Java Code Examples for javax.net.ssl.SSLSessionContext

The following examples show how to use javax.net.ssl.SSLSessionContext. These examples are extracted from open source projects. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source Project: openjsse   Author: openjsse   File: SSLSessionImpl.java    License: GNU General Public License v2.0 6 votes vote down vote up
/**
 * For server sessions, this returns the set of sessions which
 * are currently valid in this process.  For client sessions,
 * this returns null.
 */
@Override
public SSLSessionContext getSessionContext() {
    /*
     * An interim security policy until we can do something
     * more specific in 1.2. Only allow trusted code (code which
     * can set system properties) to get an
     * SSLSessionContext. This is to limit the ability of code to
     * look up specific sessions or enumerate over them. Otherwise,
     * code can only get session objects from successful SSL
     * connections which implies that they must have had permission
     * to make the network connection in the first place.
     */
    SecurityManager sm;
    if ((sm = System.getSecurityManager()) != null) {
        sm.checkPermission(new SSLPermission("getSSLSessionContext"));
    }

    return context;
}
 
Example #2
Source Project: jdk8u-dev-jdk   Author: frohoff   File: SSLSessionImpl.java    License: GNU General Public License v2.0 6 votes vote down vote up
/**
 * For server sessions, this returns the set of sessions which
 * are currently valid in this process.  For client sessions,
 * this returns null.
 */
@Override
public SSLSessionContext getSessionContext() {
    /*
     * An interim security policy until we can do something
     * more specific in 1.2. Only allow trusted code (code which
     * can set system properties) to get an
     * SSLSessionContext. This is to limit the ability of code to
     * look up specific sessions or enumerate over them. Otherwise,
     * code can only get session objects from successful SSL
     * connections which implies that they must have had permission
     * to make the network connection in the first place.
     */
    SecurityManager sm;
    if ((sm = System.getSecurityManager()) != null) {
        sm.checkPermission(new SSLPermission("getSSLSessionContext"));
    }

    return context;
}
 
Example #3
Source Project: hugegraph-common   Author: hugegraph   File: RestClientTest.java    License: Apache License 2.0 6 votes vote down vote up
@Test
public void testHostNameVerifier() {
    BiFunction<String, String, Boolean> verifer = (url, hostname) -> {
        AbstractRestClient.HostNameVerifier verifier;
        SSLSession session;
        try {
            SSLSessionContext sc = SSLContext.getDefault()
                                             .getClientSessionContext();
            session = sc.getSession(new byte[]{11});
            verifier = new AbstractRestClient.HostNameVerifier(url);
        } catch (NoSuchAlgorithmException e) {
            throw new RuntimeException(e);
        }
        return verifier.verify(hostname, session);
    };

    Assert.assertTrue(verifer.apply("http://baidu.com", "baidu.com"));
    Assert.assertTrue(verifer.apply("http://test1.baidu.com", "baidu.com"));
    Assert.assertTrue(verifer.apply("http://test2.baidu.com", "baidu.com"));
    Assert.assertFalse(verifer.apply("http://baidu2.com", "baidu.com"));
    Assert.assertTrue(verifer.apply("http://baidu.com", ""));
    Assert.assertTrue(verifer.apply("baidu.com", "baidu.com"));
    Assert.assertTrue(verifer.apply("http://baidu.com/test", "baidu.com"));
    Assert.assertTrue(verifer.apply("baidu.com/test/abc", "baidu.com"));
    Assert.assertFalse(verifer.apply("baidu.com.sina.com", "baidu.com"));
}
 
