From dc6cb7545b1e4651e4928a30267f4f952d47dc94 Mon Sep 17 00:00:00 2001 From: Norman Maurer Date: Thu, 1 Oct 2015 22:05:44 +0200 Subject: [PATCH] Lazy compute SSLSession creation time. Motivation: As a SSL session may be created later at some time we should compute the creation time in a lazy fashion. Modifications: - Lazy compute creation time - Add some unit test Result: More correct behavior --- .../java/io/netty/handler/ssl/OpenSslEngine.java | 12 ++++++++---- .../java/io/netty/handler/ssl/OpenSslEngineTest.java | 6 ++++++ .../java/io/netty/handler/ssl/SSLEngineTest.java | 8 ++++++++ 3 files changed, 22 insertions(+), 4 deletions(-) diff --git a/handler/src/main/java/io/netty/handler/ssl/OpenSslEngine.java b/handler/src/main/java/io/netty/handler/ssl/OpenSslEngine.java index 98ba61271e..d228869402 100644 --- a/handler/src/main/java/io/netty/handler/ssl/OpenSslEngine.java +++ b/handler/src/main/java/io/netty/handler/ssl/OpenSslEngine.java @@ -212,7 +212,7 @@ public final class OpenSslEngine extends SSLEngine { this.apn = checkNotNull(apn, "apn"); this.clientAuth = clientMode ? ClientAuth.NONE : checkNotNull(clientAuth, "clientAuth"); ssl = SSL.newSSL(sslCtx, !clientMode); - session = new OpenSslSession(ssl, sessionContext); + session = new OpenSslSession(sessionContext); networkBIO = SSL.makeNetworkBIO(ssl); this.clientMode = clientMode; this.engineMap = engineMap; @@ -1308,7 +1308,6 @@ public final class OpenSslEngine extends SSLEngine { private final class OpenSslSession implements SSLSession, ApplicationProtocolAccessor { private final OpenSslSessionContext sessionContext; - private final long creationTime; // These are guarded by synchronized(OpenSslEngine.this) as handshakeFinished() may be triggered by any // thread. @@ -1318,12 +1317,12 @@ public final class OpenSslEngine extends SSLEngine { private Certificate[] peerCerts; private String cipher; private byte[] id; + private long creationTime; // lazy init for memory reasons private Map values; - OpenSslSession(long ssl, OpenSslSessionContext sessionContext) { - creationTime = SSL.getTime(ssl) * 1000L; + OpenSslSession(OpenSslSessionContext sessionContext) { this.sessionContext = sessionContext; } @@ -1344,6 +1343,11 @@ public final class OpenSslEngine extends SSLEngine { @Override public long getCreationTime() { + synchronized (OpenSslEngine.this) { + if (creationTime == 0 && !isDestroyed()) { + creationTime = SSL.getTime(ssl) * 1000L; + } + } return creationTime; } diff --git a/handler/src/test/java/io/netty/handler/ssl/OpenSslEngineTest.java b/handler/src/test/java/io/netty/handler/ssl/OpenSslEngineTest.java index 14dc9893ca..ee29db235f 100644 --- a/handler/src/test/java/io/netty/handler/ssl/OpenSslEngineTest.java +++ b/handler/src/test/java/io/netty/handler/ssl/OpenSslEngineTest.java @@ -42,6 +42,12 @@ public class OpenSslEngineTest extends SSLEngineTest { super.testMutualAuthDiffCertsClientFailure(); } + @Override + public void testGetCreationTime() throws Exception { + assumeTrue(OpenSsl.isAvailable()); + super.testGetCreationTime(); + } + @Override protected SslProvider sslProvider() { return SslProvider.OPENSSL; diff --git a/handler/src/test/java/io/netty/handler/ssl/SSLEngineTest.java b/handler/src/test/java/io/netty/handler/ssl/SSLEngineTest.java index bdda9b811a..3a9936e5d4 100644 --- a/handler/src/test/java/io/netty/handler/ssl/SSLEngineTest.java +++ b/handler/src/test/java/io/netty/handler/ssl/SSLEngineTest.java @@ -19,6 +19,7 @@ import io.netty.bootstrap.Bootstrap; import io.netty.bootstrap.ServerBootstrap; import io.netty.buffer.ByteBuf; import io.netty.buffer.Unpooled; +import io.netty.buffer.UnpooledByteBufAllocator; import io.netty.channel.Channel; import io.netty.channel.ChannelFuture; import io.netty.channel.ChannelHandlerAdapter; @@ -286,5 +287,12 @@ public abstract class SSLEngineTest { } } + @Test + public void testGetCreationTime() throws Exception { + SslContext context = SslContextBuilder.forClient().sslProvider(sslProvider()).build(); + SSLEngine engine = context.newEngine(UnpooledByteBufAllocator.DEFAULT); + assertTrue(engine.getSession().getCreationTime() <= System.currentTimeMillis()); + } + protected abstract SslProvider sslProvider(); }