jdk.tls.client.enableSessionTicketExtension must be respected by OPENSSL and OPENSSL_REFCNT SslProviders (#10401)

Motivation: jdk.tls.client.enableSessionTicketExtension property must be respect by OPENSSL and OPENSSL_REFCNT SslProvider to ensure a consistent behavior. Due a bug this was not the case and it only worked for OPENSSL_REFCNT but not for OPENSSL. Modifications: Move the property check into static method that is used by both Result: Correctly respect jdk.tls.client.enableSessionTicketExtension
2020-07-13 16:17:16 +02:00 · 2020-07-13 16:17:16 +02:00 · 47bbc590ee
commit 47bbc590ee
parent 165ade5d9f
1 changed files with 3 additions and 3 deletions
--- a/handler/src/main/java/io/netty/handler/ssl/ReferenceCountedOpenSslClientContext.java
+++ b/handler/src/main/java/io/netty/handler/ssl/ReferenceCountedOpenSslClientContext.java
@ -72,9 +72,6 @@ public final class ReferenceCountedOpenSslClientContext extends ReferenceCounted
        try {
            sessionContext = newSessionContext(this, ctx, engineMap, trustCertCollection, trustManagerFactory,
                                               keyCertChain, key, keyPassword, keyManagerFactory, keyStore);
-            if (ENABLE_SESSION_TICKET) {
-                sessionContext.setTicketKeys();
-            }
            success = true;
        } finally {
            if (!success) {
@ -175,6 +172,9 @@ public final class ReferenceCountedOpenSslClientContext extends ReferenceCounted
                throw new SSLException("unable to setup trustmanager", e);
            }
            OpenSslClientSessionContext context = new OpenSslClientSessionContext(thiz, keyMaterialProvider);
+            if (ENABLE_SESSION_TICKET) {
+                context.setTicketKeys();
+            }
            keyMaterialProvider = null;
            return context;
        } finally {