Correctly implement SSLSession.getLastAccessedTime() for OpenSSLEngine

Motivation:

We need to return a correct time for SSLSession.getLastAccessedTime() so it reflect when the handshake was done when the session was reused.

Modifications:

Correctly reflect handshake time in getLastAccessedTime().

Result:

More conform SSLSession implementation.
This commit is contained in:
Norman Maurer 2016-06-22 09:46:41 +02:00
parent d495792c48
commit 77c6d7a672

View File

@ -199,6 +199,9 @@ public final class OpenSslEngine extends SSLEngine {
private volatile ClientAuth clientAuth = ClientAuth.NONE; private volatile ClientAuth clientAuth = ClientAuth.NONE;
// Updated once a new handshake is started and so the SSLSession reused.
private volatile long lastAccessed = -1;
private String endPointIdentificationAlgorithm; private String endPointIdentificationAlgorithm;
// Store as object as AlgorithmConstraints only exists since java 7. // Store as object as AlgorithmConstraints only exists since java 7.
private Object algorithmConstraints; private Object algorithmConstraints;
@ -1231,6 +1234,9 @@ public final class OpenSslEngine extends SSLEngine {
} }
SSL.setState(ssl, SSL.SSL_ST_ACCEPT); SSL.setState(ssl, SSL.SSL_ST_ACCEPT);
lastAccessed = System.currentTimeMillis();
// fall-through // fall-through
case NOT_STARTED: case NOT_STARTED:
handshakeState = HandshakeState.STARTED_EXPLICITLY; handshakeState = HandshakeState.STARTED_EXPLICITLY;
@ -1277,6 +1283,9 @@ public final class OpenSslEngine extends SSLEngine {
// Adding the OpenSslEngine to the OpenSslEngineMap so it can be used in the AbstractCertificateVerifier. // Adding the OpenSslEngine to the OpenSslEngineMap so it can be used in the AbstractCertificateVerifier.
engineMap.add(this); engineMap.add(this);
if (lastAccessed == -1) {
lastAccessed = System.currentTimeMillis();
}
int code = SSL.doHandshake(ssl); int code = SSL.doHandshake(ssl);
if (code <= 0) { if (code <= 0) {
@ -1574,8 +1583,9 @@ public final class OpenSslEngine extends SSLEngine {
@Override @Override
public long getLastAccessedTime() { public long getLastAccessedTime() {
// TODO: Add proper implementation long lastAccessed = OpenSslEngine.this.lastAccessed;
return getCreationTime(); // if lastAccessed is -1 we will just return the creation time as the handshake was not started yet.
return lastAccessed == -1 ? getCreationTime() : lastAccessed;
} }
@Override @Override