OpenJDK / jdk8u / jdk8u / jdk

changeset 13892:b6be024c35ca

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
8234408: Improve TLS session handling Reviewed-by: andrew
author abakhtin
date Mon, 25 Nov 2019 09:50:30 -0800
parents 27498adf3cbb
children 6592c0288089
files src/share/classes/sun/security/ssl/ClientHandshaker.java src/share/classes/sun/security/ssl/SSLEngineImpl.java src/share/classes/sun/security/ssl/SSLSessionImpl.java src/share/classes/sun/security/ssl/SSLSocketImpl.java
diffstat 4 files changed, 4 insertions(+), 17 deletions(-) [+]
line wrap: on
line diff
--- a/src/share/classes/sun/security/ssl/ClientHandshaker.java	Mon Apr 06 02:10:12 2020 +0100
+++ b/src/share/classes/sun/security/ssl/ClientHandshaker.java	Mon Nov 25 09:50:30 2019 -0800
@@ -1337,7 +1337,7 @@
     @Override
     HandshakeMessage getKickstartMessage() throws SSLException {
         // session ID of the ClientHello message
-        SessionId sessionId = SSLSessionImpl.nullSession.getSessionId();
+        SessionId sessionId = new SessionId(new byte[0]);
 
         // a list of cipher suites sent by the client
         CipherSuiteList cipherSuites = getActiveCipherSuites();
--- a/src/share/classes/sun/security/ssl/SSLEngineImpl.java	Mon Apr 06 02:10:12 2020 +0100
+++ b/src/share/classes/sun/security/ssl/SSLEngineImpl.java	Mon Nov 25 09:50:30 2019 -0800
@@ -375,7 +375,7 @@
         }
 
         sslContext = ctx;
-        sess = SSLSessionImpl.nullSession;
+        sess = new SSLSessionImpl();
         handshakeSession = null;
 
         /*
--- a/src/share/classes/sun/security/ssl/SSLSessionImpl.java	Mon Apr 06 02:10:12 2020 +0100
+++ b/src/share/classes/sun/security/ssl/SSLSessionImpl.java	Mon Nov 25 09:50:30 2019 -0800
@@ -73,11 +73,6 @@
  */
 final class SSLSessionImpl extends ExtendedSSLSession {
 
-    /*
-     * we only really need a single null session
-     */
-    static final SSLSessionImpl         nullSession = new SSLSessionImpl();
-
     // compression methods
     private static final byte           compression_null = 0;
 
@@ -148,7 +143,7 @@
      * be used either by a client or by a server, as a connection is
      * first opened and before handshaking begins.
      */
-    private SSLSessionImpl() {
+    SSLSessionImpl() {
         this(ProtocolVersion.NONE, CipherSuite.C_NULL, null,
             new SessionId(false, null), null, -1, false, null);
     }
@@ -657,14 +652,6 @@
      */
     @Override
     synchronized public void invalidate() {
-        //
-        // Can't invalidate the NULL session -- this would be
-        // attempted when we get a handshaking error on a brand
-        // new connection, with no "real" session yet.
-        //
-        if (this == nullSession) {
-            return;
-        }
         invalidated = true;
         if (debug != null && Debug.isOn("session")) {
             System.out.println("%% Invalidated:  " + this);
--- a/src/share/classes/sun/security/ssl/SSLSocketImpl.java	Mon Apr 06 02:10:12 2020 +0100
+++ b/src/share/classes/sun/security/ssl/SSLSocketImpl.java	Mon Nov 25 09:50:30 2019 -0800
@@ -610,7 +610,7 @@
      */
     private void init(SSLContextImpl context, boolean isServer) {
         sslContext = context;
-        sess = SSLSessionImpl.nullSession;
+        sess = new SSLSessionImpl();
         handshakeSession = null;
 
         /*
© 2007, Oracle and/or its affiliates
Terms of Use · Privacy · Trademarks