Example #4
Source Project: openjdk-jdk8u   Author: AdoptOpenJDK   File: SSLSessionImpl.java    License: GNU General Public License v2.0 6 votes vote down vote up
/**
 * For server sessions, this returns the set of sessions which
 * are currently valid in this process.  For client sessions,
 * this returns null.
 */
@Override
public SSLSessionContext getSessionContext() {
    /*
     * An interim security policy until we can do something
     * more specific in 1.2. Only allow trusted code (code which
     * can set system properties) to get an
     * SSLSessionContext. This is to limit the ability of code to
     * look up specific sessions or enumerate over them. Otherwise,
     * code can only get session objects from successful SSL
     * connections which implies that they must have had permission
     * to make the network connection in the first place.
     */
    SecurityManager sm;
    if ((sm = System.getSecurityManager()) != null) {
        sm.checkPermission(new SSLPermission("getSSLSessionContext"));
    }

    return context;
}
 
Example #5
Source Project: openjdk-jdk8u-backup   Author: AdoptOpenJDK   File: SSLSessionImpl.java    License: GNU General Public License v2.0 6 votes vote down vote up
/**
 * For server sessions, this returns the set of sessions which
 * are currently valid in this process.  For client sessions,
 * this returns null.
 */
@Override
public SSLSessionContext getSessionContext() {
    /*
     * An interim security policy until we can do something
     * more specific in 1.2. Only allow trusted code (code which
     * can set system properties) to get an
     * SSLSessionContext. This is to limit the ability of code to
     * look up specific sessions or enumerate over them. Otherwise,
     * code can only get session objects from successful SSL
     * connections which implies that they must have had permission
     * to make the network connection in the first place.
     */
    SecurityManager sm;
    if ((sm = System.getSecurityManager()) != null) {
        sm.checkPermission(new SSLPermission("getSSLSessionContext"));
    }

    return context;
}
 
Example #6
Source Project: styx   Author: HotelsDotCom   File: SslContexts.java    License: Apache License 2.0 6 votes vote down vote up
private static void registerOpenSslStats(SslContext sslContext, MetricRegistry metricRegistry) {
    SSLSessionContext sslSessionContext = sslContext.sessionContext();
    if (sslSessionContext instanceof OpenSslSessionContext) {
        OpenSslSessionStats stats = ((OpenSslSessionContext) sslSessionContext).stats();
        MetricRegistry sessionStatsRegistry = metricRegistry.scope("connections.openssl.session");
        sessionStatsRegistry.register("number", (Gauge<Long>) stats::number);
        sessionStatsRegistry.register("accept", (Gauge<Long>) stats::accept);
        sessionStatsRegistry.register("acceptGood", (Gauge<Long>) stats::acceptGood);
        sessionStatsRegistry.register("acceptRenegotiate", (Gauge<Long>) stats::acceptRenegotiate);
        sessionStatsRegistry.register("hits", (Gauge<Long>) stats::hits);
        sessionStatsRegistry.register("misses", (Gauge<Long>) stats::misses);
        sessionStatsRegistry.register("cbHits", (Gauge<Long>) stats::cbHits);
        sessionStatsRegistry.register("cacheFull", (Gauge<Long>) stats::cacheFull);
        sessionStatsRegistry.register("timeouts", (Gauge<Long>) stats::timeouts);
    }
}
 
Example #7
Source Project: Bytecoder   Author: mirkosertic   File: SSLSessionImpl.java    License: Apache License 2.0 6 votes vote down vote up
/**
 * For server sessions, this returns the set of sessions which
 * are currently valid in this process.  For client sessions,
 * this returns null.
 */
@Override
public SSLSessionContext getSessionContext() {
    /*
     * An interim security policy until we can do something
     * more specific in 1.2. Only allow trusted code (code which
     * can set system properties) to get an
     * SSLSessionContext. This is to limit the ability of code to
     * look up specific sessions or enumerate over them. Otherwise,
     * code can only get session objects from successful SSL
     * connections which implies that they must have had permission
     * to make the network connection in the first place.
     */
    SecurityManager sm;
    if ((sm = System.getSecurityManager()) != null) {
        sm.checkPermission(new SSLPermission("getSSLSessionContext"));
    }

