The default list of providers defined in java.security file can be overridden
with a custom file, declared with
`-Djava.security.properties=/path/to/custom.security` command line parameter.
If the new list of providers is shorter than the original one, it is necessary
to add an empty entry to te
On Fri, 13 Aug 2021 14:00:45 GMT, Sean Coffey wrote:
> Corner case where a session resumption can fail if the TLS server changes
> supported protocol versions in relation to a cached SSLSession. This is
> primarily an issue where the legacy TLS version is used in place of the newer
> "supporte
On Thu, 22 Jul 2021 19:01:02 GMT, Clive Verghese wrote:
>> ### Benchmark results
>>
>> I have benchmarked 3 cases.
>>
>> 1. The current situation.
>>
>> Benchmark
>> (cipherSuite) Mode CntScore Error Units
>> CipherSuiteBench.b
On Thu, 15 Jul 2021 16:39:14 GMT, Anthony Scarpino
wrote:
>> src/java.base/share/classes/sun/security/ssl/CipherSuite.java line 916:
>>
>>> 914: static String nameOf(int id) {
>>> 915: if (maps_id.containsKey(id)) {
>>> 916: return maps_id.get(id).name;
>>
>> Would it m
On Wed, 14 Jul 2021 17:06:02 GMT, Clive Verghese wrote:
> ### Benchmark results
>
> I have benchmarked 3 cases.
>
> 1. The current situation.
>
> Benchmark
> (cipherSuite) Mode CntScore Error Units
> CipherSuiteBench.benchmarkC
On Wed, 31 Mar 2021 20:52:57 GMT, Xue-Lei Andrew Fan wrote:
> As described in the bug, by connecting the SSLEngine with a misbehaving peer
> SSL implementation, it can get into a state where it calling `wrap` reports
> getStatus == OK, getHandshakeStatus === NEED_WRAP but still doesn't produce
On Tue, 6 Apr 2021 19:43:50 GMT, Anthony Scarpino wrote:
>> Hi,
>>
>> I need a review of the locking change to the RSA blinding code. The problem
>> was reported that multithreaded performance suffered because there was one
>> global lock on the many blindings operation. The change reduces lo
On Tue, 6 Apr 2021 04:26:58 GMT, Anthony Scarpino wrote:
>> Hi,
>>
>> I need a review of the locking change to the RSA blinding code. The problem
>> was reported that multithreaded performance suffered because there was one
>> global lock on the many blindings operation. The change reduces lo
On Sat, 3 Apr 2021 01:06:50 GMT, Florent Guillaume
wrote:
>> Ok, thanks for pointing that out, I didn't realize that limitation. However
>> using synchronizedMap is overkill as it locks every operation. As I read
>> it, only structural changes like adding and removing keys from the map
>> c
On Fri, 2 Apr 2021 17:45:45 GMT, Anthony Scarpino wrote:
>> src/java.base/share/classes/sun/security/rsa/RSACore.java line 66:
>>
>>> 64: // like performance testing.
>>> 65: private static final Map>> ConcurrentLinkedQueue>
>>> 66: blindingCache = new WeakHashMap<>();
>>
On Wed, 31 Mar 2021 21:47:24 GMT, Anthony Scarpino
wrote:
> Hi,
>
> I need a review of the locking change to the RSA blinding code. The problem
> was reported that multithreaded performance suffered because there was one
> global lock on the many blindings operation. The change reduces locki
On Wed, 27 Jan 2021 11:32:08 GMT, djelinski
wrote:
> Under certain load, MemoryCache operations take a substantial fraction of the
> time needed to complete SSL handshakes. This series of patches improves
> performance characteristics of MemoryCache, at the cost of a functional
27;t expecting that much of an improvement, and don't know how to explain
> it.
>
> The 40ns difference between cache with and without a timeout can be
> attributed to 2 `System.currentTimeMillis()` calls; they were pretty slow on
> my VM.
djelinski has updated the pull request increment
On Mon, 22 Feb 2021 21:31:21 GMT, Xue-Lei Andrew Fan wrote:
>> Actually there's a much easier solution to reduce the number of slow
>> `put()`s without making any behavioral changes.
>> The cache object could store the earliest expire time, and then exit
>> `expungeExpiredEntries()` early when
On Mon, 22 Feb 2021 21:31:21 GMT, Xue-Lei Andrew Fan wrote:
>> Actually there's a much easier solution to reduce the number of slow
>> `put()`s without making any behavioral changes.
