RFR: 8298381: Improve handling of session tickets for multiple SSLContexts [v3]
Volker Simonis
simonis at openjdk.org
Thu Dec 22 14:15:52 UTC 2022
On Wed, 21 Dec 2022 22:53:44 GMT, Anthony Scarpino <ascarpino at openjdk.org> wrote:
>> src/java.base/share/classes/sun/security/ssl/SSLContextImpl.java line 80:
>>
>>> 78:
>>> 79: protected SessionTicketExtension.StatelessKey getKey() {
>>> 80: SessionTicketExtension.StatelessKey ssk = serverCache.getKey();
>>
>> I may change the serverCache from private to package private, and move the getKey() methods into SSLSessionContextImpl:
>>
>> - private final SSLSessionContextImpl serverCache;
>> + final SSLSessionContextImpl serverCache;
>>
>>
>> Then the caller could use sslContext.serverCache.getKey() directly. BTW, I may change the name from getKey to getStatelessKey() for readability.
>
> I agree this should be in SSLSessionContextImpl
I did the refactoring as requested, but I don't like (and I don't think it is "good practice") to expose fields to other classes. And there's already a getter for `serverCache` in `SSLContextImpl` anyway (i.e. `SSLContextImpl::engineGetServerSessionContext`) so I decided to use that one instead and leave the field as private.
-------------
PR: https://git.openjdk.org/jdk/pull/11590
More information about the security-dev
mailing list