    return context;
}
 
Example #8
Source Project: openjdk-jdk9   Author: AdoptOpenJDK   File: SSLSessionImpl.java    License: GNU General Public License v2.0 6 votes vote down vote up
/**
 * For server sessions, this returns the set of sessions which
 * are currently valid in this process.  For client sessions,
 * this returns null.
 */
@Override
public SSLSessionContext getSessionContext() {
    /*
     * An interim security policy until we can do something
     * more specific in 1.2. Only allow trusted code (code which
     * can set system properties) to get an
     * SSLSessionContext. This is to limit the ability of code to
     * look up specific sessions or enumerate over them. Otherwise,
     * code can only get session objects from successful SSL
     * connections which implies that they must have had permission
     * to make the network connection in the first place.
     */
    SecurityManager sm;
    if ((sm = System.getSecurityManager()) != null) {
        sm.checkPermission(new SSLPermission("getSSLSessionContext"));
    }

    return context;
}
 
Example #9
Source Project: jdk8u-jdk   Author: lambdalab-mirror   File: SSLSessionImpl.java    License: GNU General Public License v2.0 6 votes vote down vote up
/**
 * For server sessions, this returns the set of sessions which
 * are currently valid in this process.  For client sessions,
 * this returns null.
 */
@Override
public SSLSessionContext getSessionContext() {
    /*
     * An interim security policy until we can do something
     * more specific in 1.2. Only allow trusted code (code which
     * can set system properties) to get an
     * SSLSessionContext. This is to limit the ability of code to
     * look up specific sessions or enumerate over them. Otherwise,
     * code can only get session objects from successful SSL
     * connections which implies that they must have had permission
     * to make the network connection in the first place.
     */
    SecurityManager sm;
    if ((sm = System.getSecurityManager()) != null) {
        sm.checkPermission(new SSLPermission("getSSLSessionContext"));
    }

    return context;
}
 
Example #10
Source Project: ibm-cos-sdk-java   Author: IBM   File: SdkTLSSocketFactory.java    License: Apache License 2.0 6 votes vote down vote up
/**
 * Invalidates all SSL/TLS sessions in {@code sessionContext} associated with {@code remoteAddress}.
 *
 * @param sessionContext collection of SSL/TLS sessions to be (potentially) invalidated
 * @param remoteAddress  associated with sessions to invalidate
 */
private void clearSessionCache(final SSLSessionContext sessionContext, final InetSocketAddress remoteAddress) {
    final String hostName = remoteAddress.getHostName();
    final int port = remoteAddress.getPort();
    final Enumeration<byte[]> ids = sessionContext.getIds();

    if (ids == null) {
        return;
    }

    while (ids.hasMoreElements()) {
        final byte[] id = ids.nextElement();
        final SSLSession session = sessionContext.getSession(id);
        if (session != null && session.getPeerHost() != null && session.getPeerHost().equalsIgnoreCase(hostName)
                && session.getPeerPort() == port) {
            session.invalidate();
            if (LOG.isDebugEnabled()) {
                LOG.debug("Invalidated session " + session);
            }
        }
    }
}
 
Example #11
Source Project: qpid-broker-j   Author: apache   File: AmqpPortImpl.java    License: Apache License 2.0 6 votes vote down vote up
private SSLContext createSslContext()
{
    KeyStore keyStore = getKeyStore();
    Collection<TrustStore> trustStores = getTrustStores();

    boolean needClientCert = (Boolean)getAttribute(NEED_CLIENT_AUTH) || (Boolean)getAttribute(WANT_CLIENT_AUTH);
    if (needClientCert && trustStores.isEmpty())
    {
        throw new IllegalConfigurationException("Client certificate authentication is enabled on AMQP port '"
                + this.getName() + "' but no trust store defined");
    }

    SSLContext sslContext = SSLUtil.createSslContext(keyStore, trustStores, getName());
    SSLSessionContext serverSessionContext = sslContext.getServerSessionContext();
    if (getTLSSessionCacheSize() > 0)
    {
        serverSessionContext.setSessionCacheSize(getTLSSessionCacheSize());
    }
    if (getTLSSessionTimeout() > 0)
    {
        serverSessionContext.setSessionTimeout(getTLSSessionTimeout());
    }

