RFR: 8327182: Move serverAlias into the loop
Guoxiong Li
gli at openjdk.org
Mon Mar 4 09:17:52 UTC 2024
On Mon, 4 Mar 2024 08:43:33 GMT, John Jiang <jjiang at openjdk.org> wrote:
>>> If an alias can be used by the subsequent iterations, that looks a bug.
>>
>> Looks like a bug. So your patch is a bug fix instead of simple cleanup. Should we change the title of this issue or/and provide a test case?
>
> At the beginning of a iteration, `km.chooseServerAlias` or `km.chooseEngineServerAlias` tries to find an alias. Then, `serverAlias` should be `null` or an existing alias in the key manager.
> The `serverAlias` assigned by the last iteration should not used by the current iteration.
> So, I don't see a bug at the moment.
I know what I missed now. The interface `SSLTransport` only has two implementations `SSLSocketImpl` and `SSLEngineImpl`, so the `serverAlias` is always set at the beginning of the loop. Thanks for your kindly explanation.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/18100#discussion_r1510830428
More information about the security-dev
mailing list