8285504: Minor cleanup could be done in javax.net

Reviewed-by: wetmore

src/java.base/share/classes/javax/net/ServerSocketFactory.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2007, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2022, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -195,7 +195,7 @@ public abstract class ServerSocketFactory
 
 
 //
-// The default factory has NO intelligence.  In fact it's not clear
+// The default factory has NO intelligence.  In fact, it's not clear
 // what sort of intelligence servers need; the onus is on clients,
 // who have to know how to tunnel etc.
 //

src/java.base/share/classes/javax/net/ssl/HandshakeCompletedEvent.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2020, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2022, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -32,7 +32,7 @@ import java.security.cert.X509Certificate;
 
 /**
  * This event indicates that an SSL handshake completed on a given
- * SSL connection.  All of the core information about that handshake's
+ * SSL connection.  All the core information about that handshake's
  * result is captured through an "SSLSession" object.  As a convenience,
  * this event class provides direct access to some important session
  * attributes.
@@ -52,7 +52,7 @@ public class HandshakeCompletedEvent extends EventObject
     @java.io.Serial
     private static final long serialVersionUID = 7914963744257769778L;
 
-    private transient SSLSession session;
+    private final transient SSLSession session;
 
     /**
      * Constructs a new HandshakeCompletedEvent.

src/java.base/share/classes/javax/net/ssl/HostnameVerifier.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2001, 2012, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2001, 2022, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -52,5 +52,5 @@ public interface HostnameVerifier {
      * @param session SSLSession used on the connection to host
      * @return true if the host name is acceptable
      */
-    public boolean verify(String hostname, SSLSession session);
+    boolean verify(String hostname, SSLSession session);
 }

src/java.base/share/classes/javax/net/ssl/KeyManagerFactory.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2021, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2022, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -42,13 +42,13 @@ import sun.security.jca.GetInstance;
  */
 public class KeyManagerFactory {
     // The provider
-    private Provider provider;
+    private final Provider provider;
 
     // The provider implementation (delegate)
-    private KeyManagerFactorySpi factorySpi;
+    private final KeyManagerFactorySpi factorySpi;
 
     // The name of the key management algorithm.
-    private String algorithm;
+    private final String algorithm;
 
     /**
      * Obtains the default KeyManagerFactory algorithm name.
@@ -63,15 +63,10 @@ public class KeyManagerFactory {
      *          implementation-specific default if no such property exists.
      */
     @SuppressWarnings("removal")
-    public static final String getDefaultAlgorithm() {
+    public static String getDefaultAlgorithm() {
         String type;
-        type = AccessController.doPrivileged(new PrivilegedAction<>() {
+        type = AccessController.doPrivileged((PrivilegedAction<String>) () ->
-            @Override
+            Security.getProperty("ssl.KeyManagerFactory.algorithm"));
-            public String run() {
-                return Security.getProperty(
-                    "ssl.KeyManagerFactory.algorithm");
-            }
-        });
         if (type == null) {
             type = "SunX509";
         }
@@ -123,7 +118,7 @@ public class KeyManagerFactory {
      * {@code jdk.security.provider.preferred}
      * {@link Security#getProperty(String) Security} property to determine
      * the preferred provider order for the specified algorithm. This
-     * may be different than the order of providers returned by
+     * may be different from the order of providers returned by
      * {@link Security#getProviders() Security.getProviders()}.
      *
      * @param algorithm the standard name of the requested algorithm.

src/java.base/share/classes/javax/net/ssl/KeyStoreBuilderParameters.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2022, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -69,7 +69,7 @@ public class KeyStoreBuilderParameters implements ManagerFactoryParameters {
         }
 
         this.parameters = Collections.unmodifiableList(
-            new ArrayList<Builder>(parameters));
+            new ArrayList<>(parameters));
     }
 