    return sslContext;
}
 
Example #12
Source Project: hottub   Author: dsrg-uoft   File: SSLSessionImpl.java    License: GNU General Public License v2.0 6 votes vote down vote up
/**
 * For server sessions, this returns the set of sessions which
 * are currently valid in this process.  For client sessions,
 * this returns null.
 */
@Override
public SSLSessionContext getSessionContext() {
    /*
     * An interim security policy until we can do something
     * more specific in 1.2. Only allow trusted code (code which
     * can set system properties) to get an
     * SSLSessionContext. This is to limit the ability of code to
     * look up specific sessions or enumerate over them. Otherwise,
     * code can only get session objects from successful SSL
     * connections which implies that they must have had permission
     * to make the network connection in the first place.
     */
    SecurityManager sm;
    if ((sm = System.getSecurityManager()) != null) {
        sm.checkPermission(new SSLPermission("getSSLSessionContext"));
    }

    return context;
}
 
Example #13
Source Project: openjdk-8   Author: bpupadhyaya   File: SSLSessionImpl.java    License: GNU General Public License v2.0 6 votes vote down vote up
/**
 * For server sessions, this returns the set of sessions which
 * are currently valid in this process.  For client sessions,
 * this returns null.
 */
@Override
public SSLSessionContext getSessionContext() {
    /*
     * An interim security policy until we can do something
     * more specific in 1.2. Only allow trusted code (code which
     * can set system properties) to get an
     * SSLSessionContext. This is to limit the ability of code to
     * look up specific sessions or enumerate over them. Otherwise,
     * code can only get session objects from successful SSL
     * connections which implies that they must have had permission
     * to make the network connection in the first place.
     */
    SecurityManager sm;
    if ((sm = System.getSecurityManager()) != null) {
        sm.checkPermission(new SSLPermission("getSSLSessionContext"));
    }

    return context;
}
 
Example #14
Source Project: jdk8u_jdk   Author: JetBrains   File: SSLSessionImpl.java    License: GNU General Public License v2.0 6 votes vote down vote up
/**
 * For server sessions, this returns the set of sessions which
 * are currently valid in this process.  For client sessions,
 * this returns null.
 */
@Override
public SSLSessionContext getSessionContext() {
    /*
     * An interim security policy until we can do something
     * more specific in 1.2. Only allow trusted code (code which
     * can set system properties) to get an
     * SSLSessionContext. This is to limit the ability of code to
     * look up specific sessions or enumerate over them. Otherwise,
     * code can only get session objects from successful SSL
     * connections which implies that they must have had permission
     * to make the network connection in the first place.
     */
    SecurityManager sm;
    if ((sm = System.getSecurityManager()) != null) {
        sm.checkPermission(new SSLPermission("getSSLSessionContext"));
    }

    return context;
}
 
Example #15
Source Project: tomcatsrc   Author: wangyingjie   File: JSSESocketFactory.java    License: Apache License 2.0 6 votes vote down vote up
@Override
public void configureSessionContext(SSLSessionContext sslSessionContext) {
    int sessionCacheSize;
    if (endpoint.getSessionCacheSize() != null) {
        sessionCacheSize = Integer.parseInt(
                endpoint.getSessionCacheSize());
    } else {
        sessionCacheSize = defaultSessionCacheSize;
    }

    int sessionTimeout;
    if (endpoint.getSessionTimeout() != null) {
        sessionTimeout = Integer.parseInt(endpoint.getSessionTimeout());
    } else {
        sessionTimeout = defaultSessionTimeout;
    }

    sslSessionContext.setSessionCacheSize(sessionCacheSize);
    sslSessionContext.setSessionTimeout(sessionTimeout);
}
 
Example #16
Source Project: jdk8u-jdk   Author: frohoff   File: SSLSessionImpl.java    License: GNU General Public License v2.0 6 votes vote down vote up
/**
 * For server sessions, this returns the set of sessions which
 * are currently valid in this process.  For client sessions,
 * this returns null.
 */
@Override
public SSLSessionContext getSessionContext() {
    /*
     * An interim security policy until we can do something
     * more specific in 1.2. Only allow trusted code (code which
     * can set system properties) to get an
     * SSLSessionContext. This is to limit the ability of code to
     * look up specific sessions or enumerate over them. Otherwise,
     * code can only get session objects from successful SSL
     * connections which implies that they must have had permission
     * to make the network connection in the first place.
     */
    SecurityManager sm;
    if ((sm = System.getSecurityManager()) != null) {
        sm.checkPermission(new SSLPermission("getSSLSessionContext"));
    }

    return context;
}
 
Example #17
Source Project: Tomcat8-Source-Read   Author: chenmudu   File: SSLUtilBase.java    License: MIT License 5 votes vote down vote up
@Override
public final SSLContext createSSLContext(List<String> negotiableProtocols) throws Exception {
    SSLContext sslContext = createSSLContextInternal(negotiableProtocols);
    sslContext.init(getKeyManagers(), getTrustManagers(), null);

