-
CSR
-
Resolution: Approved
-
P3
-
behavioral
-
low
-
The current garbage collection based preexisting socket clean up is not reliable. Applications could and should close sockets explicitly and not rely on garbage collection.
-
Java API
-
JDK
Summary
Remove finalizer implementation in SSLSocket
.
Problem
java.lang.Object.finalize
has been deprecated for removal as part of JEP 421. Finalizers should be removed or converted to use java.lang.ref.Cleaner
.
Solution
Remove the SSLSocket
finalizer, which has been implemented in sun.security.ssl.BaseSSLSocketImpl.finalize()
for many releases.
BaseSSLSocketImpl
is an extension of javax.net.ssl.SSLSocket
, and is the super class of the actual implementation sun.security.ssl.SSLSocketImpl
. The BaseSSLSocketImpl,finalize()
was written to ensure that SSL/TLS connections were shutdown as clearly as possible, in case applications forget to properly close.
The finalizer served two purposes:
- release the native resources allocated for the socket connection, and
- send a TLS close_notify message so that the connection could be closed gracefully in case the application did not close the
Socket
itself.
The java.net.Socket implementation has been updated to release the native resources by using java.lang.ref.Cleaner
s. As SSLSocket
and BaseSSLSocketImpl
are sub-classes of java.net.Socket
, the underlying native resources are handled by the Socket
Cleaner
, so it is not necessary to repeat the release in the SSLSocket
implementation any longer. With this update, there is no behavioral update for native resources releasing.
The behavioral change of this update is about the sending TLS close_notify message during finalization, which previously might have been sent under certain circumstances. With this update, the close_notify message will not be sent during finalization.
Note that an SSLSocket
object could be constructed over an existing connected socket (layered socket). If and only if the preexisting socket was an instance of SSLSocket
, a close_notify would be sent so as to clean up the preexisting socket.
Not closing properly is more properly an error condition that should be avoided. Applications should close sockets and not rely on garbage collection. Based on that, we propose to remove the finalize()
implementation completely.
For the removal, here is a summary of the behavioral changes.
- The underlying native resources are handled by the socket
Cleaner
. No behavioral changes on this point. - If the TLS connection is not constructed using an existing connected socket, no behavioral changes.
- If the TLS connection is constructed using an existing connected socket, and the preexisting socket is NOT an instance of
SSLSocket
, no behavioral changes. - If the TLS connection is constructed using an existing connected socket, and the preexisting socket is an instance of
SSLSocket
, with the removing of thefinalize()
method, the TLS close_notify message will not be sent and the preexisting socket will not be cleaned up unless applications close sockets explicitly.
Because of garbage collection behavior, garbage collection based preexisting socket cleanup is not reliable and cannot be relied on for serious applications. As far as I know, we have not heard any complaints on this point. It may imply that the behavior changes introduced in #4 may be limited.
Specification
No specification changes. A release note will be added.
- csr of
-
JDK-8212136 Remove finalizer implementation in SSLSocketImpl
-
- Resolved
-