Hi, Please review this simple fix for JDK-8146725.
In the SignatureAndHashAlgorithm.getSupportedAlgorithms() method, there is a synchronization block on a static final collection, priorityMap. The priorityMap would not get update any more after the instantiation. The synchronization is not actually necessary. See the attack diff for the fix. No new regression test. Thanks, Xuelei
--- a/src/java.base/share/classes/sun/security/ssl/SignatureAndHashAlgorithm.java +++ b/src/java.base/share/classes/sun/security/ssl/SignatureAndHashAlgorithm.java @@ -153,13 +153,11 @@ getSupportedAlgorithms(AlgorithmConstraints constraints) { Collection<SignatureAndHashAlgorithm> supported = new ArrayList<>(); - synchronized (priorityMap) { - for (SignatureAndHashAlgorithm sigAlg : priorityMap.values()) { - if (sigAlg.priority <= SUPPORTED_ALG_PRIORITY_MAX_NUM && - constraints.permits(SIGNATURE_PRIMITIVE_SET, - sigAlg.algorithm, null)) { - supported.add(sigAlg); - } + for (SignatureAndHashAlgorithm sigAlg : priorityMap.values()) { + if (sigAlg.priority <= SUPPORTED_ALG_PRIORITY_MAX_NUM && + constraints.permits(SIGNATURE_PRIMITIVE_SET, + sigAlg.algorithm, null)) { + supported.add(sigAlg); } }