monetdb-java: monetdbs - Cache the system trust roots between in...

Wed, 03 Jan 2024 02:40:46 -0800 

Changeset: 99ed7dbb2e05 for monetdb-java
URL: https://dev.monetdb.org/hg/monetdb-java/rev/99ed7dbb2e05
Modified Files:
        src/main/java/org/monetdb/mcl/net/SecureSocket.java
Branch: monetdbs
Log Message:

Cache the system trust roots between invocations

Loading them is expensive, it easily takes 100-200 milliseconds.


diffs (31 lines):

diff --git a/src/main/java/org/monetdb/mcl/net/SecureSocket.java 
b/src/main/java/org/monetdb/mcl/net/SecureSocket.java
--- a/src/main/java/org/monetdb/mcl/net/SecureSocket.java
+++ b/src/main/java/org/monetdb/mcl/net/SecureSocket.java
@@ -16,6 +16,18 @@ public class SecureSocket {
        private static final String[] ENABLED_PROTOCOLS = {"TLSv1.3"};
        private static final String[] APPLICATION_PROTOCOLS = {"mapi/9"};
 
+       // Cache for the default SSL factory. It must load all trust roots
+       // so it's worthwhile to cache.
+       // Only access this through #getDefaultSocketFactory()
+       private static SSLSocketFactory vanillaFactory = null;
+
+       private static synchronized SSLSocketFactory getDefaultSocketFactory() {
+               if (vanillaFactory == null) {
+                       vanillaFactory = (SSLSocketFactory) 
SSLSocketFactory.getDefault();
+               }
+               return vanillaFactory;
+       }
+
        public static Socket wrap(Target.Validated validated, Socket inner) 
throws IOException {
                Target.Verify verify = validated.connectVerify();
                SSLSocketFactory socketFactory;
@@ -23,7 +35,7 @@ public class SecureSocket {
                try {
                        switch (verify) {
                                case System:
-                                       socketFactory = (SSLSocketFactory) 
SSLSocketFactory.getDefault();
+                                       socketFactory = 
getDefaultSocketFactory();
                                        break;
                                case Cert:
                                        KeyStore keyStore = 
keyStoreForCert(validated.getCert());
_______________________________________________
checkin-list mailing list -- checkin-list@monetdb.org
To unsubscribe send an email to checkin-list-le...@monetdb.org

Reply via email to