On Tue, 14 Jul 2026 08:35:00 GMT, Andreas Chmielewski 
<[email protected]> wrote:

>> https://bugs.openjdk.org/browse/JDK-8387124
>> 
>> The test times out. This change increases the timeout based on the relative
>> execution time of DisabledAlgorithms.java.
>> 
>> Execution times on my system:
>>   DisabledAlgorithms.java            ~11 s (timeout = 480)
>>   BulkCipherDisabledAlgorithms.java  ~53 s
>> 
>> Using the same ratio would result in a timeout of approximately 2300 seconds.
>> To avoid setting such a high value, the timeout was reduced and set to 1200,
>> which should still provide sufficient margin.
>> 
>> ---------
>> - [x] I confirm that I make this contribution in accordance with the 
>> [OpenJDK Interim AI Policy](https://openjdk.org/legal/ai).
>
> Andreas Chmielewski has updated the pull request incrementally with one 
> additional commit since the last revision:
> 
>   Remove unused imports

test/jdk/javax/net/ssl/ciphersuites/BulkCipherDisabledAlgorithms.java line 1:

> 1: /*

While this reduces the number of VMs spawned, 90 VMs are still spawned. I think 
there is still some redundancy that can be eliminated.

This test is very comprehensive, in that it tests the disabling of every cipher 
suite by the full name and its bulk cipher algorithm. However, the  logic 
involved in disabling the full cipher suite name 
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is the same as disabling 
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 or any other suite name, it is just a match 
on the cipher suite name. I don't think it is necessary to test the disabling 
of every suite which uses the same logic. Probably one suite for TLS 1.2 and 
one for TLS 1.3 would be sufficient.

For the bulk cipher algorithm, there is also some redundancy. Probably testing 
one suite per bulk cipher for each protocol (1.2 and 1.3) would be sufficient, 
but some redundancy here is probably fine as this was the main issue that we 
needed a test for.

-------------

PR Review Comment: https://git.openjdk.org/jdk/pull/31812#discussion_r3588234185

Reply via email to