Revert "Use reference counting to avoid relying on GC to drop threads."

This reverts commit 1c6c89eb52ac80c583c0cd90efdd0784344af434.

2 files changed, 8 insertions, 36 deletions

diff --git a/security-utils/src/main/java/com/yahoo/security/tls/ConfigFileBasedTlsContext.java b/security-utils/src/main/java/com/yahoo/security/tls/ConfigFileBasedTlsContext.java
index 9527d50f339..26dfbf9fd9f 100644
--- a/security-utils/src/main/java/com/yahoo/security/tls/ConfigFileBasedTlsContext.java
+++ b/security-utils/src/main/java/com/yahoo/security/tls/ConfigFileBasedTlsContext.java
@@ -31,17 +31,13 @@ public class ConfigFileBasedTlsContext implements TlsContext {
 
     private static TlsManager getOrCreateTrustManager(Path tlsOptionsConfigFile) {
         synchronized (trustManagers) {
-            WeakReference<TlsManager> tlsRef = trustManagers.get(tlsOptionsConfigFile);
-            TlsManager tlsManager = null;
-            if (tlsRef != null) {
-                tlsManager = tlsRef.get();
+            WeakReference<TlsManager> tlsManager = trustManagers.get(tlsOptionsConfigFile);
+            if (tlsManager == null || tlsManager.get() == null) {
+                TlsManager manager = new TlsManager(tlsOptionsConfigFile);
+                trustManagers.put(tlsOptionsConfigFile, new WeakReference<>(manager));
+                return manager;
             }
-            if (tlsManager == null) {
-                tlsManager = new TlsManager(tlsOptionsConfigFile);
-                trustManagers.put(tlsOptionsConfigFile, new WeakReference<>(tlsManager));
-            }
-            tlsManager.addRef();
-            return tlsManager;
+            return tlsManager.get();
         }
     }
 
@@ -63,15 +59,6 @@ public class ConfigFileBasedTlsContext implements TlsContext {
     @Override public SSLParameters parameters() { return tlsContext.parameters(); }
     @Override public SSLEngine createSslEngine() { return tlsContext.createSslEngine(); }
     @Override public SSLEngine createSslEngine(String peerHost, int peerPort) { return tlsContext.createSslEngine(peerHost, peerPort); }
-    @Override public void close() {
-        synchronized (trustManagers) {
-            int references = tlsManager.subRef();
-            if (references == 0) {
-                tlsManager.close();
-                trustManagers.remove(tlsManager.getTlsConfigFile());
-            }
-        }
-    }
 
     private static DefaultTlsContext createDefaultTlsContext(TransportSecurityOptions options,
                                                              AuthorizationMode mode,
diff --git a/security-utils/src/main/java/com/yahoo/security/tls/TlsManager.java b/security-utils/src/main/java/com/yahoo/security/tls/TlsManager.java
index c2286c3e8ac..bade1993982 100644
--- a/security-utils/src/main/java/com/yahoo/security/tls/TlsManager.java
+++ b/security-utils/src/main/java/com/yahoo/security/tls/TlsManager.java
@@ -16,7 +16,6 @@ import java.util.concurrent.Executors;
 import java.util.concurrent.ScheduledExecutorService;
 import java.util.concurrent.ThreadFactory;
 import java.util.concurrent.TimeUnit;
-import java.util.concurrent.atomic.AtomicInteger;
 import java.util.logging.Level;
 import java.util.logging.Logger;
 
@@ -24,12 +23,10 @@ class TlsManager {
     private static final Logger log = Logger.getLogger(TlsManager.class.getName());
     private static final Duration UPDATE_PERIOD = Duration.ofHours(1);
 
-    private final Path tlsConfigFile;
     private final MutableX509TrustManager trustManager;
     private final MutableX509KeyManager keyManager;
     private final ScheduledExecutorService scheduler;
     private TransportSecurityOptions options;
-    private final AtomicInteger references = new AtomicInteger(0);
 
     private static void reloadTrustManager(TransportSecurityOptions options, MutableX509TrustManager trustManager) {
         if (options.getCaCertificatesFile().isPresent()) {
@@ -89,13 +86,13 @@ class TlsManager {
             try {
                 TlsManager tlsManager = this.tlsManager.get();
                 if (tlsManager == null) {
-                    // If reference count is done correctly this should not be necessary.
                     scheduler.shutdown();
                     return;
                 }
                 TransportSecurityOptions options = TransportSecurityOptions.fromJsonFile(tlsOptionsConfigFile);
                 reloadTrustManager(options, tlsManager.getTrustManager());
-                reloadKeyManager(options, tlsManager.getKeyManager());
+                MutableX509KeyManager keyManager = tlsManager.getKeyManager();
+                reloadKeyManager(options, keyManager);
             } catch (Throwable t) {
                 log.log(Level.SEVERE, String.format("Failed to reload crypto material (path='%s'): %s", tlsOptionsConfigFile, t.getMessage()), t);
             }
@@ -117,7 +114,6 @@ class TlsManager {
     }
 
     TlsManager(Path tlsOptionsConfigFile) {
-        tlsConfigFile = tlsOptionsConfigFile;
         trustManager = new MutableX509TrustManager();
         keyManager = new MutableX509KeyManager();
         options = TransportSecurityOptions.fromJsonFile(tlsOptionsConfigFile);
@@ -137,18 +133,7 @@ class TlsManager {
         return keyManager;
     }
 
-    Path getTlsConfigFile() {
-        return tlsConfigFile;
-    }
-
     TransportSecurityOptions getOptions() {
         return options;
     }
-
-    void close() {
-        scheduler.shutdown();
-    }
-
-    int addRef() { return references.incrementAndGet(); }
-    int subRef() { return references.decrementAndGet(); }
 }