RFR: 8371721: Refactor checkTrusted methods in X509TrustManagerImpl [v2]
Daniel Jeliński
djelinski at openjdk.org
Mon Dec 1 15:00:14 UTC 2025
On Tue, 25 Nov 2025 21:43:55 GMT, Artur Barashev <abarashev at openjdk.org> wrote:
>> The 3 checkTrusted methods in X509TrustManagerImpl have a lot of repeating code that can be moved into a helper method.
>> Also refactoring X509TrustManagerImpl logging code since we are touching this file.
>
> Artur Barashev has updated the pull request with a new target base due to a merge or a rebase. The pull request now contains three commits:
>
> - Fix merge errors
> - Merge branch 'master' into JDK-8371721
>
> # Conflicts:
> # src/java.base/share/classes/sun/security/ssl/SSLLogger.java
> # src/java.base/share/classes/sun/security/ssl/X509TrustManagerImpl.java
> - 8371721: Refactor checkTrusted methods in X509TrustManagerImpl
src/java.base/share/classes/sun/security/ssl/X509TrustManagerImpl.java line 69:
> 67:
> 68: SSLLogger.logFine("ssl,trustmanager", "adding as trusted certificates",
> 69: (Object[]) trustedCerts.toArray(new X509Certificate[0]));
If you'd like to remove the calls to isOn, make sure that the log method call parameters are available without running any extra code. For example, this will always call toArray even if the logging is disabled. This will have impact on the CPU and allocation profile.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/28275#discussion_r2577430921
More information about the security-dev
mailing list