8285504: Minor cleanup could be done in javax.net

Reviewed-by: wetmore
2025-08-26 22:34:27 +02:00 · 2022-04-28 22:18:36 +00:00 · 2022-04-28 22:18:36 +00:00 · 573eaceca5
commit 573eaceca5
parent bba456a8db
20 changed files with 107 additions and 128 deletions
--- a/src/java.base/share/classes/javax/net/ServerSocketFactory.java
+++ b/src/java.base/share/classes/javax/net/ServerSocketFactory.java
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2007, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2022, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -195,7 +195,7 @@ public abstract class ServerSocketFactory
 //
-// The default factory has NO intelligence.  In fact it's not clear
+// The default factory has NO intelligence.  In fact, it's not clear
 // what sort of intelligence servers need; the onus is on clients,
 // who have to know how to tunnel etc.
 //
--- a/src/java.base/share/classes/javax/net/ssl/HandshakeCompletedEvent.java
+++ b/src/java.base/share/classes/javax/net/ssl/HandshakeCompletedEvent.java
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2020, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2022, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -32,7 +32,7 @@ import java.security.cert.X509Certificate;
 /**
 * This event indicates that an SSL handshake completed on a given
- * SSL connection.  All of the core information about that handshake's
+ * SSL connection.  All the core information about that handshake's
 * result is captured through an "SSLSession" object.  As a convenience,
 * this event class provides direct access to some important session
 * attributes.
@ -52,7 +52,7 @@ public class HandshakeCompletedEvent extends EventObject
    @java.io.Serial
    private static final long serialVersionUID = 7914963744257769778L;
-    private transient SSLSession session;
+    private final transient SSLSession session;
    /**
     * Constructs a new HandshakeCompletedEvent.
--- a/src/java.base/share/classes/javax/net/ssl/HostnameVerifier.java
+++ b/src/java.base/share/classes/javax/net/ssl/HostnameVerifier.java
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2001, 2012, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2001, 2022, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -52,5 +52,5 @@ public interface HostnameVerifier {
     * @param session SSLSession used on the connection to host
     * @return true if the host name is acceptable
     */
-    public boolean verify(String hostname, SSLSession session);
+    boolean verify(String hostname, SSLSession session);
 }
--- a/src/java.base/share/classes/javax/net/ssl/KeyManagerFactory.java
+++ b/src/java.base/share/classes/javax/net/ssl/KeyManagerFactory.java
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2021, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2022, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -42,13 +42,13 @@ import sun.security.jca.GetInstance;
 */
 public class KeyManagerFactory {
    // The provider
-    private Provider provider;
+    private final Provider provider;
    // The provider implementation (delegate)
-    private KeyManagerFactorySpi factorySpi;
+    private final KeyManagerFactorySpi factorySpi;
    // The name of the key management algorithm.
-    private String algorithm;
+    private final String algorithm;
    /**
     * Obtains the default KeyManagerFactory algorithm name.
@ -63,15 +63,10 @@ public class KeyManagerFactory {
     *          implementation-specific default if no such property exists.
     */
    @SuppressWarnings("removal")
-    public static final String getDefaultAlgorithm() {
+    public static String getDefaultAlgorithm() {
        String type;
-        type = AccessController.doPrivileged(new PrivilegedAction<>() {
+        type = AccessController.doPrivileged((PrivilegedAction<String>) () ->
-            @Override
+            Security.getProperty("ssl.KeyManagerFactory.algorithm"));
            public String run() {
                return Security.getProperty(
                    "ssl.KeyManagerFactory.algorithm");
            }
        });
        if (type == null) {
            type = "SunX509";
        }
@ -123,7 +118,7 @@ public class KeyManagerFactory {
     * {@code jdk.security.provider.preferred}
     * {@link Security#getProperty(String) Security} property to determine
     * the preferred provider order for the specified algorithm. This
-     * may be different than the order of providers returned by
+     * may be different from the order of providers returned by
     * {@link Security#getProviders() Security.getProviders()}.
     *
     * @param algorithm the standard name of the requested algorithm.
