[jira] Updated: (DIRMINA-326) Cached SSLSessions won't be reused by the SSLFilter if in client mode.

Sat, 27 Jan 2007 20:02:12 -0800 

     [ 
https://issues.apache.org/jira/browse/DIRMINA-326?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Trustin Lee updated DIRMINA-326:
--------------------------------

    Fix Version/s: 2.0.0-M1

> Cached SSLSessions won't be reused by the SSLFilter if in client mode.
> ----------------------------------------------------------------------
>
>                 Key: DIRMINA-326
>                 URL: https://issues.apache.org/jira/browse/DIRMINA-326
>             Project: MINA
>          Issue Type: Bug
>          Components: Filter
>    Affects Versions: 1.0.0
>            Reporter: Wolter Eldering
>             Fix For: 2.0.0-M1
>
>
> SSLSessions won't be reused by the SSLFilter if in client mode.
> In client mode SSLContext.createSSLEngine() will always create a new 
> SSLSession.
> The only way to reuse cached SSLSessions in client mode is to use the 
> SSLContext.createSSLEngine(String peerHost, int peerPort) factory method.
> Index: filter-ssl/src/main/java/org/apache/mina/filter/support/SSLHandler.java
> ===================================================================
> --- filter-ssl/src/main/java/org/apache/mina/filter/support/SSLHandler.java   
>   (revision 487691)
> +++ filter-ssl/src/main/java/org/apache/mina/filter/support/SSLHandler.java   
>   (working copy)
> @@ -36,6 +36,7 @@
>  import org.apache.mina.filter.SSLFilter;
>  import org.apache.mina.util.Queue;
>  import org.apache.mina.util.SessionLog;
> +import java.net.InetSocketAddress;
>  
>  /**
>   * A helper class using the SSLEngine API to decrypt/encrypt data.
> @@ -110,7 +111,12 @@
>              return;
>          }
>  
> -        sslEngine = ctx.createSSLEngine();
> +         InetSocketAddress hint = (InetSocketAddress) 
> session.getAttribute(SSLFilter.SESSION_HINT);
> +         if (hint == null) {
> +           sslEngine = ctx.createSSLEngine();
> +        } else {
> +            sslEngine = ctx.createSSLEngine(hint.getHostName(), 
> hint.getPort());
> +         }
>          sslEngine.setUseClientMode( parent.isUseClientMode() );
>  
>          if ( parent.isWantClientAuth() )
> Index: filter-ssl/src/main/java/org/apache/mina/filter/SSLFilter.java
> ===================================================================
> --- filter-ssl/src/main/java/org/apache/mina/filter/SSLFilter.java      
> (revision 487691)
> +++ filter-ssl/src/main/java/org/apache/mina/filter/SSLFilter.java      
> (working copy)
> @@ -101,6 +101,9 @@
>       * doesn't emit any events related with SSL session flow control.
>       */
>      public static final String USE_NOTIFICATION = SSLFilter.class.getName() 
> + ".UseNotification";
> +
> +    public static final String SESSION_HINT = SSLFilter.class.getName() + 
> ".SessionHint";
> +
>      
>      /**
>       * A special message object which is emitted with a [EMAIL PROTECTED] 
> IoHandler#messageReceived(IoSession, Object)}

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to