     /**

src/java.base/share/classes/javax/net/ssl/SNIHostName.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012, 2021, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2012, 2022, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -255,7 +255,7 @@ public final class SNIHostName extends SNIServerName {
      *     "type=host_name (0), value={@literal <hostname>}"
      * </pre>
      * The "{@literal <hostname>}" is an ASCII representation of the hostname,
-     * which may contains A-labels.  For example, a returned value of an pseudo
+     * which may contain A-labels.  For example, a returned value of a pseudo
      * hostname may look like:
      * <pre>
      *     "type=host_name (0), value=www.example.com"

src/java.base/share/classes/javax/net/ssl/SNIServerName.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012, 2021, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2012, 2022, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -161,7 +161,7 @@ public abstract class SNIServerName {
      * name, and INTEGER is the integer value of the name type.  The format
      * of "{@literal <name value>}" is "XX:...:XX", where "XX" is the
      * hexadecimal digit representation of a byte value. For example, a
-     * returned value of an pseudo server name may look like:
+     * returned value of a pseudo server name may look like:
      * <pre>
      *     "type=(31), value=77:77:77:2E:65:78:61:6D:70:6C:65:2E:63:6E"
      * </pre>

src/java.base/share/classes/javax/net/ssl/SSLContext.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2021, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2022, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -159,7 +159,7 @@ public class SSLContext {
      * {@code jdk.security.provider.preferred}
      * {@link Security#getProperty(String) Security} property to determine
      * the preferred provider order for the specified algorithm. This
-     * may be different than the order of providers returned by
+     * may be different from the order of providers returned by
      * {@link Security#getProviders() Security.getProviders()}.
      *
      * @param protocol the standard name of the requested protocol.

src/java.base/share/classes/javax/net/ssl/SSLEngine.java

@@ -68,7 +68,7 @@ import java.util.function.BiFunction;
  * using the {@link #getSession()} method.
  * <P>
  * The {@code SSLSocket} class provides much of the same security
- * functionality, but all of the inbound and outbound data is
+ * functionality, but all the inbound and outbound data is
  * automatically transported using the underlying {@link
  * java.net.Socket Socket}, which by design uses a blocking model.
  * While this is appropriate for many applications, this model does not
@@ -870,7 +870,7 @@ public abstract class SSLEngine {
      * accept any more inbound data messages.
      *
      * @return  true if the {@code SSLEngine} will not
-     *          consume anymore network data (and by implication,
+     *          consume any more network data (and by implication,
      *          will not produce any more application data.)
      * @see     #closeInbound()
      */
@@ -974,7 +974,7 @@ public abstract class SSLEngine {
      * for a certain cipher suite.
      * <P>
      * See {@link #getEnabledCipherSuites()} for more information
-     * on why a specific cipher suite may never be used on a engine.
+     * on why a specific cipher suite may never be used on an engine.
      *
      * @param   suites Names of all the cipher suites to enable
      * @throws  IllegalArgumentException when one or more of the ciphers
@@ -1031,7 +1031,7 @@ public abstract class SSLEngine {
      * Returns the {@code SSLSession} in use in this
      * {@code SSLEngine}.
      * <P>
-     * These can be long lived, and frequently correspond to an entire
+     * These can be long-lived, and frequently correspond to an entire
      * login session for some user.  The session specifies a particular
      * cipher suite which is being actively used by all connections in
      * that session, as well as the identities of the session's client
@@ -1336,10 +1336,8 @@ public abstract class SSLEngine {
         }
         if (params.getNeedClientAuth()) {
             setNeedClientAuth(true);
-        } else if (params.getWantClientAuth()) {
-            setWantClientAuth(true);
         } else {
-            setWantClientAuth(false);
+            setWantClientAuth(params.getWantClientAuth());
         }
     }
 

src/java.base/share/classes/javax/net/ssl/SSLEngineResult.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2021, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2022, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -62,7 +62,7 @@ public class SSLEngineResult {
      * @author Brad R. Wetmore
      * @since 1.5
      */
-    public static enum Status {
+    public enum Status {
 
