote:
>> Volker Simonis has updated the pull request incrementally with one additional commit since the last revision:
>>
>> Optimized initialisation of currentKeyID and deletion of expired session keys as proposed by @schlosna
>
> src/java.base/share/classes/sun/security/ssl/SSLSessionContextImpl.java line 211:
>
>> 209: // Package-private, used only from SSLContextImpl::getKey() to create a new session key.
>> 210: void insertNewSessionKey(int newID, SessionTicketExtension.StatelessKey ssk) {
>> 211: assert newID != currentKeyID : "Must use a new ID for a new session key!";
>
> This method contents should be merged back into getKey() when it is in this source file, and then you don't need to check the new vs currentKey IDs. Also assert is a bad idea as it does not throw a subclass of Exception and the may bring down the entire program.
Refactored as proposed.
-------------
PR: https://git.openjdk.org/jdk/pull/11590
More information about the security-dev
mailing list