8210985: Update the default SSL session cache size to 20480

Summary: Change SSLSessionContext.getSessionCacheSize to return 20480 by default instead of 0. Reviewed-by: jnimeh, mullan
author: xuelei <unknown> 2019-05-29 20:27:37 +0000
committer: bell-sw <liberica@bell-sw.com> 2019-07-22 19:22:30 +0300
commit: 360183c8a2a584e90238f032ebcd40f14572a0d1 (patch)
tree: 341e94399c934148b8bcfbf4bad4e13a4ef40667 /src/share
parent: 8fb827e43da007865897f38e7f3a6ceb15f109e8 (diff)
download: jdk8u_jdk-360183c8a2a584e90238f032ebcd40f14572a0d1.tar.gz
2 files changed, 50 insertions, 25 deletions
diff --git a/src/share/classes/javax/net/ssl/SSLSessionContext.java b/src/share/classes/javax/net/ssl/SSLSessionContext.java
index b6f6fb6df4..6361f6bc56 100644
--- a/src/share/classes/javax/net/ssl/SSLSessionContext.java
+++ b/src/share/classes/javax/net/ssl/SSLSessionContext.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2018, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -87,10 +87,17 @@ public interface SSLSessionContext {
      * A check for sessions exceeding the timeout is made immediately whenever
      * the timeout limit is changed for this <code>SSLSessionContext</code>.
      *
+     * @apiNote Note that the JDK Implementation uses default values for both
+     *          the session cache size and timeout.  See
+     *          {@code getSessionCacheSize} and {@code getSessionTimeout} for
+     *          more information.  Applications should consider their
+     *          performance requirements and override the defaults if necessary.
+     *
      * @param seconds the new session timeout limit in seconds; zero means
-     *          there is no limit.
+     *        there is no limit.
+     *
+     * @throws IllegalArgumentException if the timeout specified is {@code < 0}.
      *
-     * @exception IllegalArgumentException if the timeout specified is {@code < 0}.
      * @see #getSessionTimeout
      */
     public void setSessionTimeout(int seconds)
@@ -109,33 +116,50 @@ public interface SSLSessionContext {
      * whenever the timeout limit is changed for this
      * <code>SSLSessionContext</code>.
      *
+     * @implNote The JDK implementation returns the session timeout as set by
+     *           the {@code setSessionTimeout} method, or if not set, a default
+     *           value of 86400 seconds (24 hours).
+     *
      * @return the session timeout limit in seconds; zero means there is no
-     * limit.
+     *         limit.
+     *
      * @see #setSessionTimeout
      */
     public int getSessionTimeout();
 
     /**
-     * Sets the size of the cache used for storing
-     * <code>SSLSession</code> objects grouped under this
-     * <code>SSLSessionContext</code>.
+     * Sets the size of the cache used for storing <code>SSLSession</code>
+     * objects grouped under this <code>SSLSessionContext</code>.
+     *
+     * @apiNote Note that the JDK Implementation uses default values for both
+     *          the session cache size and timeout.  See
+     *          {@code getSessionCacheSize} and {@code getSessionTimeout} for
+     *          more information.  Applications should consider their
+     *          performance requirements and override the defaults if necessary.
      *
      * @param size the new session cache size limit; zero means there is no
-     * limit.
-     * @exception IllegalArgumentException if the specified size is {@code < 0}.
+     *        limit.
+     *
+     * @throws IllegalArgumentException if the specified size is {@code < 0}.
+     *
      * @see #getSessionCacheSize
      */
     public void setSessionCacheSize(int size)
                  throws IllegalArgumentException;
 
     /**
-     * Returns the size of the cache used for storing
-     * <code>SSLSession</code> objects grouped under this
-     * <code>SSLSessionContext</code>.
+     * Returns the size of the cache used for storing <code>SSLSession</code>
+     * objects grouped under this <code>SSLSessionContext</code>.
+     *
+     * @implNote The JDK implementation returns the cache size as set by
+     *           the {@code setSessionCacheSize} method, or if not set, the
+     *           value of the {@systemProperty javax.net.ssl.sessionCacheSize}
+     *           system property.  If neither is set, it returns a default
+     *           value of 20480.
      *
      * @return size of the session cache; zero means there is no size limit.
+     *
      * @see #setSessionCacheSize
      */
     public int getSessionCacheSize();
-
 }
diff --git a/src/share/classes/sun/security/ssl/SSLSessionContextImpl.java b/src/share/classes/sun/security/ssl/SSLSessionContextImpl.java
index 51fac9bc6e..d728821717 100644
--- a/src/share/classes/sun/security/ssl/SSLSessionContextImpl.java
+++ b/src/share/classes/sun/security/ssl/SSLSessionContextImpl.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2012, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2018, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -33,10 +33,13 @@ import java.util.Locale;
 import javax.net.ssl.SSLSession;
 import javax.net.ssl.SSLSessionContext;
 
+import sun.security.action.GetIntegerAction;
 import sun.security.util.Cache;
 
 
 final class SSLSessionContextImpl implements SSLSessionContext {
+    private final static int DEFAULT_MAX_CACHE_SIZE = 20480;
+
     private Cache<SessionId, SSLSessionImpl> sessionCache;
                                         // session cache, session id as key
     private Cache<String, SSLSessionImpl> sessionHostPortCache;
@@ -197,21 +200,19 @@ final class SSLSessionContextImpl implements SSLSessionContext {
     }
 
     private int getDefaultCacheLimit() {
-        int cacheLimit = 0;
         try {
-        String s = java.security.AccessController.doPrivileged(
-                new java.security.PrivilegedAction<String>() {
-                @Override
-                public String run() {
-                    return System.getProperty(
-                        "javax.net.ssl.sessionCacheSize");
-                }
-            });
-            cacheLimit = (s != null) ? Integer.valueOf(s).intValue() : 0;
+            int defaultCacheLimit =
+                java.security.AccessController.doPrivileged(
+                    new GetIntegerAction("javax.net.ssl.sessionCacheSize",
+                                         DEFAULT_MAX_CACHE_SIZE)).intValue();
+
+            if (defaultCacheLimit >= 0) {
+                return defaultCacheLimit;
+            }
         } catch (Exception e) {
         }
 
-        return (cacheLimit > 0) ? cacheLimit : 0;
+        return DEFAULT_MAX_CACHE_SIZE;
     }
 
     boolean isTimedout(SSLSession sess) {
author	xuelei <unknown>	2019-05-29 20:27:37 +0000
committer	bell-sw <liberica@bell-sw.com>	2019-07-22 19:22:30 +0300
commit	360183c8a2a584e90238f032ebcd40f14572a0d1 (patch)
tree	341e94399c934148b8bcfbf4bad4e13a4ef40667 /src/share
parent	8fb827e43da007865897f38e7f3a6ceb15f109e8 (diff)
download	jdk8u_jdk-360183c8a2a584e90238f032ebcd40f14572a0d1.tar.gz