         /**
          * The {@code SSLEngine} was not able to unwrap the
@@ -97,7 +97,7 @@ public class SSLEngineResult {
          * {@code SSLEngine}, or the operation
          * could not be completed because it was already closed.
          */
-        CLOSED;
+        CLOSED
     }
 
     /**
@@ -107,7 +107,7 @@ public class SSLEngineResult {
      * @author Brad R. Wetmore
      * @since 1.5
      */
-    public static enum HandshakeStatus {
+    public enum HandshakeStatus {
 
         /**
          * The {@code SSLEngine} is not currently handshaking.
@@ -163,7 +163,7 @@ public class SSLEngineResult {
          *
          * @since   9
          */
-        NEED_UNWRAP_AGAIN;
+        NEED_UNWRAP_AGAIN
     }
 
 

src/java.base/share/classes/javax/net/ssl/SSLServerSocket.java

@@ -109,7 +109,7 @@ public abstract class SSLServerSocket extends ServerSocket {
      * The <code>backlog</code> argument is the requested maximum number of
      * pending connections on the socket. Its exact semantics are implementation
      * specific. In particular, an implementation may impose a maximum length
-     * or may choose to ignore the parameter altogther. The value provided
+     * or may choose to ignore the parameter altogether. The value provided
      * should be greater than <code>0</code>. If it is less than or equal to
      * <code>0</code>, then an implementation specific default will be used.
      * <P>
@@ -154,7 +154,7 @@ public abstract class SSLServerSocket extends ServerSocket {
      * The <code>backlog</code> argument is the requested maximum number of
      * pending connections on the socket. Its exact semantics are implementation
      * specific. In particular, an implementation may impose a maximum length
-     * or may choose to ignore the parameter altogther. The value provided
+     * or may choose to ignore the parameter altogether. The value provided
      * should be greater than <code>0</code>. If it is less than or equal to
      * <code>0</code>, then an implementation specific default will be used.
      * <P>
@@ -238,7 +238,7 @@ public abstract class SSLServerSocket extends ServerSocket {
      * @see #getSupportedCipherSuites()
      * @see #getEnabledCipherSuites()
      */
-    public abstract void setEnabledCipherSuites(String suites []);
+    public abstract void setEnabledCipherSuites(String[] suites);
 
 
     /**
@@ -309,7 +309,7 @@ public abstract class SSLServerSocket extends ServerSocket {
      * @see #getEnabledProtocols()
      * @see #getSupportedProtocols()
      */
-    public abstract void setEnabledProtocols(String protocols[]);
+    public abstract void setEnabledProtocols(String[] protocols);
 
 
     /**
@@ -545,10 +545,8 @@ public abstract class SSLServerSocket extends ServerSocket {
 
         if (params.getNeedClientAuth()) {
             setNeedClientAuth(true);
-        } else if (params.getWantClientAuth()) {
-            setWantClientAuth(true);
         } else {
-            setWantClientAuth(false);
+            setWantClientAuth(params.getWantClientAuth());
         }
     }
 

src/java.base/share/classes/javax/net/ssl/SSLSession.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2020, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2022, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -70,7 +70,7 @@ public interface SSLSession {
      *
      * @return the Session identifier
      */
-    public byte[] getId();
+    byte[] getId();
 
 
     /**
@@ -91,7 +91,7 @@ public interface SSLSession {
      * @return the session context used for this session, or null
      * if the context is unavailable.
      */
-    public SSLSessionContext getSessionContext();
+    SSLSessionContext getSessionContext();
 
 
     /**
@@ -100,7 +100,7 @@ public interface SSLSession {
      *
      * @return the time this Session was created
      */
-    public long getCreationTime();
+    long getCreationTime();
 
 
     /**
@@ -119,7 +119,7 @@ public interface SSLSession {
      *
      * @return the last time this Session was accessed
      */
-    public long getLastAccessedTime();
+    long getLastAccessedTime();
 