--- a/src/java.base/share/classes/javax/net/ssl/KeyStoreBuilderParameters.java
+++ b/src/java.base/share/classes/javax/net/ssl/KeyStoreBuilderParameters.java
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2022, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -69,7 +69,7 @@ public class KeyStoreBuilderParameters implements ManagerFactoryParameters {
        }
        this.parameters = Collections.unmodifiableList(
-            new ArrayList<Builder>(parameters));
+            new ArrayList<>(parameters));
    }
    /**
--- a/src/java.base/share/classes/javax/net/ssl/SNIHostName.java
+++ b/src/java.base/share/classes/javax/net/ssl/SNIHostName.java
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012, 2021, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2012, 2022, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -255,7 +255,7 @@ public final class SNIHostName extends SNIServerName {
     *     "type=host_name (0), value={@literal <hostname>}"
     * </pre>
     * The "{@literal <hostname>}" is an ASCII representation of the hostname,
-     * which may contains A-labels.  For example, a returned value of an pseudo
+     * which may contain A-labels.  For example, a returned value of a pseudo
     * hostname may look like:
     * <pre>
     *     "type=host_name (0), value=www.example.com"
--- a/src/java.base/share/classes/javax/net/ssl/SNIServerName.java
+++ b/src/java.base/share/classes/javax/net/ssl/SNIServerName.java
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012, 2021, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2012, 2022, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -161,7 +161,7 @@ public abstract class SNIServerName {
     * name, and INTEGER is the integer value of the name type.  The format
     * of "{@literal <name value>}" is "XX:...:XX", where "XX" is the
     * hexadecimal digit representation of a byte value. For example, a
-     * returned value of an pseudo server name may look like:
+     * returned value of a pseudo server name may look like:
     * <pre>
     *     "type=(31), value=77:77:77:2E:65:78:61:6D:70:6C:65:2E:63:6E"
     * </pre>
--- a/src/java.base/share/classes/javax/net/ssl/SSLContext.java
+++ b/src/java.base/share/classes/javax/net/ssl/SSLContext.java
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2021, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2022, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -159,7 +159,7 @@ public class SSLContext {
     * {@code jdk.security.provider.preferred}
     * {@link Security#getProperty(String) Security} property to determine
     * the preferred provider order for the specified algorithm. This
-     * may be different than the order of providers returned by
+     * may be different from the order of providers returned by
     * {@link Security#getProviders() Security.getProviders()}.
     *
     * @param protocol the standard name of the requested protocol.
--- a/src/java.base/share/classes/javax/net/ssl/SSLEngine.java
+++ b/src/java.base/share/classes/javax/net/ssl/SSLEngine.java
@ -68,7 +68,7 @@ import java.util.function.BiFunction;
 * using the {@link #getSession()} method.
 * <P>
 * The {@code SSLSocket} class provides much of the same security
- * functionality, but all of the inbound and outbound data is
+ * functionality, but all the inbound and outbound data is
 * automatically transported using the underlying {@link
 * java.net.Socket Socket}, which by design uses a blocking model.
 * While this is appropriate for many applications, this model does not
@ -870,7 +870,7 @@ public abstract class SSLEngine {
     * accept any more inbound data messages.
     *
     * @return  true if the {@code SSLEngine} will not
-     *          consume anymore network data (and by implication,
+     *          consume any more network data (and by implication,
     *          will not produce any more application data.)
     * @see     #closeInbound()
     */
@ -974,7 +974,7 @@ public abstract class SSLEngine {
     * for a certain cipher suite.
     * <P>
     * See {@link #getEnabledCipherSuites()} for more information
-     * on why a specific cipher suite may never be used on a engine.
+     * on why a specific cipher suite may never be used on an engine.
     *
     * @param   suites Names of all the cipher suites to enable
     * @throws  IllegalArgumentException when one or more of the ciphers
@ -1031,7 +1031,7 @@ public abstract class SSLEngine {
     * Returns the {@code SSLSession} in use in this
     * {@code SSLEngine}.
