Lazy compute SSLSession creation time.

Motivation:

As a SSL session may be created later at some time we should compute the creation time in a lazy fashion.

Modifications:

- Lazy compute creation time
- Add some unit test

Result:

More correct behavior
This commit is contained in:
Norman Maurer 2015-10-01 22:05:44 +02:00
parent 87062671b8
commit d0e94077c2
3 changed files with 22 additions and 4 deletions

View File

@ -212,7 +212,7 @@ public final class OpenSslEngine extends SSLEngine {
this.apn = checkNotNull(apn, "apn"); this.apn = checkNotNull(apn, "apn");
this.clientAuth = clientMode ? ClientAuth.NONE : checkNotNull(clientAuth, "clientAuth"); this.clientAuth = clientMode ? ClientAuth.NONE : checkNotNull(clientAuth, "clientAuth");
ssl = SSL.newSSL(sslCtx, !clientMode); ssl = SSL.newSSL(sslCtx, !clientMode);
session = new OpenSslSession(ssl, sessionContext); session = new OpenSslSession(sessionContext);
networkBIO = SSL.makeNetworkBIO(ssl); networkBIO = SSL.makeNetworkBIO(ssl);
this.clientMode = clientMode; this.clientMode = clientMode;
this.engineMap = engineMap; this.engineMap = engineMap;
@ -1308,7 +1308,6 @@ public final class OpenSslEngine extends SSLEngine {
private final class OpenSslSession implements SSLSession, ApplicationProtocolAccessor { private final class OpenSslSession implements SSLSession, ApplicationProtocolAccessor {
private final OpenSslSessionContext sessionContext; private final OpenSslSessionContext sessionContext;
private final long creationTime;
// These are guarded by synchronized(OpenSslEngine.this) as handshakeFinished() may be triggered by any // These are guarded by synchronized(OpenSslEngine.this) as handshakeFinished() may be triggered by any
// thread. // thread.
@ -1318,12 +1317,12 @@ public final class OpenSslEngine extends SSLEngine {
private Certificate[] peerCerts; private Certificate[] peerCerts;
private String cipher; private String cipher;
private byte[] id; private byte[] id;
private long creationTime;
// lazy init for memory reasons // lazy init for memory reasons
private Map<String, Object> values; private Map<String, Object> values;
OpenSslSession(long ssl, OpenSslSessionContext sessionContext) { OpenSslSession(OpenSslSessionContext sessionContext) {
creationTime = SSL.getTime(ssl) * 1000L;
this.sessionContext = sessionContext; this.sessionContext = sessionContext;
} }
@ -1344,6 +1343,11 @@ public final class OpenSslEngine extends SSLEngine {
@Override @Override
public long getCreationTime() { public long getCreationTime() {
synchronized (OpenSslEngine.this) {
if (creationTime == 0 && !isDestroyed()) {
creationTime = SSL.getTime(ssl) * 1000L;
}
}
return creationTime; return creationTime;
} }

View File

@ -42,6 +42,12 @@ public class OpenSslEngineTest extends SSLEngineTest {
super.testMutualAuthDiffCertsClientFailure(); super.testMutualAuthDiffCertsClientFailure();
} }
@Override
public void testGetCreationTime() throws Exception {
assumeTrue(OpenSsl.isAvailable());
super.testGetCreationTime();
}
@Override @Override
protected SslProvider sslProvider() { protected SslProvider sslProvider() {
return SslProvider.OPENSSL; return SslProvider.OPENSSL;

View File

@ -19,6 +19,7 @@ import io.netty.bootstrap.Bootstrap;
import io.netty.bootstrap.ServerBootstrap; import io.netty.bootstrap.ServerBootstrap;
import io.netty.buffer.ByteBuf; import io.netty.buffer.ByteBuf;
import io.netty.buffer.Unpooled; import io.netty.buffer.Unpooled;
import io.netty.buffer.UnpooledByteBufAllocator;
import io.netty.channel.Channel; import io.netty.channel.Channel;
import io.netty.channel.ChannelFuture; import io.netty.channel.ChannelFuture;
import io.netty.channel.ChannelHandlerAdapter; import io.netty.channel.ChannelHandlerAdapter;
@ -286,5 +287,12 @@ public abstract class SSLEngineTest {
} }
} }
@Test
public void testGetCreationTime() throws Exception {
SslContext context = SslContextBuilder.forClient().sslProvider(sslProvider()).build();
SSLEngine engine = context.newEngine(UnpooledByteBufAllocator.DEFAULT);
assertTrue(engine.getSession().getCreationTime() <= System.currentTimeMillis());
}
protected abstract SslProvider sslProvider(); protected abstract SslProvider sslProvider();
} }