RFR: 8286433: Cache certificates decoded from TLS session tickets
Daniel Jeliński
djelinski at openjdk.java.net
Mon May 9 20:22:37 UTC 2022
When a TLS server resumes a session from a stateless session ticket, it populates the `SSLSessionImpl`'s `localCerts` and `peerCerts` fields with certificates deserialized from the session ticket. These certificates are often the same across a large number of tickets.
This patch implements a certificate cache lookup for these certificates. This enables us to avoid deserializing the same certificates repeatedly, and saves memory by reusing the same certificate objects.
-------------
Commit messages:
- Cache received certificates
Changes: https://git.openjdk.java.net/jdk/pull/8608/files
Webrev: https://webrevs.openjdk.java.net/?repo=jdk&pr=8608&range=00
Issue: https://bugs.openjdk.java.net/browse/JDK-8286433
Stats: 26 lines in 2 files changed: 13 ins; 8 del; 5 mod
Patch: https://git.openjdk.java.net/jdk/pull/8608.diff
Fetch: git fetch https://git.openjdk.java.net/jdk pull/8608/head:pull/8608
PR: https://git.openjdk.java.net/jdk/pull/8608
More information about the security-dev
mailing list