     * <P>
-     * These can be long lived, and frequently correspond to an entire
+     * These can be long-lived, and frequently correspond to an entire
     * login session for some user.  The session specifies a particular
     * cipher suite which is being actively used by all connections in
     * that session, as well as the identities of the session's client
@ -1336,10 +1336,8 @@ public abstract class SSLEngine {
        }
        if (params.getNeedClientAuth()) {
            setNeedClientAuth(true);
        } else if (params.getWantClientAuth()) {
            setWantClientAuth(true);
        } else {
-            setWantClientAuth(false);
+            setWantClientAuth(params.getWantClientAuth());
        }
    }
--- a/src/java.base/share/classes/javax/net/ssl/SSLEngineResult.java
+++ b/src/java.base/share/classes/javax/net/ssl/SSLEngineResult.java
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2021, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2022, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -62,7 +62,7 @@ public class SSLEngineResult {
     * @author Brad R. Wetmore
     * @since 1.5
     */
-    public static enum Status {
+    public enum Status {
        /**
         * The {@code SSLEngine} was not able to unwrap the
@ -97,7 +97,7 @@ public class SSLEngineResult {
         * {@code SSLEngine}, or the operation
         * could not be completed because it was already closed.
         */
-        CLOSED;
+        CLOSED
    }
    /**
@ -107,7 +107,7 @@ public class SSLEngineResult {
     * @author Brad R. Wetmore
     * @since 1.5
     */
-    public static enum HandshakeStatus {
+    public enum HandshakeStatus {
        /**
         * The {@code SSLEngine} is not currently handshaking.
@ -163,7 +163,7 @@ public class SSLEngineResult {
         *
         * @since   9
         */
-        NEED_UNWRAP_AGAIN;
+        NEED_UNWRAP_AGAIN
    }
--- a/src/java.base/share/classes/javax/net/ssl/SSLServerSocket.java
+++ b/src/java.base/share/classes/javax/net/ssl/SSLServerSocket.java
@ -109,7 +109,7 @@ public abstract class SSLServerSocket extends ServerSocket {
     * The <code>backlog</code> argument is the requested maximum number of
     * pending connections on the socket. Its exact semantics are implementation
     * specific. In particular, an implementation may impose a maximum length
-     * or may choose to ignore the parameter altogther. The value provided
+     * or may choose to ignore the parameter altogether. The value provided
     * should be greater than <code>0</code>. If it is less than or equal to
     * <code>0</code>, then an implementation specific default will be used.
     * <P>
@ -154,7 +154,7 @@ public abstract class SSLServerSocket extends ServerSocket {
     * The <code>backlog</code> argument is the requested maximum number of
     * pending connections on the socket. Its exact semantics are implementation
     * specific. In particular, an implementation may impose a maximum length
-     * or may choose to ignore the parameter altogther. The value provided
+     * or may choose to ignore the parameter altogether. The value provided
     * should be greater than <code>0</code>. If it is less than or equal to
     * <code>0</code>, then an implementation specific default will be used.
     * <P>
@ -238,7 +238,7 @@ public abstract class SSLServerSocket extends ServerSocket {
     * @see #getSupportedCipherSuites()
     * @see #getEnabledCipherSuites()
     */
-    public abstract void setEnabledCipherSuites(String suites []);
+    public abstract void setEnabledCipherSuites(String[] suites);
    /**
@ -309,7 +309,7 @@ public abstract class SSLServerSocket extends ServerSocket {
     * @see #getEnabledProtocols()
     * @see #getSupportedProtocols()
     */
-    public abstract void setEnabledProtocols(String protocols[]);
+    public abstract void setEnabledProtocols(String[] protocols);
    /**
@ -545,10 +545,8 @@ public abstract class SSLServerSocket extends ServerSocket {
        if (params.getNeedClientAuth()) {
            setNeedClientAuth(true);
        } else if (params.getWantClientAuth()) {
            setWantClientAuth(true);
        } else {
-            setWantClientAuth(false);
+            setWantClientAuth(params.getWantClientAuth());
        }
    }
--- a/src/java.base/share/classes/javax/net/ssl/SSLSession.java
+++ b/src/java.base/share/classes/javax/net/ssl/SSLSession.java
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2020, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2022, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -70,7 +70,7 @@ public interface SSLSession {
     *
     * @return the Session identifier
     */
-    public byte[] getId();
+    byte[] getId();
    /**
@ -91,7 +91,7 @@ public interface SSLSession {
     * @return the session context used for this session, or null
     * if the context is unavailable.
