jdk-sandbox: comparison src/java.base/share/classes/sun/security/ssl/SSLSessionImpl.java

equal deleted inserted replaced

-:b152d06ed6a9
+:38c2a4078033
 import java.util.ArrayList;
 import java.util.Queue;
 import java.util.Collection;
 import java.util.Collections;
 import java.util.Enumeration;
-import java.util.Hashtable;
 import java.util.List;
-import java.util.Vector;
 import java.util.Optional;
+import java.util.concurrent.ConcurrentHashMap;
 import java.util.concurrent.ConcurrentLinkedQueue;
 import javax.crypto.SecretKey;
 import javax.net.ssl.ExtendedSSLSession;
 import javax.net.ssl.SNIServerName;
 import javax.net.ssl.SSLPeerUnverifiedException;
 /*
 * we only really need a single null session
 */
 static final SSLSessionImpl         nullSession = new SSLSessionImpl();
-// compression methods
-private static final byte           compression_null = 0;
 /*
 * The state of a single session, as described in section 7.1
 * of the SSLv3 spec.
 */
 private final ProtocolVersion       protocolVersion;
 private final SessionId             sessionId;
 private X509Certificate[]   peerCerts;
-private byte                compressionMethod;
 private CipherSuite         cipherSuite;
 private SecretKey           masterSecret;
 final boolean               useExtendedMasterSecret;
 /*
 private final long          creationTime;
 private long                lastUsedTime = 0;
 private final String        host;
 private final int           port;
 private SSLSessionContextImpl       context;
-private int                 sessionCount;
 private boolean             invalidated;
 private X509Certificate[]   localCerts;
 private PrivateKey          localPrivateKey;
 private final String[]      localSupportedSignAlgs;
 private String[]            peerSupportedSignAlgs;      // for certificate
 private SecretKey           preSharedKey;
 private byte[]              pskIdentity;
 private final long          ticketCreationTime = System.currentTimeMillis();
 private int                 ticketAgeAdd;
-private int                 negotiatedMaxFragLen;
+private int                 negotiatedMaxFragLen = -1;
 private int                 maximumPacketSize;
-// Principals for non-certificate based cipher suites
+private final Queue<SSLSessionImpl> childSessions =
-private Principal peerPrincipal;
+new ConcurrentLinkedQueue<>();
-private Principal localPrincipal;
-private Queue<SSLSessionImpl> childSessions = new ConcurrentLinkedQueue<SSLSessionImpl>();
 /*
 * Is the session currently re-established with a session-resumption
 * abbreviated initial handshake?
 *
 * Note that currently we only set this variable in client side.
 */
 private boolean isSessionResumption = false;
-/*
-* We count session creations, eventually for statistical data but
-* also since counters make shorter debugging IDs than the big ones
-* we use in the protocol for uniqueness-over-time.
-*/
-private static volatile int counter;
 /*
 * Use of session caches is globally enabled/disabled.
 */
 private static boolean      defaultRejoinable = true;
 * Record a new session, using a given cipher spec, session ID,
 * and creation time
 */
 SSLSessionImpl(HandshakeContext hc,
 CipherSuite cipherSuite, SessionId id, long creationTime) {
-this.creationTime = creationTime;
 this.protocolVersion = hc.negotiatedProtocol;
+this.cipherSuite = cipherSuite;
 this.sessionId = id;
-peerCerts = null;
-compressionMethod = compression_null;
-this.cipherSuite = cipherSuite;
-masterSecret = null;
 this.host = hc.conContext.transport.getPeerHost();
 this.port = hc.conContext.transport.getPeerPort();
-sessionCount = ++counter;
 this.localSupportedSignAlgs =
 SignatureScheme.getAlgorithmNames(hc.localSupportedSignAlgs);
-negotiatedMaxFragLen = -1;
+this.serverNameIndication = hc.negotiatedServerName;
-statusResponses = null;
 this.requestedServerNames = Collections.<SNIServerName>unmodifiableList(
 hc.getRequestedServerNames());
-this.serverNameIndication = hc.negotiatedServerName;
 if (hc.sslConfig.isClientMode) {
 this.useExtendedMasterSecret =
 (hc.handshakeExtensions.get(
 SSLExtension.CH_EXTENDED_MASTER_SECRET) != null) &&
 (hc.handshakeExtensions.get(
 this.useExtendedMasterSecret =
 (hc.handshakeExtensions.get(
 SSLExtension.CH_EXTENDED_MASTER_SECRET) != null) &&
 (!hc.negotiatedProtocol.useTLS13PlusSpec());
 }
+this.creationTime = creationTime;
 if (SSLLogger.isOn && SSLLogger.isOn("session")) {
 SSLLogger.finest("Session initialized:  " + this);
 }
 }
 void setMasterSecret(SecretKey secret) {
-if (masterSecret == null) {
+masterSecret = secret;
-masterSecret = secret;
-} else {
-throw new RuntimeException("setMasterSecret() error");
-}
 }
 void setResumptionMasterSecret(SecretKey secret) {
-if (resumptionMasterSecret == null) {
+resumptionMasterSecret = secret;
-resumptionMasterSecret = secret;
-} else {
-throw new RuntimeException("setResumptionMasterSecret() error");
-}
 }
 void setPreSharedKey(SecretKey key) {
-if (preSharedKey == null) {
+preSharedKey = key;
