On Fri, 22 Oct 2021 18:45:31 GMT, Xue-Lei Andrew Fan <xue...@openjdk.org> wrote:

>> The current code that changes cipher suites disposes the new suite instead 
>> of the old one, which usually silently fails. This patch fixes the code to 
>> dispose the old instance instead.
>> 
>> DTLS appears to be unaffected: DTLSOutputRecord keeps 2 ciphers and 
>> correctly [disposes the old 
>> one](https://github.com/openjdk/jdk/blob/739769c8fc4b496f08a92225a12d07414537b6c0/src/java.base/share/classes/sun/security/ssl/DTLSOutputRecord.java#L106),
>>  and DTLSInputRecord [doesn't dispose 
>> anything](https://github.com/openjdk/jdk/blob/4b9303b77b43d890ebacbec38b4ac5db7e171886/src/java.base/share/classes/sun/security/ssl/DTLSInputRecord.java#L57)
>
> Did you want to cover the update for line 222 at OutputRecord.java as well?

> After reviewing the scope of changes to fix writeCipher disposal I decided to 
> remove it entirely. It would probably be a nice follow-up enhancement, but 
> I'm not confident I'd implement it correctly on the first try, so I'd rather 
> not introduce it in a bugfix PR. @XueleiFan is that acceptable to you?
> 
I'm not sure of the removal.  Please hold on the integration, and I will have a 
further look if I have cycles.

-------------

PR: https://git.openjdk.java.net/jdk/pull/6084

Reply via email to