     */
-    public SSLSessionContext getSessionContext();
+    SSLSessionContext getSessionContext();
    /**
@ -100,7 +100,7 @@ public interface SSLSession {
     *
     * @return the time this Session was created
     */
-    public long getCreationTime();
+    long getCreationTime();
    /**
@ -119,7 +119,7 @@ public interface SSLSession {
     *
     * @return the last time this Session was accessed
     */
-    public long getLastAccessedTime();
+    long getLastAccessedTime();
    /**
@ -132,7 +132,7 @@ public interface SSLSession {
     *
     * @see #isValid()
     */
-    public void invalidate();
+    void invalidate();
    /**
@ -144,7 +144,7 @@ public interface SSLSession {
     *
     * @since 1.5
     */
-    public boolean isValid();
+    boolean isValid();
    /**
@ -166,7 +166,7 @@ public interface SSLSession {
     * @param value the data object to be bound. This may not be null.
     * @throws IllegalArgumentException if either argument is null.
     */
-    public void putValue(String name, Object value);
+    void putValue(String name, Object value);
    /**
@ -181,7 +181,7 @@ public interface SSLSession {
     *          not exist.
     * @throws IllegalArgumentException if the argument is null.
     */
-    public Object getValue(String name);
+    Object getValue(String name);
    /**
@ -198,7 +198,7 @@ public interface SSLSession {
     *          across different access control contexts
     * @throws IllegalArgumentException if the argument is null.
     */
-    public void removeValue(String name);
+    void removeValue(String name);
    /**
@ -211,7 +211,7 @@ public interface SSLSession {
     * @return a non-null (possibly empty) array of names of the objects
     *  bound to this Session.
     */
-    public String [] getValueNames();
+    String [] getValueNames();
    /**
     * Returns the identity of the peer which was established as part
@ -231,7 +231,7 @@ public interface SSLSession {
     *          been verified
     * @see #getPeerPrincipal()
     */
-    public java.security.cert.Certificate [] getPeerCertificates()
+    java.security.cert.Certificate [] getPeerCertificates()
            throws SSLPeerUnverifiedException;
    /**
@ -254,7 +254,7 @@ public interface SSLSession {
     *
     * @see #getLocalPrincipal()
     */
-    public java.security.cert.Certificate [] getLocalCertificates();
+    java.security.cert.Certificate [] getLocalCertificates();
    /**
     * Returns the identity of the peer which was identified as part
@ -291,7 +291,7 @@ public interface SSLSession {
     */
    @SuppressWarnings("removal")
    @Deprecated(since="9", forRemoval=true)
-    public default javax.security.cert.X509Certificate[]
+    default javax.security.cert.X509Certificate[]
            getPeerCertificateChain() throws SSLPeerUnverifiedException {
        throw new UnsupportedOperationException(
             "This method is deprecated and marked for removal. Use the " +
@ -314,7 +314,7 @@ public interface SSLSession {
     *
     * @since 1.5
     */
-    public Principal getPeerPrincipal()
+    Principal getPeerPrincipal()
            throws SSLPeerUnverifiedException;
    /**
@ -330,7 +330,7 @@ public interface SSLSession {
     *
     * @since 1.5
     */
-    public Principal getLocalPrincipal();
+    Principal getLocalPrincipal();
    /**
     * Returns the name of the SSL cipher suite which is used for all
@ -342,7 +342,7 @@ public interface SSLSession {
     *
     * @return the name of the session's cipher suite
     */
-    public String getCipherSuite();
+    String getCipherSuite();
    /**
     * Returns the standard name of the protocol used for all
@ -353,7 +353,7 @@ public interface SSLSession {
     * @return the standard name of the protocol used for all
     * connections in the session.
     */
-    public String getProtocol();
+    String getProtocol();
    /**
     * Returns the host name of the peer in this session.
@ -373,7 +373,7 @@ public interface SSLSession {
     * @return  the host name of the peer host, or null if no information
     *          is available.
     */
-    public String getPeerHost();
+    String getPeerHost();
    /**
     * Returns the port number of the peer in this session.