    SSLSessionContext sessionContext = sslContext.getServerSessionContext();
    if (sessionContext != null) {
        configureSessionContext(sessionContext);
    }

    return sslContext;
}
 
Example #18
Source Project: Tomcat8-Source-Read   Author: chenmudu   File: SSLUtilBase.java    License: MIT License 5 votes vote down vote up
@Override
public void configureSessionContext(SSLSessionContext sslSessionContext) {
    // <0 - don't set anything - use the implementation default
    if (sslHostConfig.getSessionCacheSize() >= 0) {
        sslSessionContext.setSessionCacheSize(sslHostConfig.getSessionCacheSize());
    }

    // <0 - don't set anything - use the implementation default
    if (sslHostConfig.getSessionTimeout() >= 0) {
        sslSessionContext.setSessionTimeout(sslHostConfig.getSessionTimeout());
    }
}
 
Example #19
Source Project: Flink-CEPplus   Author: ljygz   File: NettyClientServerSslTest.java    License: Apache License 2.0 5 votes vote down vote up
private void testValidSslConnection(Configuration sslConfig) throws Exception {
	NettyProtocol protocol = new NoOpProtocol();

	NettyConfig nettyConfig = createNettyConfig(sslConfig);

	NettyTestUtil.NettyServerAndClient serverAndClient = NettyTestUtil.initServerAndClient(protocol, nettyConfig);

	Channel ch = NettyTestUtil.connect(serverAndClient);

	SslHandler sslHandler = (SslHandler) ch.pipeline().get("ssl");
	assertEqualsOrDefault(sslConfig, SSL_INTERNAL_HANDSHAKE_TIMEOUT, sslHandler.getHandshakeTimeoutMillis());
	assertEqualsOrDefault(sslConfig, SSL_INTERNAL_CLOSE_NOTIFY_FLUSH_TIMEOUT, sslHandler.getCloseNotifyFlushTimeoutMillis());

	// should be able to send text data
	ch.pipeline().addLast(new StringDecoder()).addLast(new StringEncoder());
	assertTrue(ch.writeAndFlush("test").await().isSuccess());

	// session context is only be available after a session was setup -> this should be true after data was sent
	SSLSessionContext sessionContext = sslHandler.engine().getSession().getSessionContext();
	assertNotNull("bug in unit test setup: session context not available", sessionContext);
	assertEqualsOrDefault(sslConfig, SSL_INTERNAL_SESSION_CACHE_SIZE, sessionContext.getSessionCacheSize());
	int sessionTimeout = sslConfig.getInteger(SSL_INTERNAL_SESSION_TIMEOUT);
	if (sessionTimeout != -1) {
		// session timeout config is in milliseconds but the context returns it in seconds
		assertEquals(sessionTimeout / 1000, sessionContext.getSessionTimeout());
	} else {
		assertTrue("default value (-1) should not be propagated", sessionContext.getSessionTimeout() >= 0);
	}

	NettyTestUtil.shutdown(serverAndClient);
}
 
Example #20
Source Project: dragonwell8_jdk   Author: alibaba   File: DefautlCacheSize.java    License: GNU General Public License v2.0 5 votes vote down vote up
public static void main(String[] args) throws Exception {
    SSLServerSocketFactory sssf =
            (SSLServerSocketFactory)SSLServerSocketFactory.getDefault();

    try (SSLServerSocket serverSocket =
                (SSLServerSocket)sssf.createServerSocket()) {

