diff options
| author | Kenny Root <kroot@google.com> | 2016-05-23 20:57:49 +0000 |
|---|---|---|
| committer | android-build-merger <android-build-merger@google.com> | 2016-05-23 20:57:49 +0000 |
| commit | 215292da44030110a884b81e4126318ba4742d2c (patch) | |
| tree | bd06012636caa3f66a4eab97bf82b0591a90ada2 | |
| parent | 3b3bf01285f90491860b8e2650845c5ee5d4daad (diff) | |
| parent | 051cfe80a0dd52969ce4087768b7b8a5b4751c78 (diff) | |
| download | conscrypt-215292da44030110a884b81e4126318ba4742d2c.tar.gz | |
Use SSL_session_reused to check when a session was reused am: 0b905f8ec8 am: a2e751b4bc
am: 051cfe80a0
* commit '051cfe80a0dd52969ce4087768b7b8a5b4751c78':
Use SSL_session_reused to check when a session was reused
Change-Id: I3a972ee0fb33770474a335392dae283c33854f23
| -rw-r--r-- | src/main/java/org/conscrypt/NativeCrypto.java | 2 | ||||
| -rw-r--r-- | src/main/java/org/conscrypt/SSLParametersImpl.java | 3 | ||||
| -rw-r--r-- | src/main/native/org_conscrypt_NativeCrypto.cpp | 13 |
3 files changed, 16 insertions, 2 deletions
diff --git a/src/main/java/org/conscrypt/NativeCrypto.java b/src/main/java/org/conscrypt/NativeCrypto.java index 264901f7..0633e987 100644 --- a/src/main/java/org/conscrypt/NativeCrypto.java +++ b/src/main/java/org/conscrypt/NativeCrypto.java @@ -1011,6 +1011,8 @@ public final class NativeCrypto { public static native void SSL_set_session_creation_enabled( long sslNativePointer, boolean creationEnabled) throws SSLException; + public static native boolean SSL_session_reused(long sslNativePointer); + public static native void SSL_set_reject_peer_renegotiations( long sslNativePointer, boolean renegotiationRejected) throws SSLException; diff --git a/src/main/java/org/conscrypt/SSLParametersImpl.java b/src/main/java/org/conscrypt/SSLParametersImpl.java index 0101935a..312f9234 100644 --- a/src/main/java/org/conscrypt/SSLParametersImpl.java +++ b/src/main/java/org/conscrypt/SSLParametersImpl.java @@ -588,8 +588,7 @@ public class SSLParametersImpl implements Cloneable { final OpenSSLSessionImpl sessionToReuse, String hostname, int port, boolean handshakeCompleted) throws IOException { OpenSSLSessionImpl sslSession = null; - byte[] sessionId = NativeCrypto.SSL_SESSION_session_id(sslSessionNativePointer); - if (sessionToReuse != null && Arrays.equals(sessionToReuse.getId(), sessionId)) { + if (sessionToReuse != null && NativeCrypto.SSL_session_reused(sslNativePointer)) { sslSession = sessionToReuse; sslSession.lastAccessedTime = System.currentTimeMillis(); NativeCrypto.SSL_SESSION_free(sslSessionNativePointer); diff --git a/src/main/native/org_conscrypt_NativeCrypto.cpp b/src/main/native/org_conscrypt_NativeCrypto.cpp index 6c687504..fe08d7ce 100644 --- a/src/main/native/org_conscrypt_NativeCrypto.cpp +++ b/src/main/native/org_conscrypt_NativeCrypto.cpp @@ -8895,6 +8895,18 @@ static void NativeCrypto_SSL_set_session_creation_enabled(JNIEnv* env, jclass, #endif } +static jboolean NativeCrypto_SSL_session_reused(JNIEnv* env, jclass, jlong ssl_address) { + SSL* ssl = to_SSL(env, ssl_address, true); + JNI_TRACE("ssl=%p NativeCrypto_SSL_session_reused", ssl); + if (ssl == nullptr) { + return JNI_FALSE; + } + + int reused = SSL_session_reused(ssl); + JNI_TRACE("ssl=%p NativeCrypto_SSL_session_reused => %d", ssl, reused); + return reused == 1 ? JNI_TRUE : JNI_FALSE; +} + static void NativeCrypto_SSL_set_reject_peer_renegotiations(JNIEnv* env, jclass, jlong ssl_address, jboolean reject_renegotiations) { @@ -10844,6 +10856,7 @@ static JNINativeMethod sNativeCryptoMethods[] = { NATIVE_METHOD(NativeCrypto, SSL_set_verify, "(JI)V"), NATIVE_METHOD(NativeCrypto, SSL_set_session, "(JJ)V"), NATIVE_METHOD(NativeCrypto, SSL_set_session_creation_enabled, "(JZ)V"), + NATIVE_METHOD(NativeCrypto, SSL_session_reused, "(J)Z"), NATIVE_METHOD(NativeCrypto, SSL_set_reject_peer_renegotiations, "(JZ)V"), NATIVE_METHOD(NativeCrypto, SSL_set_tlsext_host_name, "(JLjava/lang/String;)V"), NATIVE_METHOD(NativeCrypto, SSL_get_servername, "(J)Ljava/lang/String;"), |