 
     /**
@@ -132,7 +132,7 @@ public interface SSLSession {
      *
      * @see #isValid()
      */
-    public void invalidate();
+    void invalidate();
 
 
     /**
@@ -144,7 +144,7 @@ public interface SSLSession {
      *
      * @since 1.5
      */
-    public boolean isValid();
+    boolean isValid();
 
 
     /**
@@ -166,7 +166,7 @@ public interface SSLSession {
      * @param value the data object to be bound. This may not be null.
      * @throws IllegalArgumentException if either argument is null.
      */
-    public void putValue(String name, Object value);
+    void putValue(String name, Object value);
 
 
     /**
@@ -181,7 +181,7 @@ public interface SSLSession {
      *          not exist.
      * @throws IllegalArgumentException if the argument is null.
      */
-    public Object getValue(String name);
+    Object getValue(String name);
 
 
     /**
@@ -198,7 +198,7 @@ public interface SSLSession {
      *          across different access control contexts
      * @throws IllegalArgumentException if the argument is null.
      */
-    public void removeValue(String name);
+    void removeValue(String name);
 
 
     /**
@@ -211,7 +211,7 @@ public interface SSLSession {
      * @return a non-null (possibly empty) array of names of the objects
      *  bound to this Session.
      */
-    public String [] getValueNames();
+    String [] getValueNames();
 
     /**
      * Returns the identity of the peer which was established as part
@@ -231,7 +231,7 @@ public interface SSLSession {
      *          been verified
      * @see #getPeerPrincipal()
      */
-    public java.security.cert.Certificate [] getPeerCertificates()
+    java.security.cert.Certificate [] getPeerCertificates()
             throws SSLPeerUnverifiedException;
 
     /**
@@ -254,7 +254,7 @@ public interface SSLSession {
      *
      * @see #getLocalPrincipal()
      */
-    public java.security.cert.Certificate [] getLocalCertificates();
+    java.security.cert.Certificate [] getLocalCertificates();
 
     /**
      * Returns the identity of the peer which was identified as part
@@ -291,7 +291,7 @@ public interface SSLSession {
      */
     @SuppressWarnings("removal")
     @Deprecated(since="9", forRemoval=true)
-    public default javax.security.cert.X509Certificate[]
+    default javax.security.cert.X509Certificate[]
             getPeerCertificateChain() throws SSLPeerUnverifiedException {
         throw new UnsupportedOperationException(
              "This method is deprecated and marked for removal. Use the " +
@@ -314,7 +314,7 @@ public interface SSLSession {
      *
      * @since 1.5
      */
-    public Principal getPeerPrincipal()
+    Principal getPeerPrincipal()
             throws SSLPeerUnverifiedException;
 
     /**
@@ -330,7 +330,7 @@ public interface SSLSession {
      *
      * @since 1.5
      */
-    public Principal getLocalPrincipal();
+    Principal getLocalPrincipal();
 
     /**
      * Returns the name of the SSL cipher suite which is used for all
@@ -342,7 +342,7 @@ public interface SSLSession {
      *
      * @return the name of the session's cipher suite
      */
-    public String getCipherSuite();
+    String getCipherSuite();
 
     /**
      * Returns the standard name of the protocol used for all
@@ -353,7 +353,7 @@ public interface SSLSession {
      * @return the standard name of the protocol used for all
      * connections in the session.
      */
-    public String getProtocol();
+    String getProtocol();
 
     /**
      * Returns the host name of the peer in this session.
@@ -373,7 +373,7 @@ public interface SSLSession {
      * @return  the host name of the peer host, or null if no information
      *          is available.
      */
-    public String getPeerHost();
+    String getPeerHost();
 
     /**
      * Returns the port number of the peer in this session.
@@ -390,7 +390,7 @@ public interface SSLSession {
      *
      * @since 1.5
      */
-    public int getPeerPort();
+    int getPeerPort();
 
     /**
      * Gets the current size of the largest SSL/TLS/DTLS packet that is
@@ -409,7 +409,7 @@ public interface SSLSession {
      *
      * @since 1.5
      */
-    public int getPacketBufferSize();
+    int getPacketBufferSize();
 