        String[] protocols = serverSocket.getSupportedProtocols();
        for (int i = 0; i < protocols.length; i++) {
            if (protocols[i].equals("SSLv2Hello")) {
                continue;
            }
            SSLContext sslContext = SSLContext.getInstance(protocols[i]);
            SSLSessionContext sessionContext =
                    sslContext.getServerSessionContext();
            if (sessionContext.getSessionCacheSize() == 0) {
                throw new Exception(
                    "the default server session cache size is infinite");
            }

            sessionContext = sslContext.getClientSessionContext();
            if (sessionContext.getSessionCacheSize() == 0) {
                throw new Exception(
                    "the default client session cache size is infinite");
            }
        }
    }
}
 
Example #21
Source Project: dragonwell8_jdk   Author: alibaba   File: Timeout.java    License: GNU General Public License v2.0 5 votes vote down vote up
public static void main(String[] args) throws Exception {
//        try {
            SSLServerSocketFactory ssf =
                (SSLServerSocketFactory)SSLServerSocketFactory.getDefault();
            SSLServerSocket ss = (SSLServerSocket)ssf.createServerSocket();
            String[] protocols = ss.getSupportedProtocols();
            for (int i = 0; i < protocols.length; i++) {
//                try {
                    if (protocols[i].equals("SSLv2Hello")) {
                        continue;
                    }
                    SSLContext sslc = SSLContext.getInstance(protocols[i]);
                    SSLSessionContext sslsc = sslc.getServerSessionContext();
                    System.out.println("Protocol: " + protocols[i]);
                    sslsc.setSessionTimeout(Integer.MAX_VALUE);
                    int newtime = sslsc.getSessionTimeout();
                    if (newtime != Integer.MAX_VALUE) {
                        throw new Exception ("Expected timeout: " +
                            Integer.MAX_VALUE + ", got instead: " +
                            newtime);
                    }
//                } catch (Exception e) {
//                }
            }
//        } catch (Exception e) {
//            System.out.println(e);
//        }
        System.out.println("Finished");
    }
 
Example #22
Source Project: netty-4.1.22   Author: tianheframe   File: JdkSslClientContext.java    License: Apache License 2.0 5 votes vote down vote up
private static SSLContext newSSLContext(Provider sslContextProvider,
                                        X509Certificate[] trustCertCollection,
                                        TrustManagerFactory trustManagerFactory, X509Certificate[] keyCertChain,
                                        PrivateKey key, String keyPassword, KeyManagerFactory keyManagerFactory,
                                        long sessionCacheSize, long sessionTimeout) throws SSLException {
    try {
        if (trustCertCollection != null) {
            trustManagerFactory = buildTrustManagerFactory(trustCertCollection, trustManagerFactory);
        }
        if (keyCertChain != null) {
            keyManagerFactory = buildKeyManagerFactory(keyCertChain, key, keyPassword, keyManagerFactory);
        }
        SSLContext ctx = sslContextProvider == null ? SSLContext.getInstance(PROTOCOL)
            : SSLContext.getInstance(PROTOCOL, sslContextProvider);
        ctx.init(keyManagerFactory == null ? null : keyManagerFactory.getKeyManagers(),
                 trustManagerFactory == null ? null : trustManagerFactory.getTrustManagers(),
                 null);

        SSLSessionContext sessCtx = ctx.getClientSessionContext();
        if (sessionCacheSize > 0) {
            sessCtx.setSessionCacheSize((int) Math.min(sessionCacheSize, Integer.MAX_VALUE));
        }
        if (sessionTimeout > 0) {
            sessCtx.setSessionTimeout((int) Math.min(sessionTimeout, Integer.MAX_VALUE));
        }
        return ctx;
    } catch (Exception e) {
        if (e instanceof SSLException) {
            throw (SSLException) e;
        }
        throw new SSLException("failed to initialize the client-side SSL context", e);
    }
}
 
Example #23
Source Project: netty-4.1.22   Author: tianheframe   File: JdkSslContext.java    License: Apache License 2.0 5 votes vote down vote up
/**
 * Returns the JDK {@link SSLSessionContext} object held by this context.返回由该上下文持有的JDK SSLSessionContext对象。
 */
@Override
public final SSLSessionContext sessionContext() {
    if (isServer()) {
        return context().getServerSessionContext();
    } else {
        return context().getClientSessionContext();
    }
}
 
