On Thu, 21 Nov 2024 18:29:24 GMT, Sean Mullan <mul...@openjdk.org> wrote:
> Now that JEP 486 has been integrated, the `javax.net.ssl` and > `sun.security.ssl` package implementation dependencies on > `System.getSecurityManager`, `AccessController.doPrivileged` and > `AccessControlContext` can be removed. > > Most of the changes are straightforward: removal of code calling > `System.getSecurityManager()` and unwrapping of code inside > `AccessController.doPrivileged`. However, two changes involved slightly more > complicated work: > > 1. `sun.security.ssl.SSLConfiguration` no longer needs to capture the access > control context of `javax.net.ssl.HandshakeCompletedListener` objects, which > means it can store the listeners in a `HashSet` instead of a `HashMap`. > 2. `sun.security.ssl.SSLSessionImpl` (which implements > `javax.net.ssl.SSLSession`) does not need to store attributes based on access > control contexts anymore, which means it can store the keys as Strings > instead of one that combines the key and the access control context. > 3. `sun.security.ssl.TransportContext` does not need to capture the access > control context anymore. src/java.base/share/classes/javax/net/ssl/TrustManagerFactory.java line 72: > 70: * security property to the desired algorithm name. > 71: * > 72: * @see java.security.Security security properties it looks like unnecessary API changes here ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/22301#discussion_r1852961637
