On Thu, 21 Nov 2024 21:55:54 GMT, Alexey Bakhtin <abakh...@openjdk.org> wrote:
>> Now that JEP 486 has been integrated, the `javax.net.ssl` and >> `sun.security.ssl` package implementation dependencies on >> `System.getSecurityManager`, `AccessController.doPrivileged` and >> `AccessControlContext` can be removed. >> >> Most of the changes are straightforward: removal of code calling >> `System.getSecurityManager()` and unwrapping of code inside >> `AccessController.doPrivileged`. However, two changes involved slightly more >> complicated work: >> >> 1. `sun.security.ssl.SSLConfiguration` no longer needs to capture the access >> control context of `javax.net.ssl.HandshakeCompletedListener` objects, which >> means it can store the listeners in a `HashSet` instead of a `HashMap`. >> 2. `sun.security.ssl.SSLSessionImpl` (which implements >> `javax.net.ssl.SSLSession`) does not need to store attributes based on >> access control contexts anymore, which means it can store the keys as >> Strings instead of one that combines the key and the access control context. >> 3. `sun.security.ssl.TransportContext` does not need to capture the access >> control context anymore. > > src/java.base/share/classes/javax/net/ssl/TrustManagerFactory.java line 72: > >> 70: * security property to the desired algorithm name. >> 71: * >> 72: * @see java.security.Security security properties > > it looks like unnecessary API changes here Why do you think it is an API change? It produces the exact same javadoc. Technically it's not related, but minor cleanup changes like this are ok in my opinion. ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/22301#discussion_r1853047852
