RFR: 8298381: Improve handling of session tickets for multiple SSLContexts [v6]
Sergey Bylokhov
serb at openjdk.org
Mon Jan 9 17:37:04 UTC 2023
On Mon, 9 Jan 2023 16:12:18 GMT, Volker Simonis <simonis at openjdk.org> wrote:
>> src/java.base/share/classes/sun/security/ssl/SSLSessionContextImpl.java line 209:
>>
>>> 207: // Package-private, used only from SessionTicketExtension.KeyState::getCurrentKey.
>>> 208: SessionTicketExtension.StatelessKey getKey(HandshakeContext hc) {
>>> 209: SessionTicketExtension.StatelessKey ssk = keyHashMap.get(currentKeyID);
>>
>> is it safe to assume that the "currentKeyID" initialized/updated before on a different thread can be correctly read here?
>
> Yes, because `currentKeyID` is updated in a synchronized section *after* the corresponding key was added to `keyHashMap`.
Please clarify that, if the field is updated on one thread under synchronized block, why we will read the correct "currentKeyID" here on another thread if no synchronization is used in this place?
-------------
PR: https://git.openjdk.org/jdk/pull/11590
More information about the security-dev
mailing list