< prev index next >

src/java.base/share/classes/sun/security/ssl/SSLSessionImpl.java

Print this page

        

@@ -36,11 +36,10 @@
 import java.util.Collections;
 import java.util.Enumeration;
 import java.util.List;
 import java.util.concurrent.ConcurrentHashMap;
 import java.util.concurrent.ConcurrentLinkedQueue;
-import java.util.concurrent.locks.ReentrantLock;
 import javax.crypto.SecretKey;
 import javax.net.ssl.ExtendedSSLSession;
 import javax.net.ssl.SNIServerName;
 import javax.net.ssl.SSLPeerUnverifiedException;
 import javax.net.ssl.SSLPermission;

@@ -132,13 +131,11 @@
     // Counter used to create unique nonces in NewSessionTicket
     private BigInteger ticketNonceCounter = BigInteger.ONE;
 
     // The endpoint identification algorithm used to check certificates
     // in this session.
-    private final String        identificationProtocol;
-
-    private final ReentrantLock sessionLock = new ReentrantLock();
+    private final String              identificationProtocol;
 
     /*
      * Create a new non-rejoinable session, using the default (null)
      * cipher spec.  This constructor returns a session which could
      * be used either by a client or by a server, as a connection is

@@ -290,26 +287,19 @@
 
     SecretKey getResumptionMasterSecret() {
         return resumptionMasterSecret;
     }
 
-    SecretKey getPreSharedKey() {
-        sessionLock.lock();
-        try {
-            return preSharedKey;
-        } finally {
-            sessionLock.unlock();
-        }
+    synchronized SecretKey getPreSharedKey() {
+        return preSharedKey;
     }
 
-    SecretKey consumePreSharedKey() {
-        sessionLock.lock();
+    synchronized SecretKey consumePreSharedKey() {
         try {
             return preSharedKey;
         } finally {
             preSharedKey = null;
-            sessionLock.unlock();
         }
     }
 
     int getTicketAgeAdd() {
         return ticketAgeAdd;

@@ -321,17 +311,15 @@
 
     /* PSK identities created from new_session_ticket messages should only
      * be used once. This method will return the identity and then clear it
      * so it cannot be used again.
      */
-    byte[] consumePskIdentity() {
-        sessionLock.lock();
+    synchronized byte[] consumePskIdentity() {
         try {
             return pskIdentity;
         } finally {
             pskIdentity = null;
-            sessionLock.unlock();
         }
     }
 
     void setPeerCertificates(X509Certificate[] peer) {
         if (peerCerts == null) {

@@ -403,17 +391,12 @@
         return sessionId != null && sessionId.length() != 0 &&
             !invalidated && isLocalAuthenticationValid();
     }
 
     @Override
-    public boolean isValid() {
-        sessionLock.lock();
-        try {
-            return isRejoinable();
-        } finally {
-            sessionLock.unlock();
-        }
+    public synchronized boolean isValid() {
+        return isRejoinable();
     }
 
     /**
      * Check if the authentication used when establishing this session
      * is still valid. Returns true if no authentication was used

@@ -792,39 +775,33 @@
     /**
      * Invalidate a session.  Active connections may still exist, but
      * no connections will be able to rejoin this session.
      */
     @Override
-    public void invalidate() {
-        sessionLock.lock();
-        try {
-            //
-            // Can't invalidate the NULL session -- this would be
-            // attempted when we get a handshaking error on a brand
-            // new connection, with no "real" session yet.
-            //
-            if (this == nullSession) {
-                return;
-            }
-
-            if (context != null) {
-                context.remove(sessionId);
-                context = null;
-            }
+    public synchronized void invalidate() {
+        //
+        // Can't invalidate the NULL session -- this would be
+        // attempted when we get a handshaking error on a brand
+        // new connection, with no "real" session yet.
+        //
+        if (this == nullSession) {
+            return;
+        }
 
-            if (invalidated) {
-                return;
-            }
-            invalidated = true;
-            if (SSLLogger.isOn && SSLLogger.isOn("session")) {
-                 SSLLogger.finest("Invalidated session:  " + this);
-            }
-            for (SSLSessionImpl child : childSessions) {
-                child.invalidate();
-            }
-        } finally {
-            sessionLock.unlock();
+        if (context != null) {
+            context.remove(sessionId);
+            context = null;
+        }
+        if (invalidated) {
+            return;
+        }
+        invalidated = true;
+        if (SSLLogger.isOn && SSLLogger.isOn("session")) {
+             SSLLogger.finest("Invalidated session:  " + this);
+        }
+        for (SSLSessionImpl child : childSessions) {
+            child.invalidate();
         }
     }
 
     /*
      * Table of application-specific session data indexed by an application

@@ -933,91 +910,76 @@
 
     /**
      * Expand the buffer size of both SSL/TLS network packet and
      * application data.
      */
-    protected void expandBufferSizes() {
-        sessionLock.lock();
-        try {
-            acceptLargeFragments = true;
-        } finally {
-            sessionLock.unlock();
-        }
+    protected synchronized void expandBufferSizes() {
+        acceptLargeFragments = true;
     }
 
