On Thu, 22 Dec 2022 14:56:16 GMT, Volker Simonis <simo...@openjdk.org> wrote:
>>> The same example with the 1000 connections being opened alternatively on >>> two different contexts will instead create 1000 `StatelessKey` instances: >> >> That's obviously not the expected behaviors. It is a good catch for the >> `static currentKeyID` issue. >> >> What do you think to move `SSLContextImpl.keyHashMap` into >> `SSLSessionContextImpl`? I would like to have SSLContextImpl focusing on >> configuration. > > Hi @XueleiFan, @ascarpino, > > Thank you for your reviews and comments. I think I've addressed all of your > suggestions in the latest version of the PR. > > There's just one more thing I had to change. Now that I've moved all the > logic to `SSLSessionContextImpl` I can't get a reference to `SSLContextImpl`s > secure random instance any more when creating a new `StatelessKey`. For > simplicity I've therefor decided to use the `KeyGenerator.init()` method > which doesn't require an extra secure random instance. > > If you think that it is important that the `KeyGenerator` uses the same > secure random instance like the corresponding `SSLContextImpl`, I can easily > change `SSLSessionContextImpl::getKey()` to take a `SecureRandom` argument > and pass `SSLContextImpl`s secure random instance down to > `SSLSessionContextImpl::getKey()` (and up to `StatelessKey::<init>`) when > calling `getKey()` from `KeyState::getCurrentKey()`. > > What do you think? @simonis, I don't think @XueleiFan and I are going to finish reviews by Friday. As Oracle has next week off, I suggest you update the copyrights to 2023 and we can integrate next year one all the comments have been resolved. ------------- PR: https://git.openjdk.org/jdk/pull/11590
