On Tue, 12 Apr 2022 11:28:12 GMT, Daniel Jeliński <djelin...@openjdk.org> wrote:
> During TLS handshake, hundreds of constraints are evaluated to determine > which cipher suites are usable. Most of the evaluations are performed using > `HandshakeContext#algorithmConstraints` object. By default that object > contains a `SSLAlgorithmConstraints` instance wrapping another > `SSLAlgorithmConstraints` instance. As a result the constraints defined in > `SSLAlgorithmConstraints` are evaluated twice. > > This PR improves the default case; if the user-specified constraints are left > at defaults, we use a single `SSLAlgorithmConstraints` instance, and avoid > duplicate checks. This pull request has now been integrated. Changeset: d8446b4f Author: Daniel Jeliński <djelin...@openjdk.org> URL: https://git.openjdk.java.net/jdk/commit/d8446b4f60472b11e4cdaef97288fe143cca4511 Stats: 427 lines in 7 files changed: 385 ins; 1 del; 41 mod 8284694: Avoid evaluating SSLAlgorithmConstraints twice Reviewed-by: redestad, xuelei, coffeys ------------- PR: https://git.openjdk.java.net/jdk/pull/8199