-preSharedKey = key;
-} else {
-throw new RuntimeException("setPreSharedKey() error");
-}
 }
 void addChild(SSLSessionImpl session) {
 childSessions.add(session);
 }
 void setTicketAgeAdd(int ticketAgeAdd) {
 this.ticketAgeAdd = ticketAgeAdd;
 }
 void setPskIdentity(byte[] pskIdentity) {
-if (this.pskIdentity == null) {
+this.pskIdentity = pskIdentity;
-this.pskIdentity = pskIdentity;
-} else {
-throw new RuntimeException("setPskIdentity() error");
-}
 }
 BigInteger incrTicketNonceCounter() {
 BigInteger result = ticketNonceCounter;
 ticketNonceCounter = ticketNonceCounter.add(BigInteger.valueOf(1));
 statusResponses = Collections.emptyList();
 }
 }
 /**
-* Set the peer principal.
-*/
-void setPeerPrincipal(Principal principal) {
-if (peerPrincipal == null) {
-peerPrincipal = principal;
-}
-}
-/**
-* Set the local principal.
-*/
-void setLocalPrincipal(Principal principal) {
-localPrincipal = principal;
-}
-/**
 * Returns true iff this session may be resumed ... sessions are
 * usually resumable.  Security policies may suggest otherwise,
 * for example sessions that haven't been used for a while (say,
 * a working day) won't be resumable, and sessions might have a
 * maximum lifetime in any case.
 public String getProtocol() {
 return getProtocolVersion().name;
 }
 /**
-* Returns the compression technique used in this session
-*/
-byte getCompression() {
-return compressionMethod;
-}
-/**
 * Returns the hashcode for this session
 */
 @Override
 public int hashCode() {
 return sessionId.hashCode();
 /*
 * Table of application-specific session data indexed by an application
 * key and the calling security context. This is important since
 * sessions can be shared across different protection domains.
 */
-private Hashtable<SecureKey, Object> table = new Hashtable<>();
+private final ConcurrentHashMap<SecureKey, Object> boundValues =
+new ConcurrentHashMap<>();
 /**
 * Assigns a session value.  Session change events are given if
 * appropriate, to any original value as well as the new value.
 */
 if ((key == null) || (value == null)) {
 throw new IllegalArgumentException("arguments can not be null");
 }
 SecureKey secureKey = new SecureKey(key);
-Object oldValue = table.put(secureKey, value);
+Object oldValue = boundValues.put(secureKey, value);
 if (oldValue instanceof SSLSessionBindingListener) {
 SSLSessionBindingEvent e;
 e = new SSLSessionBindingEvent(this, key);
 if (key == null) {
 throw new IllegalArgumentException("argument can not be null");
 }
 SecureKey secureKey = new SecureKey(key);
-return table.get(secureKey);
+return boundValues.get(secureKey);
 }
 /**
 * Removes the specified session value, delivering a session changed
 if (key == null) {
 throw new IllegalArgumentException("argument can not be null");
 }
 SecureKey secureKey = new SecureKey(key);
-Object value = table.remove(secureKey);
+Object value = boundValues.remove(secureKey);
 if (value instanceof SSLSessionBindingListener) {
 SSLSessionBindingEvent e;
 e = new SSLSessionBindingEvent(this, key);
 /**
 * Lists the names of the session values.
 */
 @Override
 public String[] getValueNames() {
-Enumeration<SecureKey> e;
+ArrayList<Object> v = new ArrayList<>();
-Vector<Object> v = new Vector<>();
-SecureKey key;
 Object securityCtx = SecureKey.getCurrentSecurityContext();
+for (Enumeration<SecureKey> e = boundValues.keys();
-for (e = table.keys(); e.hasMoreElements(); ) {
+e.hasMoreElements(); ) {
-key = e.nextElement();
+SecureKey key = e.nextElement();
 if (securityCtx.equals(key.getSecurityContext())) {
-v.addElement(key.getAppKey());
+v.add(key.getAppKey());
 }
 }
-String[] names = new String[v.size()];
-v.copyInto(names);
+return v.toArray(new String[0]);
-return names;
 }
 /**
 * Use large packet sizes now or follow RFC 2246 packet sizes (2^14)
 * until changed.
 * Obtains a <code>List</code> containing all {@link SNIServerName}s
 * of the requested Server Name Indication (SNI) extension.
 */
 @Override
 public List<SNIServerName> getRequestedServerNames() {
-if (requestedServerNames == null) {
-return Collections.<SNIServerName>emptyList();
-}
 return requestedServerNames;
 }
 /** Returns a string representation of this SSL session */
 @Override
 public String toString() {
-return "[Session-" + sessionCount
+return "Session(" + creationTime + "|" + getCipherSuite() + ")";
-+ ", " + getCipherSuite()
-+ "]";
 }
 }
 /**
 * This "struct" class serves as a Hash Key that combines an
 * application-specific key and a security context.
 */
 class SecureKey {
-private static Object       nullObject = new Object();
+private static final Object     nullObject = new Object();
-private Object              appKey;
+private final Object            appKey;
-private Object              securityCtx;
+private final Object            securityCtx;
 static Object getCurrentSecurityContext() {
 SecurityManager sm = System.getSecurityManager();
 Object context = null;

branch	JDK-8145252-TLS13-branch
changeset 56716	38c2a4078033
parent 56692	7b0bde908f58