On Wed, 27 Apr 2022 16:22:38 GMT, Xue-Lei Andrew Fan <xue...@openjdk.org> wrote:
>> Please review this password cleanup enhancement in the PasswordCallback >> implementation. This is one of the effort to clean up the buffered >> passwords. >> >> The PasswordCallback.setPassword() clones the password, but is not >> registered for cleanup. An application could call clearPassword() for the >> purpose, but it would be nice to cleanup the buffer as well if >> clearPassword() was not called in an application. And, if the setPassword() >> get called multiple times, the clearPassword() should also be called the >> same times if not relying on finalization. It could be fragile in practice. > > Xue-Lei Andrew Fan has updated the pull request incrementally with one > additional commit since the last revision: > > no sleep for waiting cleanup More of a FYI - the CheckCleanerBound test failed on one of the test setups. So I've created https://bugs.openjdk.java.net/browse/JDK-8285785 to track that failure. ------------- PR: https://git.openjdk.java.net/jdk/pull/8272
