On Wed, 21 Dec 2022 22:53:49 GMT, Anthony Scarpino <ascarp...@openjdk.org>
wrote:
>> Volker Simonis has updated the pull request incrementally with one
>> additional commit since the last revision:
>>
>> Optimized initialisation of currentKeyID and deletion of expired session
>> keys as proposed by @schlosna
>
> src/java.base/share/classes/sun/security/ssl/SSLSessionContextImpl.java line
> 211:
>
>> 209: // Package-private, used only from SSLContextImpl::getKey() to
>> create a new session key.
>> 210: void insertNewSessionKey(int newID,
>> SessionTicketExtension.StatelessKey ssk) {
>> 211: assert newID != currentKeyID : "Must use a new ID for a new
>> session key!";
>
> This method contents should be merged back into getKey() when it is in this
> source file, and then you don't need to check the new vs currentKey IDs.
> Also assert is a bad idea as it does not throw a subclass of Exception and
> the may bring down the entire program.
Refactored as proposed.
-------------
PR: https://git.openjdk.org/jdk/pull/11590
