JDK-8344652 : Remove access control context text from SSLEngine and SSLSession APIs
  • Type: Bug
  • Component: security-libs
  • Sub-Component: javax.net.ssl
  • Affected Version: 24
  • Priority: P3
  • Status: Resolved
  • Resolution: Fixed
  • Submitted: 2024-11-20
  • Updated: 2024-11-28
  • Resolved: 2024-11-22
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 24
24 b26Fixed
Related Reports
CSR :  
JDK-8344653 - Remove access control context text from SSLEngine and SSLSession APIs
Relates :  
JDK-8338411 - Implement JEP 486: Permanently Disable the Security Manager
Description
Some additional text in the SSLEngine and SSLSession APIs should be removed about access control context which is no longer applicable after JEP 486 has been integrated.

In the SSLEngine class description, this paragraph should be removed:

 "Applications might choose to process delegated tasks in different threads.  When an {@code SSLEngine} is created, the current {@link java.security.AccessControlContext} is saved.  All future delegated tasks will be processed using this context:  that is, all access control decisions will be made using the context captured at engine creation."

The following text should also be removed from the getDelegatedTask method of SSLEngine:

"Delegated tasks run in the {@code AccessControlContext} in place when this object was created."

In SSLSession, the following text should be removed from the putValue, getValue, removeValue, and getValueNames methods:

"For security reasons, the same named values may not be visible across different access control contexts."

The following text should also be removed from the name parameter of the removeValue method: "visible across different access control contexts"
Comments
Changeset: 9769ee86 Branch: master Author: Sean Mullan <mullan@openjdk.org> Date: 2024-11-22 13:18:26 +0000 URL: https://git.openjdk.org/jdk/commit/9769ee86978584a65703712c1a845fe4f5fffe29
22-11-2024
A pull request was submitted for review. Branch: master URL: https://git.openjdk.org/jdk/pull/22299 Date: 2024-11-21 17:36:03 +0000
21-11-2024