Author: trustin
Date: Mon Jul 30 22:19:37 2007
New Revision: 561232
URL: http://svn.apache.org/viewvc?view=rev&rev=561232
Log:
Fixed a problem that SESSION_SECURED is fired on renegotiation.
Modified:
mina/branches/1.0/filter-ssl/src/main/java/org/apache/mina/filter/support/SSLHandler.java
mina/branches/1.1/filter-ssl/src/main/java/org/apache/mina/filter/support/SSLHandler.java
mina/trunk/core/src/main/java/org/apache/mina/filter/ssl/SSLHandler.java
Modified:
mina/branches/1.0/filter-ssl/src/main/java/org/apache/mina/filter/support/SSLHandler.java
URL:
http://svn.apache.org/viewvc/mina/branches/1.0/filter-ssl/src/main/java/org/apache/mina/filter/support/SSLHandler.java?view=diff&rev=561232&r1=561231&r2=561232
==============================================================================
---
mina/branches/1.0/filter-ssl/src/main/java/org/apache/mina/filter/support/SSLHandler.java
(original)
+++
mina/branches/1.0/filter-ssl/src/main/java/org/apache/mina/filter/support/SSLHandler.java
Mon Jul 30 22:19:37 2007
@@ -91,8 +91,10 @@
*/
private SSLEngineResult.HandshakeStatus handshakeStatus;
+ private boolean initialHandshakeComplete;
+
/**
- * Initial handshake complete?
+ * Handshake complete?
*/
private boolean handshakeComplete;
@@ -139,6 +141,7 @@
sslEngine.beginHandshake();
handshakeStatus =
sslEngine.getHandshakeStatus();//SSLEngineResult.HandshakeStatus.NEED_UNWRAP;
handshakeComplete = false;
+ initialHandshakeComplete = false;
SSLByteBufferPool.initiate(sslEngine);
@@ -183,7 +186,6 @@
SSLByteBufferPool.release(inNetBuffer);
SSLByteBufferPool.release(outNetBuffer);
preHandshakeEventQueue.clear();
- //postHandshakeEventQueue.clear();
}
public SSLFilter getParent() {
@@ -470,7 +472,11 @@
+ sslSession.getCipherSuite());
}
handshakeComplete = true;
- if (session.containsAttribute(SSLFilter.USE_NOTIFICATION)) {
+ if (!initialHandshakeComplete
+ &&
session.containsAttribute(SSLFilter.USE_NOTIFICATION)) {
+ // SESSION_SECURED is fired only when it's the first
handshake.
+ // (i.e. renegotiation shouldn't trigger SESSION_SECURED.)
+ initialHandshakeComplete = true;
scheduleMessageReceived(nextFilter,
SSLFilter.SESSION_SECURED);
}
Modified:
mina/branches/1.1/filter-ssl/src/main/java/org/apache/mina/filter/support/SSLHandler.java
URL:
http://svn.apache.org/viewvc/mina/branches/1.1/filter-ssl/src/main/java/org/apache/mina/filter/support/SSLHandler.java?view=diff&rev=561232&r1=561231&r2=561232
==============================================================================
---
mina/branches/1.1/filter-ssl/src/main/java/org/apache/mina/filter/support/SSLHandler.java
(original)
+++
mina/branches/1.1/filter-ssl/src/main/java/org/apache/mina/filter/support/SSLHandler.java
Mon Jul 30 22:19:37 2007
@@ -90,8 +90,10 @@
*/
private SSLEngineResult.HandshakeStatus handshakeStatus;
+ private boolean initialHandshakeComplete;
+
/**
- * Initial handshake complete?
+ * Handshake complete?
*/
private boolean handshakeComplete;
@@ -138,6 +140,7 @@
sslEngine.beginHandshake();
handshakeStatus =
sslEngine.getHandshakeStatus();//SSLEngineResult.HandshakeStatus.NEED_UNWRAP;
handshakeComplete = false;
+ initialHandshakeComplete = false;
SSLByteBufferPool.initiate(sslEngine);
@@ -182,7 +185,6 @@
SSLByteBufferPool.release(inNetBuffer);
SSLByteBufferPool.release(outNetBuffer);
preHandshakeEventQueue.clear();
- //postHandshakeEventQueue.clear();
}
public SSLFilter getParent() {
@@ -467,7 +469,11 @@
+ sslSession.getCipherSuite());
}
handshakeComplete = true;
- if (session.containsAttribute(SSLFilter.USE_NOTIFICATION)) {
+ if (!initialHandshakeComplete
+ &&
session.containsAttribute(SSLFilter.USE_NOTIFICATION)) {
+ // SESSION_SECURED is fired only when it's the first
handshake.
+ // (i.e. renegotiation shouldn't trigger SESSION_SECURED.)
+ initialHandshakeComplete = true;
scheduleMessageReceived(nextFilter,
SSLFilter.SESSION_SECURED);
}
Modified:
mina/trunk/core/src/main/java/org/apache/mina/filter/ssl/SSLHandler.java
URL:
http://svn.apache.org/viewvc/mina/trunk/core/src/main/java/org/apache/mina/filter/ssl/SSLHandler.java?view=diff&rev=561232&r1=561231&r2=561232
==============================================================================
--- mina/trunk/core/src/main/java/org/apache/mina/filter/ssl/SSLHandler.java
(original)
+++ mina/trunk/core/src/main/java/org/apache/mina/filter/ssl/SSLHandler.java
Mon Jul 30 22:19:37 2007
@@ -93,8 +93,10 @@
*/
private SSLEngineResult.HandshakeStatus handshakeStatus;
+ private boolean initialHandshakeComplete;
+
/**
- * Initial handshake complete?
+ * Handshake complete?
*/
private boolean handshakeComplete;
@@ -147,6 +149,7 @@
sslEngine.beginHandshake();
handshakeStatus =
sslEngine.getHandshakeStatus();//SSLEngineResult.HandshakeStatus.NEED_UNWRAP;
handshakeComplete = false;
+ initialHandshakeComplete = false;
SSLByteBufferUtil.initiate(sslEngine);
@@ -188,7 +191,6 @@
sslEngine = null;
preHandshakeEventQueue.clear();
- //postHandshakeEventQueue.clear();
}
public SSLFilter getParent() {
@@ -473,7 +475,11 @@
+ sslSession.getCipherSuite());
}
handshakeComplete = true;
- if (session.containsAttribute(SSLFilter.USE_NOTIFICATION)) {
+ if (!initialHandshakeComplete
+ &&
session.containsAttribute(SSLFilter.USE_NOTIFICATION)) {
+ // SESSION_SECURED is fired only when it's the first
handshake.
+ // (i.e. renegotiation shouldn't trigger SESSION_SECURED.)
+ initialHandshakeComplete = true;
scheduleMessageReceived(nextFilter,
SSLFilter.SESSION_SECURED);
}
