diff options
author | jonmv <venstad@gmail.com> | 2023-06-27 10:32:57 +0200 |
---|---|---|
committer | jonmv <venstad@gmail.com> | 2023-06-27 10:32:57 +0200 |
commit | 16a5e8e11248c4a9e6c00421ba30caca8a1e46eb (patch) | |
tree | 3c525f06528b51912af58947c158d2e4779cca11 | |
parent | 3a066100ef96ffd3ac73d1d06096c98da077f296 (diff) |
Short-cut re-acquiring ordered locks
-rw-r--r-- | node-repository/src/main/java/com/yahoo/vespa/hosted/provision/node/Nodes.java | 3 | ||||
-rw-r--r-- | security-utils/src/main/java/com/yahoo/security/tls/PeerAuthorizer.java | 14 |
2 files changed, 6 insertions, 11 deletions
diff --git a/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/node/Nodes.java b/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/node/Nodes.java index 490e7b9ac33..003e85f6404 100644 --- a/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/node/Nodes.java +++ b/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/node/Nodes.java @@ -984,7 +984,8 @@ public class Nodes { for (NodeMutex node : outOfOrder) unlocked.add(node.node()); outOfOrder.clear(); - Mutex lock = lock(next, budget.timeLeftOrThrow()); + boolean nextLockSameAsPrevious = ! locked.isEmpty() && applicationIdForLock(locked.last().node()).equals(applicationIdForLock(next)); + Mutex lock = nextLockSameAsPrevious ? () -> { } : lock(next, budget.timeLeftOrThrow()); try { Optional<Node> fresh = node(next.hostname()); if (fresh.isEmpty()) { diff --git a/security-utils/src/main/java/com/yahoo/security/tls/PeerAuthorizer.java b/security-utils/src/main/java/com/yahoo/security/tls/PeerAuthorizer.java index d0e1a33fcac..7c798eddab1 100644 --- a/security-utils/src/main/java/com/yahoo/security/tls/PeerAuthorizer.java +++ b/security-utils/src/main/java/com/yahoo/security/tls/PeerAuthorizer.java @@ -58,16 +58,10 @@ public class PeerAuthorizer { } private static boolean matchesRequiredCredentials(RequiredPeerCredential requiredCredential, String cn, List<String> sans) { - switch (requiredCredential.field()) { - case CN: - return cn != null && requiredCredential.pattern().matches(cn); - case SAN_DNS: - case SAN_URI: - return sans.stream() - .anyMatch(san -> requiredCredential.pattern().matches(san)); - default: - throw new RuntimeException("Unknown field: " + requiredCredential.field()); - } + return switch (requiredCredential.field()) { + case CN -> cn != null && requiredCredential.pattern().matches(cn); + case SAN_DNS, SAN_URI -> sans.stream().anyMatch(san -> requiredCredential.pattern().matches(san)); + }; } private static List<String> getSubjectAlternativeNames(X509Certificate peerCertificate) { |