Example #24
Source Project: TencentKona-8   Author: Tencent   File: DefautlCacheSize.java    License: GNU General Public License v2.0 5 votes vote down vote up
public static void main(String[] args) throws Exception {
    SSLServerSocketFactory sssf =
            (SSLServerSocketFactory)SSLServerSocketFactory.getDefault();

    try (SSLServerSocket serverSocket =
                (SSLServerSocket)sssf.createServerSocket()) {

        String[] protocols = serverSocket.getSupportedProtocols();
        for (int i = 0; i < protocols.length; i++) {
            if (protocols[i].equals("SSLv2Hello")) {
                continue;
            }
            SSLContext sslContext = SSLContext.getInstance(protocols[i]);
            SSLSessionContext sessionContext =
                    sslContext.getServerSessionContext();
            if (sessionContext.getSessionCacheSize() == 0) {
                throw new Exception(
                    "the default server session cache size is infinite");
            }

            sessionContext = sslContext.getClientSessionContext();
            if (sessionContext.getSessionCacheSize() == 0) {
                throw new Exception(
                    "the default client session cache size is infinite");
            }
        }
    }
}
 
Example #25
Source Project: TencentKona-8   Author: Tencent   File: Timeout.java    License: GNU General Public License v2.0 5 votes vote down vote up
public static void main(String[] args) throws Exception {
//        try {
            SSLServerSocketFactory ssf =
                (SSLServerSocketFactory)SSLServerSocketFactory.getDefault();
            SSLServerSocket ss = (SSLServerSocket)ssf.createServerSocket();
            String[] protocols = ss.getSupportedProtocols();
            for (int i = 0; i < protocols.length; i++) {
//                try {
                    if (protocols[i].equals("SSLv2Hello")) {
                        continue;
                    }
                    SSLContext sslc = SSLContext.getInstance(protocols[i]);
                    SSLSessionContext sslsc = sslc.getServerSessionContext();
                    System.out.println("Protocol: " + protocols[i]);
                    sslsc.setSessionTimeout(Integer.MAX_VALUE);
                    int newtime = sslsc.getSessionTimeout();
                    if (newtime != Integer.MAX_VALUE) {
                        throw new Exception ("Expected timeout: " +
                            Integer.MAX_VALUE + ", got instead: " +
                            newtime);
                    }
//                } catch (Exception e) {
//                }
            }
//        } catch (Exception e) {
//            System.out.println(e);
//        }
        System.out.println("Finished");
    }
 
Example #26
Source Project: wildfly-core   Author: wildfly   File: SSLContextResource.java    License: GNU Lesser General Public License v2.1 5 votes vote down vote up
/**
 * Check if the {@link SSLContext} has any active sessions.
 *
 * @return {@code true} if the {@link SSLContext} is available and has at least one session, {@code false} otherwise.
 */
private boolean hasActiveSessions() {
    final SSLContext sslContext = getSSLContext(sslContextServiceController);
    if (sslContext == null) return false;
    SSLSessionContext sslSessionContext = server ? sslContext.getServerSessionContext() : sslContext.getClientSessionContext();
    return sslSessionContext.getIds().hasMoreElements();
}
 
Example #27
Source Project: openjdk-jdk8u   Author: AdoptOpenJDK   File: Timeout.java    License: GNU General Public License v2.0 5 votes vote down vote up
public static void main(String[] args) throws Exception {
//        try {
            SSLServerSocketFactory ssf =
                (SSLServerSocketFactory)SSLServerSocketFactory.getDefault();
            SSLServerSocket ss = (SSLServerSocket)ssf.createServerSocket();
            String[] protocols = ss.getSupportedProtocols();
            for (int i = 0; i < protocols.length; i++) {
//                try {
                    if (protocols[i].equals("SSLv2Hello")) {
                        continue;
                    }
                    SSLContext sslc = SSLContext.getInstance(protocols[i]);
                    SSLSessionContext sslsc = sslc.getServerSessionContext();
                    System.out.println("Protocol: " + protocols[i]);
                    sslsc.setSessionTimeout(Integer.MAX_VALUE);
                    int newtime = sslsc.getSessionTimeout();
                    if (newtime != Integer.MAX_VALUE) {
                        throw new Exception ("Expected timeout: " +
                            Integer.MAX_VALUE + ", got instead: " +
                            newtime);
                    }
//                } catch (Exception e) {
//                }
            }
//        } catch (Exception e) {
//            System.out.println(e);
//        }
        System.out.println("Finished");
    }
 
Example #28
Source Project: wildfly-core   Author: wildfly   File: SSLContextResource.java    License: GNU Lesser General Public License v2.1 5 votes vote down vote up
@Override
public boolean hasChild(PathElement element) {
    SSLContext sslContext;
    if (ElytronDescriptionConstants.SSL_SESSION.equals(element.getKey()) && (sslContext = getSSLContext(sslContextServiceController)) != null) {
        byte[] sessionId = ByteIterator.ofBytes(element.getValue().getBytes(StandardCharsets.UTF_8)).asUtf8String().hexDecode().drain();
        SSLSessionContext sslSessionContext = server ? sslContext.getServerSessionContext() : sslContext.getClientSessionContext();
        return sslSessionContext.getSession(sessionId) != null;
    }
    return false;
}
 
Example #29
Source Project: openjdk-jdk9   Author: AdoptOpenJDK   File: Timeout.java    License: GNU General Public License v2.0 5 votes vote down vote up
public static void main(String[] args) throws Exception {
//        try {
            SSLServerSocketFactory ssf =
                (SSLServerSocketFactory)SSLServerSocketFactory.getDefault();
            SSLServerSocket ss = (SSLServerSocket)ssf.createServerSocket();
            String[] protocols = ss.getSupportedProtocols();
            for (int i = 0; i < protocols.length; i++) {
//                try {
                    if (protocols[i].equals("SSLv2Hello")) {
                        continue;
                    }
                    SSLContext sslc = SSLContext.getInstance(protocols[i]);
                    SSLSessionContext sslsc = sslc.getServerSessionContext();
                    System.out.println("Protocol: " + protocols[i]);
                    sslsc.setSessionTimeout(Integer.MAX_VALUE);
                    int newtime = sslsc.getSessionTimeout();
                    if (newtime != Integer.MAX_VALUE) {
                        throw new Exception ("Expected timeout: " +
                            Integer.MAX_VALUE + ", got instead: " +
                            newtime);
                    }
//                } catch (Exception e) {
//                }
            }
//        } catch (Exception e) {
//            System.out.println(e);
//        }
        System.out.println("Finished");
    }
 
Example #30
Source Project: jdk8u-jdk   Author: lambdalab-mirror   File: Timeout.java    License: GNU General Public License v2.0 5 votes vote down vote up
public static void main(String[] args) throws Exception {
//        try {
            SSLServerSocketFactory ssf =
                (SSLServerSocketFactory)SSLServerSocketFactory.getDefault();
            SSLServerSocket ss = (SSLServerSocket)ssf.createServerSocket();
            String[] protocols = ss.getSupportedProtocols();
            for (int i = 0; i < protocols.length; i++) {
//                try {
                    if (protocols[i].equals("SSLv2Hello")) {
                        continue;
                    }
                    SSLContext sslc = SSLContext.getInstance(protocols[i]);
                    SSLSessionContext sslsc = sslc.getServerSessionContext();
                    System.out.println("Protocol: " + protocols[i]);
                    sslsc.setSessionTimeout(Integer.MAX_VALUE);
                    int newtime = sslsc.getSessionTimeout();
                    if (newtime != Integer.MAX_VALUE) {
                        throw new Exception ("Expected timeout: " +
                            Integer.MAX_VALUE + ", got instead: " +
                            newtime);
                    }
//                } catch (Exception e) {
//                }
            }
//        } catch (Exception e) {
//            System.out.println(e);
//        }
        System.out.println("Finished");
    }