 
     /**
@@ -428,5 +428,5 @@ public interface SSLSession {
      *
      * @since 1.5
      */
-    public int getApplicationBufferSize();
+    int getApplicationBufferSize();
 }

src/java.base/share/classes/javax/net/ssl/SSLSessionBindingEvent.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2019, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2022, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -34,7 +34,7 @@ import java.util.EventObject;
  * When a listener object is bound or unbound to an SSLSession by
  * {@link SSLSession#putValue(String, Object)}
  * or {@link SSLSession#removeValue(String)}, objects which
- * implement the SSLSessionBindingListener will be receive an
+ * implement the SSLSessionBindingListener will receive an
  * event of this type.  The event's <code>name</code> field is the
  * key in which the listener is being bound or unbound.
  *
@@ -55,7 +55,7 @@ extends EventObject
     /**
      * @serial The name to which the object is being bound or unbound
      */
-    private String name;
+    private final String name;
 
     /**
      * Constructs a new SSLSessionBindingEvent.

src/java.base/share/classes/javax/net/ssl/SSLSessionBindingListener.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2001, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2022, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -53,7 +53,7 @@ extends EventListener
      * @param event the event identifying the SSLSession into
      *          which the listener is being bound.
      */
-    public void valueBound(SSLSessionBindingEvent event);
+    void valueBound(SSLSessionBindingEvent event);
 
     /**
      * This is called to notify the listener that it is being unbound
@@ -62,5 +62,5 @@ extends EventListener
      * @param event the event identifying the SSLSession from
      *          which the listener is being unbound.
      */
-    public void valueUnbound(SSLSessionBindingEvent event);
+    void valueUnbound(SSLSessionBindingEvent event);
 }

src/java.base/share/classes/javax/net/ssl/SSLSessionContext.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2019, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2022, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -69,7 +69,7 @@ public interface SSLSessionContext {
      *
      * @throws NullPointerException if <code>sessionId</code> is null.
      */
-    public SSLSession getSession(byte[] sessionId);
+    SSLSession getSession(byte[] sessionId);
 
     /**
      * Returns an Enumeration of all known session id's grouped under this
@@ -79,7 +79,7 @@ public interface SSLSessionContext {
      *
      * @return an enumeration of all the Session id's
      */
-    public Enumeration<byte[]> getIds();
+    Enumeration<byte[]> getIds();
 
     /**
      * Sets the timeout limit for <code>SSLSession</code> objects grouped
@@ -106,8 +106,7 @@ public interface SSLSessionContext {
      *
      * @see #getSessionTimeout
      */
-    public void setSessionTimeout(int seconds)
+    void setSessionTimeout(int seconds);
-                 throws IllegalArgumentException;
 
     /**
      * Returns the timeout limit of <code>SSLSession</code> objects grouped
@@ -131,7 +130,7 @@ public interface SSLSessionContext {
      *
      * @see #setSessionTimeout
      */
-    public int getSessionTimeout();
+    int getSessionTimeout();
 
     /**
      * Sets the size of the cache used for storing <code>SSLSession</code>
@@ -150,8 +149,7 @@ public interface SSLSessionContext {
      *
      * @see #getSessionCacheSize
      */
-    public void setSessionCacheSize(int size)
+    void setSessionCacheSize(int size);
-                 throws IllegalArgumentException;
 
     /**
      * Returns the size of the cache used for storing <code>SSLSession</code>
@@ -167,5 +165,5 @@ public interface SSLSessionContext {
      *
      * @see #setSessionCacheSize
      */
-    public int getSessionCacheSize();
+    int getSessionCacheSize();
 }

src/java.base/share/classes/javax/net/ssl/SSLSocket.java

@@ -392,7 +392,7 @@ public abstract class SSLSocket extends Socket
      * @see #getSupportedCipherSuites()
      * @see #getEnabledCipherSuites()
      */
-    public abstract void setEnabledCipherSuites(String suites []);
+    public abstract void setEnabledCipherSuites(String[] suites);
 
