RFR: 8327182: Move serverAlias into the loop
Guoxiong Li
gli at openjdk.org
Mon Mar 4 05:06:52 UTC 2024
On Mon, 4 Mar 2024 03:58:18 GMT, John Jiang <jjiang at openjdk.org> wrote:
> In method `X509Authentication::createServerPossession`, it looks unnecessary to define variable `serverAlias` out of the for-loop.
> It may be better to move `serverAlias` into that loop to narrow down the scope.
src/java.base/share/classes/sun/security/ssl/X509Authentication.java line 274:
> 272: X509ExtendedKeyManager km = shc.sslContext.getX509KeyManager();
> 273: for (String keyType : keyTypes) {
> 274: String serverAlias = null;
It seems not a simple cleanup. If you move the `serverAlias` definition into the loop, it means everytime entering into loop, the `serverAlias` will be `null`. But the previous code can keep the `serverAlias` value to the next iteration. So the meaning of the code has been changed. I don't know which meanings is right because I don't have a deep understanding of SSL now.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/18100#discussion_r1510591899
More information about the security-dev
mailing list