@ -390,7 +390,7 @@ public interface SSLSession {
     *
     * @since 1.5
     */
-    public int getPeerPort();
+    int getPeerPort();
    /**
     * Gets the current size of the largest SSL/TLS/DTLS packet that is
@ -409,7 +409,7 @@ public interface SSLSession {
     *
     * @since 1.5
     */
-    public int getPacketBufferSize();
+    int getPacketBufferSize();
    /**
@ -428,5 +428,5 @@ public interface SSLSession {
     *
     * @since 1.5
     */
-    public int getApplicationBufferSize();
+    int getApplicationBufferSize();
 }
--- a/src/java.base/share/classes/javax/net/ssl/SSLSessionBindingEvent.java
+++ b/src/java.base/share/classes/javax/net/ssl/SSLSessionBindingEvent.java
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2019, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2022, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -34,7 +34,7 @@ import java.util.EventObject;
 * When a listener object is bound or unbound to an SSLSession by
 * {@link SSLSession#putValue(String, Object)}
 * or {@link SSLSession#removeValue(String)}, objects which
- * implement the SSLSessionBindingListener will be receive an
+ * implement the SSLSessionBindingListener will receive an
 * event of this type.  The event's <code>name</code> field is the
 * key in which the listener is being bound or unbound.
 *
@ -55,7 +55,7 @@ extends EventObject
    /**
     * @serial The name to which the object is being bound or unbound
     */
-    private String name;
+    private final String name;
    /**
     * Constructs a new SSLSessionBindingEvent.
--- a/src/java.base/share/classes/javax/net/ssl/SSLSessionBindingListener.java
+++ b/src/java.base/share/classes/javax/net/ssl/SSLSessionBindingListener.java
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2001, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2022, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -53,7 +53,7 @@ extends EventListener
     * @param event the event identifying the SSLSession into
     *          which the listener is being bound.
     */
-    public void valueBound(SSLSessionBindingEvent event);
+    void valueBound(SSLSessionBindingEvent event);
    /**
     * This is called to notify the listener that it is being unbound
@ -62,5 +62,5 @@ extends EventListener
     * @param event the event identifying the SSLSession from
     *          which the listener is being unbound.
     */
-    public void valueUnbound(SSLSessionBindingEvent event);
+    void valueUnbound(SSLSessionBindingEvent event);
 }
--- a/src/java.base/share/classes/javax/net/ssl/SSLSessionContext.java
+++ b/src/java.base/share/classes/javax/net/ssl/SSLSessionContext.java
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2019, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2022, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -69,7 +69,7 @@ public interface SSLSessionContext {
     *
     * @throws NullPointerException if <code>sessionId</code> is null.
     */
-    public SSLSession getSession(byte[] sessionId);
+    SSLSession getSession(byte[] sessionId);
    /**
     * Returns an Enumeration of all known session id's grouped under this
@ -79,7 +79,7 @@ public interface SSLSessionContext {
     *
     * @return an enumeration of all the Session id's
     */
-    public Enumeration<byte[]> getIds();
+    Enumeration<byte[]> getIds();
    /**
     * Sets the timeout limit for <code>SSLSession</code> objects grouped
@ -106,8 +106,7 @@ public interface SSLSessionContext {
     *
     * @see #getSessionTimeout
     */
-    public void setSessionTimeout(int seconds)
+    void setSessionTimeout(int seconds);
                 throws IllegalArgumentException;
    /**
     * Returns the timeout limit of <code>SSLSession</code> objects grouped
@ -131,7 +130,7 @@ public interface SSLSessionContext {
     *
     * @see #setSessionTimeout
     */
-    public int getSessionTimeout();
+    int getSessionTimeout();
    /**
     * Sets the size of the cache used for storing <code>SSLSession</code>
@ -150,8 +149,7 @@ public interface SSLSessionContext {
     *
     * @see #getSessionCacheSize
     */
-    public void setSessionCacheSize(int size)
+    void setSessionCacheSize(int size);
                 throws IllegalArgumentException;
    /**
     * Returns the size of the cache used for storing <code>SSLSession</code>
@ -167,5 +165,5 @@ public interface SSLSessionContext {
     *
     * @see #setSessionCacheSize
     */
-    public int getSessionCacheSize();
+    int getSessionCacheSize();
 }
--- a/src/java.base/share/classes/javax/net/ssl/SSLSocket.java
+++ b/src/java.base/share/classes/javax/net/ssl/SSLSocket.java
@ -392,7 +392,7 @@ public abstract class SSLSocket extends Socket
     * @see #getSupportedCipherSuites()
     * @see #getEnabledCipherSuites()
     */
-    public abstract void setEnabledCipherSuites(String suites []);
+    public abstract void setEnabledCipherSuites(String[] suites);
    /**
@ -433,12 +433,12 @@ public abstract class SSLSocket extends Socket
     *            when the protocols parameter is null.
