You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@mina.apache.org by "Trustin Lee (JIRA)" <ji...@apache.org> on 2007/01/28 05:01:49 UTC
[jira] Updated: (DIRMINA-326) Cached SSLSessions won't be reused by
the SSLFilter if in client mode.
[ https://issues.apache.org/jira/browse/DIRMINA-326?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Trustin Lee updated DIRMINA-326:
--------------------------------
Fix Version/s: 2.0.0-M1
> Cached SSLSessions won't be reused by the SSLFilter if in client mode.
> ----------------------------------------------------------------------
>
> Key: DIRMINA-326
> URL: https://issues.apache.org/jira/browse/DIRMINA-326
> Project: MINA
> Issue Type: Bug
> Components: Filter
> Affects Versions: 1.0.0
> Reporter: Wolter Eldering
> Fix For: 2.0.0-M1
>
>
> SSLSessions won't be reused by the SSLFilter if in client mode.
> In client mode SSLContext.createSSLEngine() will always create a new SSLSession.
> The only way to reuse cached SSLSessions in client mode is to use the SSLContext.createSSLEngine(String peerHost, int peerPort) factory method.
> Index: filter-ssl/src/main/java/org/apache/mina/filter/support/SSLHandler.java
> ===================================================================
> --- filter-ssl/src/main/java/org/apache/mina/filter/support/SSLHandler.java (revision 487691)
> +++ filter-ssl/src/main/java/org/apache/mina/filter/support/SSLHandler.java (working copy)
> @@ -36,6 +36,7 @@
> import org.apache.mina.filter.SSLFilter;
> import org.apache.mina.util.Queue;
> import org.apache.mina.util.SessionLog;
> +import java.net.InetSocketAddress;
>
> /**
> * A helper class using the SSLEngine API to decrypt/encrypt data.
> @@ -110,7 +111,12 @@
> return;
> }
>
> - sslEngine = ctx.createSSLEngine();
> + InetSocketAddress hint = (InetSocketAddress) session.getAttribute(SSLFilter.SESSION_HINT);
> + if (hint == null) {
> + sslEngine = ctx.createSSLEngine();
> + } else {
> + sslEngine = ctx.createSSLEngine(hint.getHostName(), hint.getPort());
> + }
> sslEngine.setUseClientMode( parent.isUseClientMode() );
>
> if ( parent.isWantClientAuth() )
> Index: filter-ssl/src/main/java/org/apache/mina/filter/SSLFilter.java
> ===================================================================
> --- filter-ssl/src/main/java/org/apache/mina/filter/SSLFilter.java (revision 487691)
> +++ filter-ssl/src/main/java/org/apache/mina/filter/SSLFilter.java (working copy)
> @@ -101,6 +101,9 @@
> * doesn't emit any events related with SSL session flow control.
> */
> public static final String USE_NOTIFICATION = SSLFilter.class.getName() + ".UseNotification";
> +
> + public static final String SESSION_HINT = SSLFilter.class.getName() + ".SessionHint";
> +
>
> /**
> * A special message object which is emitted with a {@link IoHandler#messageReceived(IoSession, Object)}
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.