You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@mina.apache.org by "Wolter Eldering (JIRA)" <ji...@apache.org> on 2006/12/17 20:27:21 UTC
[jira] Created: (DIRMINA-326) Cached SSLSessions won't be reused by
the SSLFilter if in client mode.
Cached SSLSessions won't be reused by the SSLFilter if in client mode.
----------------------------------------------------------------------
Key: DIRMINA-326
URL: http://issues.apache.org/jira/browse/DIRMINA-326
Project: MINA
Issue Type: Bug
Components: Filter
Affects Versions: 1.0
Reporter: Wolter Eldering
SSLSessions won't be reused by the SSLFilter if in client mode.
In client mode SSLContext.createSSLEngine() will always create a new SSLSession.
The only way to reuse cached SSLSessions in client mode is to use the SSLContext.createSSLEngine(String peerHost, int peerPort) factory method.
Index: filter-ssl/src/main/java/org/apache/mina/filter/support/SSLHandler.java
===================================================================
--- filter-ssl/src/main/java/org/apache/mina/filter/support/SSLHandler.java (revision 487691)
+++ filter-ssl/src/main/java/org/apache/mina/filter/support/SSLHandler.java (working copy)
@@ -36,6 +36,7 @@
import org.apache.mina.filter.SSLFilter;
import org.apache.mina.util.Queue;
import org.apache.mina.util.SessionLog;
+import java.net.InetSocketAddress;
/**
* A helper class using the SSLEngine API to decrypt/encrypt data.
@@ -110,7 +111,12 @@
return;
}
- sslEngine = ctx.createSSLEngine();
+ InetSocketAddress hint = (InetSocketAddress) session.getAttribute(SSLFilter.SESSION_HINT);
+ if (hint == null) {
+ sslEngine = ctx.createSSLEngine();
+ } else {
+ sslEngine = ctx.createSSLEngine(hint.getHostName(), hint.getPort());
+ }
sslEngine.setUseClientMode( parent.isUseClientMode() );
if ( parent.isWantClientAuth() )
Index: filter-ssl/src/main/java/org/apache/mina/filter/SSLFilter.java
===================================================================
--- filter-ssl/src/main/java/org/apache/mina/filter/SSLFilter.java (revision 487691)
+++ filter-ssl/src/main/java/org/apache/mina/filter/SSLFilter.java (working copy)
@@ -101,6 +101,9 @@
* doesn't emit any events related with SSL session flow control.
*/
public static final String USE_NOTIFICATION = SSLFilter.class.getName() + ".UseNotification";
+
+ public static final String SESSION_HINT = SSLFilter.class.getName() + ".SessionHint";
+
/**
* A special message object which is emitted with a {@link IoHandler#messageReceived(IoSession, Object)}
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira