On Tue, 17 Mar 2026 20:51:04 GMT, Anthony Scarpino <[email protected]> wrote:
> Hi, > > Please review this change that prevents multiple KeyUpdate messages from > being sent when the KeyLimit defined in the java.security file has been > reached. > > https://bugs.openjdk.org/browse/JDK-8329548 > > thanks > > --------- > - [x] I confirm that I make this contribution in accordance with the [OpenJDK > Interim AI Policy](https://openjdk.org/legal/ai). Looks good, but please give at least 24 hours for the review next time. A few late comments below. src/java.base/share/classes/sun/security/ssl/SSLCipher.java line 29: > 27: > 28: import sun.security.ssl.Authenticator.MAC; > 29: import sun.security.util.Debug; unused src/java.base/share/classes/sun/security/ssl/SSLCipher.java line 375: > 373: > 374: // Map of Ciphers listed in jdk.tls.keyLimits > 375: static final HashMap<String, Long> cipherLimits = new HashMap<>(); Please revert test/jdk/sun/security/ssl/SSLEngineImpl/KeyUpdateOnce.java line 126: > 124: > 125: ProcessBuilder pb = > ProcessTools.createTestJavaProcessBuilder( > 126: Utils.addTestJavaOpts("KeyUpdateOnce", "p", args[0], `createTestJavaProcessBuilder` calls `Utils.prependTestJavaOpts`; `addTestJavaOpts` does the same thing; you effectively have two copies of the same arguments. ------------- PR Review: https://git.openjdk.org/jdk/pull/30288#pullrequestreview-4416332151 PR Review Comment: https://git.openjdk.org/jdk/pull/30288#discussion_r3346615120 PR Review Comment: https://git.openjdk.org/jdk/pull/30288#discussion_r3346616281 PR Review Comment: https://git.openjdk.org/jdk/pull/30288#discussion_r3346660996
