On Tue, 10 Jun 2025 22:21:31 GMT, Artur Barashev <abaras...@openjdk.org> wrote:

>> Daniel Fuchs has updated the pull request with a new target base due to a 
>> merge or a rebase. The pull request now contains 499 commits:
>> 
>>  - merge latest changes from master branch
>>  - http3: improve H3ConnectionPoolTest.java
>>  - Fix snippet
>>  - Improve key destruction
>>  - merge latest changes from master branch
>>  - http3: fix bug introduced by Http3ConnectionPool and improved debug logs
>>  - http3: refactor HTTP/3 connection pool management in a separate class
>>  - Ignore DestroyFailedExceptions
>>  - Remove outdated TODO
>>  - Remove outdated TODO
>>  - ... and 489 more: https://git.openjdk.org/jdk/compare/65fda5c0...a5a0c7f8
>
> src/java.base/share/classes/sun/security/ssl/SSLAlgorithmConstraints.java 
> line 247:
> 
>> 245:         if (quicEngine != null) {
>> 246:             if (quicEngine instanceof QuicTLSEngineImpl engineImpl) {
>> 247:                 return engineImpl.getAlgorithmConstraints();
> 
> Any particular reason constraints selection code was moved to 
> `engineImpl.getAlgorithmConstraints()` and not kept in this file for 
> consistency with `SSLEngine` and `SSLSocket`?

Hello Artur, we currently don't expose the `HandshakeContext` outside of the 
`QuicTLSEngineImpl`. The `HandshakeContext` is what is needed to get the 
relevant user specified algorithm constraints. So I decided to let the 
`HandshakeContext` be an internal detail in `QuicTLSEngineImpl` and introduce 
the `getAlgorithmConstraints()` method on it. Do you think we should hand out 
the `HandshakeContext` outside of `QuicTLSEngineImpl`?

-------------

PR Review Comment: https://git.openjdk.org/jdk/pull/24751#discussion_r2166029169

Reply via email to