On Wed, 20 Aug 2025 15:14:01 GMT, Artur Barashev <abaras...@openjdk.org> wrote:
>> Daniel Fuchs has updated the pull request with a new target base due to a >> merge or a rebase. The pull request now contains 616 commits: >> >> - merge latest changes from master branch >> - merge latest http3 changes >> - Hide internal classes >> - quic: Do not decrypt 1-RTT packets until the TLS handshake is complete >> - quic: remove unused fields >> - Make final fields static >> - Remove unused variable >> - merge latest changes from master branch >> - http3: update summary in H3SimpleTest.java >> - http3: review feedback - use copy() instead of >> thenApply(Function.identity()) >> - ... and 606 more: https://git.openjdk.org/jdk/compare/908f3c96...e0aa68c9 > > src/java.base/share/classes/sun/security/ssl/X509Authentication.java line 229: > >> 227: // just call the functionally limited >> 228: // javax.net.ssl.X509KeyManager.chooseClientAlias(...) >> 229: if (km instanceof X509KeyManagerImpl xkm) { > > We no longer need a special case for `X509KeyManagerImpl` as > `SunX509KeyManagerImpl` supports algorithm constraints now. See #25016 for > details. Correction: We can add `chooseClientAlias` and `chooseServerAlias` methods for quicTLSEngine to the default SunX509 key manager and then do `km instanceof X509KeyManagerCertChecking` check here instead. ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/24751#discussion_r2288583324
