From d92d92a92301cbe6cea86808722c147016b1afbe Mon Sep 17 00:00:00 2001 From: Norman Maurer Date: Fri, 25 Sep 2020 19:12:28 +0200 Subject: [PATCH] Filter out duplicates before trying to find the alias to use (#10612) Motivation: Calling chooseServerAlias(...) may be expensive so we should ensure we not call it multiple times for the same auth methods. Modifications: Remove duplicated from authMethods before trying to call chooseServerAlias(...) Result: Less performance overhead during key material selection --- .../netty/handler/ssl/OpenSslKeyMaterialManager.java | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/handler/src/main/java/io/netty/handler/ssl/OpenSslKeyMaterialManager.java b/handler/src/main/java/io/netty/handler/ssl/OpenSslKeyMaterialManager.java index 8872c3466f..196a419733 100644 --- a/handler/src/main/java/io/netty/handler/ssl/OpenSslKeyMaterialManager.java +++ b/handler/src/main/java/io/netty/handler/ssl/OpenSslKeyMaterialManager.java @@ -21,8 +21,10 @@ import javax.net.ssl.X509KeyManager; import javax.security.auth.x500.X500Principal; import java.security.PrivateKey; import java.security.cert.X509Certificate; +import java.util.Collections; import java.util.HashMap; import java.util.HashSet; +import java.util.LinkedHashSet; import java.util.Map; import java.util.Set; @@ -68,8 +70,12 @@ final class OpenSslKeyMaterialManager { if (authMethods.length == 0) { return; } - Set aliases = new HashSet<>(authMethods.length); - for (String authMethod : authMethods) { + // authMethods may contain duplicates but call chooseServerAlias(...) may be expensive. So let's ensure + // we filter out duplicates. + Set authMethodsSet = new LinkedHashSet<>(authMethods.length); + Collections.addAll(authMethodsSet, authMethods); + Set aliases = new HashSet<>(authMethodsSet.size()); + for (String authMethod : authMethodsSet) { String type = KEY_TYPES.get(authMethod); if (type != null) { String alias = chooseServerAlias(engine, type);