< prev index next >
src/java.base/share/classes/sun/security/ssl/SSLSessionImpl.java
Print this page
rev 52904 : 8234408: Improve TLS session handling
Reviewed-by: ascarpino, jjiang, ahgross, ssahoo, mullan, andrew
*** 66,80 ****
* @author David Brownell
*/
final class SSLSessionImpl extends ExtendedSSLSession {
/*
- * we only really need a single null session
- */
- static final SSLSessionImpl nullSession = new SSLSessionImpl();
-
- /*
* The state of a single session, as described in section 7.1
* of the SSLv3 spec.
*/
private final ProtocolVersion protocolVersion;
private final SessionId sessionId;
--- 66,75 ----
*** 139,149 ****
* Create a new non-rejoinable session, using the default (null)
* cipher spec. This constructor returns a session which could
* be used either by a client or by a server, as a connection is
* first opened and before handshaking begins.
*/
! private SSLSessionImpl() {
this.protocolVersion = ProtocolVersion.NONE;
this.cipherSuite = CipherSuite.C_NULL;
this.sessionId = new SessionId(false, null);
this.host = null;
this.port = -1;
--- 134,144 ----
* Create a new non-rejoinable session, using the default (null)
* cipher spec. This constructor returns a session which could
* be used either by a client or by a server, as a connection is
* first opened and before handshaking begins.
*/
! SSLSessionImpl() {
this.protocolVersion = ProtocolVersion.NONE;
this.cipherSuite = CipherSuite.C_NULL;
this.sessionId = new SessionId(false, null);
this.host = null;
this.port = -1;
*** 775,793 ****
* Invalidate a session. Active connections may still exist, but
* no connections will be able to rejoin this session.
*/
@Override
public synchronized void invalidate() {
- //
- // Can't invalidate the NULL session -- this would be
- // attempted when we get a handshaking error on a brand
- // new connection, with no "real" session yet.
- //
- if (this == nullSession) {
- return;
- }
-
if (context != null) {
context.remove(sessionId);
context = null;
}
if (invalidated) {
--- 770,779 ----
< prev index next >