From 632a16820de7c2542e48d2bad1a4e2d1609ac98c Mon Sep 17 00:00:00 2001 From: xuelei Date: Mon, 25 Nov 2019 09:50:30 -0800 Subject: [PATCH] 8234408: Improve TLS session handling Reviewed-by: ascarpino, jjiang, ahgross, ssahoo, mullan, andrew --- .../classes/sun/security/ssl/ClientHello.java | 2 +- .../classes/sun/security/ssl/SSLSessionImpl.java | 16 +--------------- .../classes/sun/security/ssl/SSLSocketImpl.java | 2 +- .../sun/security/ssl/TransportContext.java | 2 +- 4 files changed, 4 insertions(+), 18 deletions(-) diff --git a/src/java.base/share/classes/sun/security/ssl/ClientHello.java b/src/java.base/share/classes/sun/security/ssl/ClientHello.java index 0f22ada553..1bdc82126e 100644 --- a/src/java.base/share/classes/sun/security/ssl/ClientHello.java +++ b/src/java.base/share/classes/sun/security/ssl/ClientHello.java @@ -407,7 +407,7 @@ final class ClientHello { ProtocolVersion maxProtocolVersion = chc.maximumActiveProtocol; // session ID of the ClientHello message - SessionId sessionId = SSLSessionImpl.nullSession.getSessionId(); + SessionId sessionId = new SessionId(new byte[0]); // a list of cipher suites sent by the client List cipherSuites = chc.activeCipherSuites; diff --git a/src/java.base/share/classes/sun/security/ssl/SSLSessionImpl.java b/src/java.base/share/classes/sun/security/ssl/SSLSessionImpl.java index b704bcb6de..0f687c3376 100644 --- a/src/java.base/share/classes/sun/security/ssl/SSLSessionImpl.java +++ b/src/java.base/share/classes/sun/security/ssl/SSLSessionImpl.java @@ -67,11 +67,6 @@ import javax.net.ssl.SSLSessionContext; */ final class SSLSessionImpl extends ExtendedSSLSession { - /* - * we only really need a single null session - */ - static final SSLSessionImpl nullSession = new SSLSessionImpl(); - /* * The state of a single session, as described in section 7.1 * of the SSLv3 spec. @@ -141,7 +136,7 @@ final class SSLSessionImpl extends ExtendedSSLSession { * be used either by a client or by a server, as a connection is * first opened and before handshaking begins. */ - private SSLSessionImpl() { + SSLSessionImpl() { this.protocolVersion = ProtocolVersion.NONE; this.cipherSuite = CipherSuite.C_NULL; this.sessionId = new SessionId(false, null); @@ -777,15 +772,6 @@ final class SSLSessionImpl extends ExtendedSSLSession { */ @Override public synchronized void invalidate() { - // - // Can't invalidate the NULL session -- this would be - // attempted when we get a handshaking error on a brand - // new connection, with no "real" session yet. - // - if (this == nullSession) { - return; - } - if (context != null) { context.remove(sessionId); context = null; diff --git a/src/java.base/share/classes/sun/security/ssl/SSLSocketImpl.java b/src/java.base/share/classes/sun/security/ssl/SSLSocketImpl.java index 24b2e80ae1..0d5b8b615f 100644 --- a/src/java.base/share/classes/sun/security/ssl/SSLSocketImpl.java +++ b/src/java.base/share/classes/sun/security/ssl/SSLSocketImpl.java @@ -334,7 +334,7 @@ public final class SSLSocketImpl SSLLogger.severe("handshake failed", ioe); } - return SSLSessionImpl.nullSession; + return new SSLSessionImpl(); } return conContext.conSession; diff --git a/src/java.base/share/classes/sun/security/ssl/TransportContext.java b/src/java.base/share/classes/sun/security/ssl/TransportContext.java index dd6e653f11..1459d439f5 100644 --- a/src/java.base/share/classes/sun/security/ssl/TransportContext.java +++ b/src/java.base/share/classes/sun/security/ssl/TransportContext.java @@ -131,7 +131,7 @@ class TransportContext implements ConnectionContext { this.isUnsureMode = isUnsureMode; // initial security parameters - this.conSession = SSLSessionImpl.nullSession; + this.conSession = new SSLSessionImpl(); this.protocolVersion = this.sslConfig.maximumProtocolVersion; this.clientVerifyData = emptyByteArray; this.serverVerifyData = emptyByteArray; -- GitLab