     * @see #getEnabledProtocols()
     */
-    public abstract void setEnabledProtocols(String protocols[]);
+    public abstract void setEnabledProtocols(String[] protocols);
    /**
     * Returns the SSL Session in use by this connection.  These can
-     * be long lived, and frequently correspond to an entire login session
+     * be long-lived, and frequently correspond to an entire login session
     * for some user.  The session specifies a particular cipher suite
     * which is being actively used by all connections in that session,
     * as well as the identities of the session's client and server.
@ -744,10 +744,8 @@ public abstract class SSLSocket extends Socket
        }
        if (params.getNeedClientAuth()) {
            setNeedClientAuth(true);
        } else if (params.getWantClientAuth()) {
            setWantClientAuth(true);
        } else {
-            setWantClientAuth(false);
+            setWantClientAuth(params.getWantClientAuth());
        }
    }
--- a/src/java.base/share/classes/javax/net/ssl/SSLSocketFactory.java
+++ b/src/java.base/share/classes/javax/net/ssl/SSLSocketFactory.java
@ -88,18 +88,15 @@ public abstract class SSLSocketFactory extends SocketFactory {
    @SuppressWarnings("removal")
    static String getSecurityProperty(final String name) {
-        return AccessController.doPrivileged(new PrivilegedAction<>() {
+        return AccessController.doPrivileged((PrivilegedAction<String>) () -> {
-            @Override
+            String s = Security.getProperty(name);
-            public String run() {
+            if (s != null) {
-                String s = java.security.Security.getProperty(name);
+                s = s.trim();
-                if (s != null) {
+                if (s.isEmpty()) {
-                    s = s.trim();
+                    s = null;
                    if (s.isEmpty()) {
                        s = null;
                    }
                }
                return s;
            }
            return s;
        });
    }
@ -175,7 +172,7 @@ public abstract class SSLSocketFactory extends SocketFactory {
     * underlying {@link InputStream} should be loaded into the
     * {@code consumed} stream before this method is called, perhaps
     * using a {@link java.io.ByteArrayInputStream}.  When this
-     * {@link Socket} begins handshaking, it will read all of the data in
+     * {@link Socket} begins handshaking, it will read all the data in
     * {@code consumed} until it reaches {@code EOF}, then all further
     * data is read from the underlying {@link InputStream} as
     * usual.
@ -256,7 +253,7 @@ public abstract class SSLSocketFactory extends SocketFactory {
 // file private
 class DefaultSSLSocketFactory extends SSLSocketFactory
 {
-    private Exception reason;
+    private final Exception reason;
    DefaultSSLSocketFactory(Exception reason) {
        this.reason = reason;
--- a/src/java.base/share/classes/javax/net/ssl/TrustManagerFactory.java
+++ b/src/java.base/share/classes/javax/net/ssl/TrustManagerFactory.java
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2021, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2022, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -54,13 +54,13 @@ import sun.security.jca.GetInstance;
 */
 public class TrustManagerFactory {
    // The provider
-    private Provider provider;
+    private final Provider provider;
    // The provider implementation (delegate)
-    private TrustManagerFactorySpi factorySpi;
+    private final TrustManagerFactorySpi factorySpi;
    // The name of the trust management algorithm.
-    private String algorithm;
+    private final String algorithm;
    /**
     * Obtains the default TrustManagerFactory algorithm name.
@ -75,15 +75,10 @@ public class TrustManagerFactory {
     * implementation-specific default if no such property exists.