 
     /**
@@ -433,12 +433,12 @@ public abstract class SSLSocket extends Socket
      *            when the protocols parameter is null.
      * @see #getEnabledProtocols()
      */
-    public abstract void setEnabledProtocols(String protocols[]);
+    public abstract void setEnabledProtocols(String[] protocols);
 
 
     /**
      * Returns the SSL Session in use by this connection.  These can
-     * be long lived, and frequently correspond to an entire login session
+     * be long-lived, and frequently correspond to an entire login session
      * for some user.  The session specifies a particular cipher suite
      * which is being actively used by all connections in that session,
      * as well as the identities of the session's client and server.
@@ -744,10 +744,8 @@ public abstract class SSLSocket extends Socket
         }
         if (params.getNeedClientAuth()) {
             setNeedClientAuth(true);
-        } else if (params.getWantClientAuth()) {
-            setWantClientAuth(true);
         } else {
-            setWantClientAuth(false);
+            setWantClientAuth(params.getWantClientAuth());
         }
     }
 

src/java.base/share/classes/javax/net/ssl/SSLSocketFactory.java

@@ -88,10 +88,8 @@ public abstract class SSLSocketFactory extends SocketFactory {
 
     @SuppressWarnings("removal")
     static String getSecurityProperty(final String name) {
-        return AccessController.doPrivileged(new PrivilegedAction<>() {
+        return AccessController.doPrivileged((PrivilegedAction<String>) () -> {
-            @Override
+            String s = Security.getProperty(name);
-            public String run() {
-                String s = java.security.Security.getProperty(name);
             if (s != null) {
                 s = s.trim();
                 if (s.isEmpty()) {
@@ -99,7 +97,6 @@ public abstract class SSLSocketFactory extends SocketFactory {
                 }
             }
             return s;
-            }
         });
     }
 
@@ -175,7 +172,7 @@ public abstract class SSLSocketFactory extends SocketFactory {
      * underlying {@link InputStream} should be loaded into the
      * {@code consumed} stream before this method is called, perhaps
      * using a {@link java.io.ByteArrayInputStream}.  When this
-     * {@link Socket} begins handshaking, it will read all of the data in
+     * {@link Socket} begins handshaking, it will read all the data in
      * {@code consumed} until it reaches {@code EOF}, then all further
      * data is read from the underlying {@link InputStream} as
      * usual.
@@ -256,7 +253,7 @@ public abstract class SSLSocketFactory extends SocketFactory {
 // file private
 class DefaultSSLSocketFactory extends SSLSocketFactory
 {
-    private Exception reason;
+    private final Exception reason;
 
     DefaultSSLSocketFactory(Exception reason) {
         this.reason = reason;

src/java.base/share/classes/javax/net/ssl/TrustManagerFactory.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2021, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2022, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -54,13 +54,13 @@ import sun.security.jca.GetInstance;
  */
 public class TrustManagerFactory {
     // The provider
-    private Provider provider;
+    private final Provider provider;
 
     // The provider implementation (delegate)
-    private TrustManagerFactorySpi factorySpi;
+    private final TrustManagerFactorySpi factorySpi;
 
     // The name of the trust management algorithm.
-    private String algorithm;
+    private final String algorithm;
 
