From 7423db0b8e29248ba78a9b1e98dafb876e828836 Mon Sep 17 00:00:00 2001 From: Norman Maurer Date: Thu, 6 Nov 2014 09:02:57 +0100 Subject: [PATCH] Add proper Openssl.SSLSession.getId() implementation Motivation: The current implementation not returns the real session as byte[] representation. Modifications: Create a proper Openssl.SSLSession.get() implementation which returns the real session as byte[]. Result: More correct implementation --- .../src/main/java/io/netty/handler/ssl/OpenSslEngine.java | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/handler/src/main/java/io/netty/handler/ssl/OpenSslEngine.java b/handler/src/main/java/io/netty/handler/ssl/OpenSslEngine.java index d268dface6..0519a7a838 100644 --- a/handler/src/main/java/io/netty/handler/ssl/OpenSslEngine.java +++ b/handler/src/main/java/io/netty/handler/ssl/OpenSslEngine.java @@ -703,7 +703,6 @@ public final class OpenSslEngine extends SSLEngine { if (session == null) { session = new SSLSession() { // SSLSession implementation seems to not need to be thread-safe so no need for volatile etc. - private byte[] id; private X509Certificate[] x509PeerCerts; // lazy init for memory reasons @@ -711,9 +710,11 @@ public final class OpenSslEngine extends SSLEngine { @Override public byte[] getId() { - // these are lazy created to reduce memory overhead but cached for performance reasons. + // We don't cache that to keep memory usage to a minimum. + byte[] id = SSL.getSessionId(ssl); if (id == null) { - id = String.valueOf(ssl).getBytes(); + // The id should never be null, if it was null then the SESSION itself was not valid. + throw new IllegalStateException("SSL session ID not available"); } return id; }