RFR: 8201778: Speed up test javax/net/ssl/DTLS/PacketLossRetransmission.java [v2]

Daniel Jeliński djelinski at openjdk.org
Fri Sep 5 12:19:11 UTC 2025


On Fri, 5 Sep 2025 10:34:34 GMT, Fernando Guallini <fguallini at openjdk.org> wrote:

>> The test javax/net/ssl/DTLS/PacketLossRetransmission takes about 2 minutes to complete. The reason is that the server or client socket times out after 10 seconds while waiting to receive a DatagramPacket that has already been removed (to simulate packet loss). Given that it will time out, it is better to reduce its value.
>> After reducing the timeout , the total test execution completes in approximately 15 seconds on average.
>> Additionally, unnecessary scenarios are removed; for instance, when acting as a client, there is no "server_hello" message type to remove, and similarly, when acting as a server, there is no "client_hello" message on that side, so there is no corresponding packet loss to simulate. It should keep only the scenarios that do lose messages.
>
> Fernando Guallini has updated the pull request incrementally with one additional commit since the last revision:
> 
>   removal of useless tests

test/jdk/javax/net/ssl/DTLS/PacketLossRetransmission.java line 55:

> 53:  * @run main/othervm PacketLossRetransmission server 2 server_hello
> 54:  * @run main/othervm PacketLossRetransmission server 3 hello_verify_request
> 55:  * @run main/othervm -Djdk.tls.client.enableSessionTicketExtension=false PacketLossRetransmission server 4 new_session_ticket

This one is odd.

With `enableSessionTicketExtension=false`, the message is not sent. With the default setting of true, the message is sent, lost, and then the handshake fails with:

javax.net.ssl.SSLHandshakeException: (decrypt_error) The Finished message cannot be verified.

This is a bug.

Could you comment out the line instead? Something like:

@comment run main/othervm PacketLossRetransmission server 4 new_session_ticket

-------------

PR Review Comment: https://git.openjdk.org/jdk/pull/27093#discussion_r2324939292


More information about the security-dev mailing list