Add proper Openssl.SSLSession.getId() implementation
Motivation: The current implementation not returns the real session as byte[] representation. Modifications: Create a proper Openssl.SSLSession.get() implementation which returns the real session as byte[]. Result: More correct implementation
This commit is contained in:
parent
fb3b16d9d4
commit
7423db0b8e
@ -703,7 +703,6 @@ public final class OpenSslEngine extends SSLEngine {
|
|||||||
if (session == null) {
|
if (session == null) {
|
||||||
session = new SSLSession() {
|
session = new SSLSession() {
|
||||||
// SSLSession implementation seems to not need to be thread-safe so no need for volatile etc.
|
// SSLSession implementation seems to not need to be thread-safe so no need for volatile etc.
|
||||||
private byte[] id;
|
|
||||||
private X509Certificate[] x509PeerCerts;
|
private X509Certificate[] x509PeerCerts;
|
||||||
|
|
||||||
// lazy init for memory reasons
|
// lazy init for memory reasons
|
||||||
@ -711,9 +710,11 @@ public final class OpenSslEngine extends SSLEngine {
|
|||||||
|
|
||||||
@Override
|
@Override
|
||||||
public byte[] getId() {
|
public byte[] getId() {
|
||||||
// these are lazy created to reduce memory overhead but cached for performance reasons.
|
// We don't cache that to keep memory usage to a minimum.
|
||||||
|
byte[] id = SSL.getSessionId(ssl);
|
||||||
if (id == null) {
|
if (id == null) {
|
||||||
id = String.valueOf(ssl).getBytes();
|
// The id should never be null, if it was null then the SESSION itself was not valid.
|
||||||
|
throw new IllegalStateException("SSL session ID not available");
|
||||||
}
|
}
|
||||||
return id;
|
return id;
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user