From f66bfb6bf9cfd3cd40fc9110c19354c62dc86649 Mon Sep 17 00:00:00 2001
From: jansupol <jan.supol@oracle.com>
Date: Tue, 6 Apr 2021 18:13:10 +0200
Subject: [PATCH] Lazy synchronized SSL Context initialization in the
 HttpUrlConnector

Signed-off-by: jansupol <jan.supol@oracle.com>
---
 .../glassfish/jersey/client/internal/HttpUrlConnector.java | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/core-client/src/main/java/org/glassfish/jersey/client/internal/HttpUrlConnector.java b/core-client/src/main/java/org/glassfish/jersey/client/internal/HttpUrlConnector.java
index 72bceec3ad..21456b9c2e 100644
--- a/core-client/src/main/java/org/glassfish/jersey/client/internal/HttpUrlConnector.java
+++ b/core-client/src/main/java/org/glassfish/jersey/client/internal/HttpUrlConnector.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2011, 2020 Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2011, 2021 Oracle and/or its affiliates. All rights reserved.
  *
  * This program and the accompanying materials are made available under the
  * terms of the Eclipse Public License v. 2.0, which is available at
@@ -73,7 +73,8 @@ public class HttpUrlConnector implements Connector {
     private static final String ALLOW_RESTRICTED_HEADERS_SYSTEM_PROPERTY = "sun.net.http.allowRestrictedHeaders";
     // Avoid multi-thread uses of HttpsURLConnection.getDefaultSSLSocketFactory() because it does not implement a
     // proper lazy-initialization. See https://github.com/jersey/jersey/issues/3293
-    private static final SSLSocketFactory DEFAULT_SSL_SOCKET_FACTORY = HttpsURLConnection.getDefaultSSLSocketFactory();
+    private static final LazyValue<SSLSocketFactory> DEFAULT_SSL_SOCKET_FACTORY =
+            Values.lazy((Value<SSLSocketFactory>) () -> HttpsURLConnection.getDefaultSSLSocketFactory());
     // The list of restricted headers is extracted from sun.net.www.protocol.http.HttpURLConnection
     private static final String[] restrictedHeaders = {
             "Access-Control-Request-Headers",
@@ -305,7 +306,7 @@ protected void secureConnection(final JerseyClient client, final HttpURLConnecti
                 suc.setHostnameVerifier(verifier);
             }
 
-            if (DEFAULT_SSL_SOCKET_FACTORY == suc.getSSLSocketFactory()) {
+            if (DEFAULT_SSL_SOCKET_FACTORY.get() == suc.getSSLSocketFactory()) {
                 // indicates that the custom socket factory was not set
                 suc.setSSLSocketFactory(sslSocketFactory.get());
             }