You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@mina.apache.org by "Wolter Eldering (JIRA)" <ji...@apache.org> on 2006/12/17 20:27:21 UTC
[jira] Created: (DIRMINA-326) Cached SSLSessions won't be reused by the SSLFilter if in client mode.

Cached SSLSessions won't be reused by the SSLFilter if in client mode.
----------------------------------------------------------------------

                 Key: DIRMINA-326
                 URL: http://issues.apache.org/jira/browse/DIRMINA-326
             Project: MINA
          Issue Type: Bug
          Components: Filter
    Affects Versions: 1.0
            Reporter: Wolter Eldering


SSLSessions won't be reused by the SSLFilter if in client mode.

In client mode SSLContext.createSSLEngine() will always create a new SSLSession.
The only way to reuse cached SSLSessions in client mode is to use the SSLContext.createSSLEngine(String peerHost, int peerPort) factory method.

Index: filter-ssl/src/main/java/org/apache/mina/filter/support/SSLHandler.java
===================================================================
--- filter-ssl/src/main/java/org/apache/mina/filter/support/SSLHandler.java     (revision 487691)
+++ filter-ssl/src/main/java/org/apache/mina/filter/support/SSLHandler.java     (working copy)
@@ -36,6 +36,7 @@
 import org.apache.mina.filter.SSLFilter;
 import org.apache.mina.util.Queue;
 import org.apache.mina.util.SessionLog;
+import java.net.InetSocketAddress;
 
 /**
  * A helper class using the SSLEngine API to decrypt/encrypt data.
@@ -110,7 +111,12 @@
             return;
         }
 
-        sslEngine = ctx.createSSLEngine();
+         InetSocketAddress hint = (InetSocketAddress) session.getAttribute(SSLFilter.SESSION_HINT);
+         if (hint == null) {
+           sslEngine = ctx.createSSLEngine();
+        } else {
+            sslEngine = ctx.createSSLEngine(hint.getHostName(), hint.getPort());
+         }
         sslEngine.setUseClientMode( parent.isUseClientMode() );
 
         if ( parent.isWantClientAuth() )

Index: filter-ssl/src/main/java/org/apache/mina/filter/SSLFilter.java
===================================================================
--- filter-ssl/src/main/java/org/apache/mina/filter/SSLFilter.java      (revision 487691)
+++ filter-ssl/src/main/java/org/apache/mina/filter/SSLFilter.java      (working copy)
@@ -101,6 +101,9 @@
      * doesn't emit any events related with SSL session flow control.
      */
     public static final String USE_NOTIFICATION = SSLFilter.class.getName() + ".UseNotification";
+
+    public static final String SESSION_HINT = SSLFilter.class.getName() + ".SessionHint";
+
     
     /**
      * A special message object which is emitted with a {@link IoHandler#messageReceived(IoSession, Object)}


-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira