andreacavalli/netty5
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Add proper Openssl.SSLSession.getId() implementation

Browse Source 
Motivation:

The current implementation not returns the real session as byte[] representation.

Modifications:

Create a proper Openssl.SSLSession.get() implementation which returns the real session as byte[].

Result:

More correct implementation
This commit is contained in:
Norman Maurer 2014-11-06 09:02:57 +01:00 committed by Norman Maurer
parent fb3b16d9d4
commit 7423db0b8e
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
handler/src/main/java/io/netty/handler/ssl/OpenSslEngine.java
View File

@ -703,7 +703,6 @@ public final class OpenSslEngine extends SSLEngine {
if (session == null) {
session = new SSLSession() {
// SSLSession implementation seems to not need to be thread-safe so no need for volatile etc.
private byte[] id;
private X509Certificate[] x509PeerCerts;
// lazy init for memory reasons
@ -711,9 +710,11 @@ public final class OpenSslEngine extends SSLEngine {
@Override
public byte[] getId() {
// these are lazy created to reduce memory overhead but cached for performance reasons.
// We don't cache that to keep memory usage to a minimum.
byte[] id = SSL.getSessionId(ssl);
if (id == null) {
id = String.valueOf(ssl).getBytes();
// The id should never be null, if it was null then the SESSION itself was not valid.
throw new IllegalStateException("SSL session ID not available");
}
return id;
}