     */
    @SuppressWarnings("removal")
-    public static final String getDefaultAlgorithm() {
+    public static String getDefaultAlgorithm() {
        String type;
-        type = AccessController.doPrivileged(new PrivilegedAction<>() {
+        type = AccessController.doPrivileged((PrivilegedAction<String>) () ->
-            @Override
+            Security.getProperty( "ssl.TrustManagerFactory.algorithm"));
            public String run() {
                return Security.getProperty(
                    "ssl.TrustManagerFactory.algorithm");
            }
        });
        if (type == null) {
            type = "SunX509";
        }
@ -137,7 +132,7 @@ public class TrustManagerFactory {
     * {@code jdk.security.provider.preferred}
     * {@link Security#getProperty(String) Security} property to determine
     * the preferred provider order for the specified algorithm. This
-     * may be different than the order of providers returned by
+     * may be different from the order of providers returned by
     * {@link Security#getProviders() Security.getProviders()}.
     *
     * @param algorithm the standard name of the requested trust management
--- a/src/java.base/share/classes/javax/net/ssl/X509KeyManager.java
+++ b/src/java.base/share/classes/javax/net/ssl/X509KeyManager.java
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2016, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2022, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -62,7 +62,7 @@ public interface X509KeyManager extends KeyManager {
     * @return an array of the matching alias names, or null if there
     *          were no matches.
     */
-    public String[] getClientAliases(String keyType, Principal[] issuers);
+    String[] getClientAliases(String keyType, Principal[] issuers);
    /**
     * Choose an alias to authenticate the client side of a secure
@ -80,8 +80,8 @@ public interface X509KeyManager extends KeyManager {
     * @return the alias name for the desired key, or null if there
     *          are no matches.
     */
-    public String chooseClientAlias(String[] keyType, Principal[] issuers,
+    String chooseClientAlias(String[] keyType, Principal[] issuers,
-        Socket socket);
+                             Socket socket);
    /**
     * Get the matching aliases for authenticating the server side of a secure
@ -94,7 +94,7 @@ public interface X509KeyManager extends KeyManager {
     * @return an array of the matching alias names, or null
     *          if there were no matches.
     */
-    public String[] getServerAliases(String keyType, Principal[] issuers);
+    String[] getServerAliases(String keyType, Principal[] issuers);
    /**
     * Choose an alias to authenticate the server side of a secure
@ -111,8 +111,8 @@ public interface X509KeyManager extends KeyManager {
     * @return the alias name for the desired key, or null if there
     *          are no matches.
     */
-    public String chooseServerAlias(String keyType, Principal[] issuers,
+    String chooseServerAlias(String keyType, Principal[] issuers,
-        Socket socket);
+                             Socket socket);
    /**
     * Returns the certificate chain associated with the given alias.
@ -122,7 +122,7 @@ public interface X509KeyManager extends KeyManager {
     *          and the root certificate authority last), or null
     *          if the alias can't be found.
     */
-    public X509Certificate[] getCertificateChain(String alias);
+    X509Certificate[] getCertificateChain(String alias);
    /**
     * Returns the key associated with the given alias.
@ -130,5 +130,5 @@ public interface X509KeyManager extends KeyManager {
     * @param alias the alias name
     * @return the requested key, or null if the alias can't be found.
     */
-    public PrivateKey getPrivateKey(String alias);
+    PrivateKey getPrivateKey(String alias);
 }
--- a/src/java.base/share/classes/javax/net/ssl/X509TrustManager.java
+++ b/src/java.base/share/classes/javax/net/ssl/X509TrustManager.java
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2005, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2022, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -55,7 +55,7 @@ public interface X509TrustManager extends TrustManager {
     * @throws CertificateException if the certificate chain is not trusted
     *         by this TrustManager.
     */
-    public void checkClientTrusted(X509Certificate[] chain, String authType)
+    void checkClientTrusted(X509Certificate[] chain, String authType)
        throws CertificateException;
    /**
@ -81,7 +81,7 @@ public interface X509TrustManager extends TrustManager {
     * @throws CertificateException if the certificate chain is not trusted
     *         by this TrustManager.
     */
-    public void checkServerTrusted(X509Certificate[] chain, String authType)
+    void checkServerTrusted(X509Certificate[] chain, String authType)
        throws CertificateException;
    /**
@ -91,5 +91,5 @@ public interface X509TrustManager extends TrustManager {
     * @return a non-null (possibly empty) array of acceptable
     *          CA issuer certificates.
     */
-    public X509Certificate[] getAcceptedIssuers();
+    X509Certificate[] getAcceptedIssuers();
 }