Use reference counting to avoid relying on GC to drop threads.

author: Henning Baldersheim <balder@yahoo-inc.com> 2020-04-23 16:47:57 +0000
committer: Henning Baldersheim <balder@yahoo-inc.com> 2020-04-23 16:47:57 +0000
commit: 1c6c89eb52ac80c583c0cd90efdd0784344af434 (patch)
tree: 6ba0107ec717751b28c446b283fe7d0975aa65d3 /security-utils/src/main/java/com/yahoo/security/tls/ConfigFileBasedTlsContext.java
parent: c58415566e23dcac5f0daa352f39f567a4d7b44f (diff)
1 files changed, 19 insertions, 6 deletions
diff --git a/security-utils/src/main/java/com/yahoo/security/tls/ConfigFileBasedTlsContext.java b/security-utils/src/main/java/com/yahoo/security/tls/ConfigFileBasedTlsContext.java
index 26dfbf9fd9f..9527d50f339 100644
--- a/security-utils/src/main/java/com/yahoo/security/tls/ConfigFileBasedTlsContext.java
+++ b/security-utils/src/main/java/com/yahoo/security/tls/ConfigFileBasedTlsContext.java
@@ -31,13 +31,17 @@ public class ConfigFileBasedTlsContext implements TlsContext {
 
     private static TlsManager getOrCreateTrustManager(Path tlsOptionsConfigFile) {
         synchronized (trustManagers) {
-            WeakReference<TlsManager> tlsManager = trustManagers.get(tlsOptionsConfigFile);
-            if (tlsManager == null || tlsManager.get() == null) {
-                TlsManager manager = new TlsManager(tlsOptionsConfigFile);
-                trustManagers.put(tlsOptionsConfigFile, new WeakReference<>(manager));
-                return manager;
+            WeakReference<TlsManager> tlsRef = trustManagers.get(tlsOptionsConfigFile);
+            TlsManager tlsManager = null;
+            if (tlsRef != null) {
+                tlsManager = tlsRef.get();
             }
-            return tlsManager.get();
+            if (tlsManager == null) {
+                tlsManager = new TlsManager(tlsOptionsConfigFile);
+                trustManagers.put(tlsOptionsConfigFile, new WeakReference<>(tlsManager));
+            }
+            tlsManager.addRef();
+            return tlsManager;
         }
     }
 
@@ -59,6 +63,15 @@ public class ConfigFileBasedTlsContext implements TlsContext {
     @Override public SSLParameters parameters() { return tlsContext.parameters(); }
     @Override public SSLEngine createSslEngine() { return tlsContext.createSslEngine(); }
     @Override public SSLEngine createSslEngine(String peerHost, int peerPort) { return tlsContext.createSslEngine(peerHost, peerPort); }
+    @Override public void close() {
+        synchronized (trustManagers) {
+            int references = tlsManager.subRef();
+            if (references == 0) {
+                tlsManager.close();
+                trustManagers.remove(tlsManager.getTlsConfigFile());
+            }
+        }
+    }
 
     private static DefaultTlsContext createDefaultTlsContext(TransportSecurityOptions options,
                                                              AuthorizationMode mode,
author	Henning Baldersheim <balder@yahoo-inc.com>	2020-04-23 16:47:57 +0000
committer	Henning Baldersheim <balder@yahoo-inc.com>	2020-04-23 16:47:57 +0000
commit	1c6c89eb52ac80c583c0cd90efdd0784344af434 (patch)
tree	6ba0107ec717751b28c446b283fe7d0975aa65d3 /security-utils/src/main/java/com/yahoo/security/tls/ConfigFileBasedTlsContext.java
parent	c58415566e23dcac5f0daa352f39f567a4d7b44f (diff)