     /**
      * Obtains the default TrustManagerFactory algorithm name.
@@ -75,15 +75,10 @@ public class TrustManagerFactory {
      * implementation-specific default if no such property exists.
      */
     @SuppressWarnings("removal")
-    public static final String getDefaultAlgorithm() {
+    public static String getDefaultAlgorithm() {
         String type;
-        type = AccessController.doPrivileged(new PrivilegedAction<>() {
+        type = AccessController.doPrivileged((PrivilegedAction<String>) () ->
-            @Override
+            Security.getProperty( "ssl.TrustManagerFactory.algorithm"));
-            public String run() {
-                return Security.getProperty(
-                    "ssl.TrustManagerFactory.algorithm");
-            }
-        });
         if (type == null) {
             type = "SunX509";
         }
@@ -137,7 +132,7 @@ public class TrustManagerFactory {
      * {@code jdk.security.provider.preferred}
      * {@link Security#getProperty(String) Security} property to determine
      * the preferred provider order for the specified algorithm. This
-     * may be different than the order of providers returned by
+     * may be different from the order of providers returned by
      * {@link Security#getProviders() Security.getProviders()}.
      *
      * @param algorithm the standard name of the requested trust management

src/java.base/share/classes/javax/net/ssl/X509KeyManager.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2016, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2022, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -62,7 +62,7 @@ public interface X509KeyManager extends KeyManager {
      * @return an array of the matching alias names, or null if there
      *          were no matches.
      */
-    public String[] getClientAliases(String keyType, Principal[] issuers);
+    String[] getClientAliases(String keyType, Principal[] issuers);
 
     /**
      * Choose an alias to authenticate the client side of a secure
@@ -80,7 +80,7 @@ public interface X509KeyManager extends KeyManager {
      * @return the alias name for the desired key, or null if there
      *          are no matches.
      */
-    public String chooseClientAlias(String[] keyType, Principal[] issuers,
+    String chooseClientAlias(String[] keyType, Principal[] issuers,
                              Socket socket);
 
     /**
@@ -94,7 +94,7 @@ public interface X509KeyManager extends KeyManager {
      * @return an array of the matching alias names, or null
      *          if there were no matches.
      */
-    public String[] getServerAliases(String keyType, Principal[] issuers);
+    String[] getServerAliases(String keyType, Principal[] issuers);
 
     /**
      * Choose an alias to authenticate the server side of a secure
@@ -111,7 +111,7 @@ public interface X509KeyManager extends KeyManager {
      * @return the alias name for the desired key, or null if there
      *          are no matches.
      */
-    public String chooseServerAlias(String keyType, Principal[] issuers,
+    String chooseServerAlias(String keyType, Principal[] issuers,
                              Socket socket);
 
     /**
@@ -122,7 +122,7 @@ public interface X509KeyManager extends KeyManager {
      *          and the root certificate authority last), or null
      *          if the alias can't be found.
      */
-    public X509Certificate[] getCertificateChain(String alias);
+    X509Certificate[] getCertificateChain(String alias);
 
     /**
      * Returns the key associated with the given alias.
@@ -130,5 +130,5 @@ public interface X509KeyManager extends KeyManager {
      * @param alias the alias name
      * @return the requested key, or null if the alias can't be found.
      */
-    public PrivateKey getPrivateKey(String alias);
+    PrivateKey getPrivateKey(String alias);
 }

src/java.base/share/classes/javax/net/ssl/X509TrustManager.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2005, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2022, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -55,7 +55,7 @@ public interface X509TrustManager extends TrustManager {
      * @throws CertificateException if the certificate chain is not trusted
      *         by this TrustManager.
      */
-    public void checkClientTrusted(X509Certificate[] chain, String authType)
+    void checkClientTrusted(X509Certificate[] chain, String authType)
         throws CertificateException;
 
     /**
@@ -81,7 +81,7 @@ public interface X509TrustManager extends TrustManager {
      * @throws CertificateException if the certificate chain is not trusted
      *         by this TrustManager.
      */
-    public void checkServerTrusted(X509Certificate[] chain, String authType)
+    void checkServerTrusted(X509Certificate[] chain, String authType)
         throws CertificateException;
 
     /**
@@ -91,5 +91,5 @@ public interface X509TrustManager extends TrustManager {
      * @return a non-null (possibly empty) array of acceptable
      *          CA issuer certificates.
      */
-    public X509Certificate[] getAcceptedIssuers();
+    X509Certificate[] getAcceptedIssuers();
 }