Update: http://hg.openjdk.java.net/jdk/sandbox/rev/ec5537b61038

Note that the above changeset will be included in next webrev for further code review.

On 6/5/2018 6:54 AM, Weijun Wang wrote:
HelloCookieManager.java:

   44     HelloCookieManager(SecureRandom secureRandom) {
   45         this.secureRandom = secureRandom;
   46     }
   47
   48     HelloCookieManager valueOf(ProtocolVersion protocolVersion) {
Why not just create a static method and make HelloCookieManager abstract?

    static HelloCookieManager of(SecureRandom secureRandom, ProtocolVersion 
protocolVersion)

I haven't seen "raw" HelloCookieManager used anywhere.

For every SSLContext, the SecureRandom may be different, so we need a different HelloCookieManager instance and cookie managers for each SSLContext instance:

SSLContextImpl.java
-------------------
  253   helloCookieManager = new HelloCookieManager(secureRandom);


Also, if createCookie() and isCookieValid() are only called on the server side, 
why not always use ServerHandshakeContext?

Good point!  I made the update in the changeset above.

Thanks,
Xuelei

Thanks
Max



On Jun 5, 2018, at 12:12 PM, Xuelei Fan <xuelei....@oracle.com> wrote:

http://cr.openjdk.java.net/~xuelei/8196584/webrev-full.01

Reply via email to