>> The cache object could store the earliest expire time, and then exit
>> `expungeExpiredEntries()` early when
27;t expecting that much of an improvement, and don't know how to explain
> it.
>
> The 40ns difference between cache with and without a timeout can be
> attributed to 2 `System.currentTimeMillis()` calls; they were pretty slow on
> my VM.
djelinski has updated the pull r
On Tue, 16 Feb 2021 19:38:50 GMT, djelinski
wrote:
>>> I may think it differently. It may be hard to know the future frequency of
>>> an cached item based on the past behaviors. For the above case, I'm not
>>> sure that K=3 is used less frequently than K=1. M
On Wed, 10 Feb 2021 19:19:33 GMT, djelinski
wrote:
>>> Thanks for your review! Some comments below.
>>>
>>> > A full handshake or OCSP status grabbing could counteract all the
>>> > performance gain with the cache update.
>>>
>>>
27;t expecting that much of an improvement, and don't know how to explain
> it.
>
> The 40ns difference between cache with and without a timeout can be
> attributed to 2 `System.currentTimeMillis()` calls; they were pretty slow on
> my VM.
djelinski has updated the pull request incr
On Wed, 10 Feb 2021 00:44:57 GMT, Xue-Lei Andrew Fan wrote:
> I may think it differently. It may be hard to know the future frequency of an
> cached item based on the past behaviors. For the above case, I'm not sure
> that K=3 is used less frequently than K=1. Maybe, next few seconds, K=1 could
On Thu, 4 Feb 2021 20:45:55 GMT, djelinski
wrote:
>> Thank you for the comment. The big picture is more clear to me now.
>>
>>> Example 2:
>>> Old implementation will get:
>>> |K=3, exp=10|K=5, exp=12|K=7, exp=14|K=9, exp=16|
>>>
>>> Ne
On Thu, 4 Feb 2021 19:36:24 GMT, Xue-Lei Andrew Fan wrote:
>> Added benchmarks for get & remove. Added tests for 5M cache size. Switched
>> time units to nanoseconds. Results:
>> Benchmark (size) (timeout) Mode CntScore Error Units
>> CacheBench.get 20480 86400 av
On Tue, 2 Feb 2021 12:19:22 GMT, djelinski
wrote:
>> If I get the patch right, the benchmark performance improvement is a
>> trade-off between CPU and memory, by keeping expired entries while putting a
>> new entry in the cache. I'm not very sure of the performance i
27;t expecting that much of an improvement, and don't know how to explain
> it.
>
> The 40ns difference between cache with and without a timeout can be
> attributed to 2 `System.currentTimeMillis()` calls; they were pretty slow on
> my VM.
djelinski has updated the pull request increme
On Tue, 2 Feb 2021 02:37:39 GMT, Xue-Lei Andrew Fan wrote:
> the benchmark performance improvement is a trade-off between CPU and memory,
> by keeping expired entries while putting a new entry in the cache
Not exactly. The memory use is capped by cache size. The patch is a trade off
between th
27;t expecting that much of an improvement, and don't know how to explain
> it.
>
> The 40ns difference between cache with and without a timeout can be
> attributed to 2 `System.currentTimeMillis()` calls; they were pretty slow on
> my VM.
djelinski has updated the pull request incre
On Mon, 1 Feb 2021 18:35:56 GMT, djelinski
wrote:
>> Hm, maybe you just misunderstand how this makefile construct works. If you
>> just want to add "--add-exports java.base/sun.security.util=ALL-UNNAMED",
>> then that's all you should put in this assignmen
On Mon, 1 Feb 2021 18:31:39 GMT, Erik Joelsson wrote:
>> Adding "--add-exports java.base/sun.security.util=ALL-UNNAMED" is fine, I'm
>> asking about "$(JAVAC_FLAGS)".
>
> Hm, maybe you just misunderstand how this makefile construct works. If you
> just want to add "--add-exports java.base/sun.s
On Mon, 1 Feb 2021 18:18:51 GMT, Erik Joelsson wrote:
>> Under certain load, MemoryCache operations take a substantial fraction of
>> the time needed to complete SSL handshakes. This series of patches improves
>> performance characteristics of MemoryCache, at the cost of a functional
>> change
Under certain load, MemoryCache operations take a substantial fraction of the
time needed to complete SSL handshakes. This series of patches improves
performance characteristics of MemoryCache, at the cost of a functional change:
expired entries are no longer guaranteed to be removed before live
30 matches
Mail list logo