     /**
      * Gets the current size of the largest SSL/TLS packet that is expected
      * when using this session.
      */
     @Override
-    public int getPacketBufferSize() {
-        sessionLock.lock();
-        try {
-            // Use the bigger packet size calculated from maximumPacketSize
-            // and negotiatedMaxFragLen.
-            int packetSize = 0;
-            if (negotiatedMaxFragLen > 0) {
-                packetSize = cipherSuite.calculatePacketSize(
-                        negotiatedMaxFragLen, protocolVersion,
-                        protocolVersion.isDTLS);
-            }
+    public synchronized int getPacketBufferSize() {
+        // Use the bigger packet size calculated from maximumPacketSize
+        // and negotiatedMaxFragLen.
+        int packetSize = 0;
+        if (negotiatedMaxFragLen > 0) {
+            packetSize = cipherSuite.calculatePacketSize(
+                    negotiatedMaxFragLen, protocolVersion,
+                    protocolVersion.isDTLS);
+        }
 
-            if (maximumPacketSize > 0) {
-                return (maximumPacketSize > packetSize) ?
-                        maximumPacketSize : packetSize;
-            }
+        if (maximumPacketSize > 0) {
+            return (maximumPacketSize > packetSize) ?
+                    maximumPacketSize : packetSize;
+        }
 
-            if (packetSize != 0) {
-               return packetSize;
-            }
+        if (packetSize != 0) {
+           return packetSize;
+        }
 
-            if (protocolVersion.isDTLS) {
-                return DTLSRecord.maxRecordSize;
-            } else {
-                return acceptLargeFragments ?
-                        SSLRecord.maxLargeRecordSize : SSLRecord.maxRecordSize;
-            }
-        } finally {
-            sessionLock.unlock();
+        if (protocolVersion.isDTLS) {
+            return DTLSRecord.maxRecordSize;
+        } else {
+            return acceptLargeFragments ?
+                    SSLRecord.maxLargeRecordSize : SSLRecord.maxRecordSize;
         }
     }
 
     /**
      * Gets the current size of the largest application data that is
      * expected when using this session.
      */
     @Override
-    public int getApplicationBufferSize() {
-        sessionLock.lock();
-        try {
-            // Use the bigger fragment size calculated from maximumPacketSize
-            // and negotiatedMaxFragLen.
-            int fragmentSize = 0;
-            if (maximumPacketSize > 0) {
-                fragmentSize = cipherSuite.calculateFragSize(
-                        maximumPacketSize, protocolVersion,
-                        protocolVersion.isDTLS);
-            }
+    public synchronized int getApplicationBufferSize() {
+        // Use the bigger fragment size calculated from maximumPacketSize
+        // and negotiatedMaxFragLen.
+        int fragmentSize = 0;
+        if (maximumPacketSize > 0) {
+            fragmentSize = cipherSuite.calculateFragSize(
+                    maximumPacketSize, protocolVersion,
+                    protocolVersion.isDTLS);
+        }
 
-            if (negotiatedMaxFragLen > 0) {
-                return (negotiatedMaxFragLen > fragmentSize) ?
-                        negotiatedMaxFragLen : fragmentSize;
-            }
+        if (negotiatedMaxFragLen > 0) {
+            return (negotiatedMaxFragLen > fragmentSize) ?
+                    negotiatedMaxFragLen : fragmentSize;
+        }
 
-            if (fragmentSize != 0) {
-                return fragmentSize;
-            }
+        if (fragmentSize != 0) {
+            return fragmentSize;
+        }
 
-            if (protocolVersion.isDTLS) {
-                return Record.maxDataSize;
-            } else {
-                int maxPacketSize = acceptLargeFragments ?
-                            SSLRecord.maxLargeRecordSize : SSLRecord.maxRecordSize;
-                return (maxPacketSize - SSLRecord.headerSize);
-            }
-        } finally {
-            sessionLock.unlock();
+        if (protocolVersion.isDTLS) {
+            return Record.maxDataSize;
+        } else {
+            int maxPacketSize = acceptLargeFragments ?
+                        SSLRecord.maxLargeRecordSize : SSLRecord.maxRecordSize;
+            return (maxPacketSize - SSLRecord.headerSize);
         }
     }
 
     /**
      * Sets the negotiated maximum fragment length, as specified by the

@@ -1025,52 +987,33 @@
      *
      * @param  negotiatedMaxFragLen
      *         the negotiated maximum fragment length, or {@code -1} if
      *         no such length has been negotiated.
      */
-    void setNegotiatedMaxFragSize(
+    synchronized void setNegotiatedMaxFragSize(
             int negotiatedMaxFragLen) {
-        sessionLock.lock();
-        try {
-            this.negotiatedMaxFragLen = negotiatedMaxFragLen;
-        } finally {
-            sessionLock.unlock();
-        }
+
+        this.negotiatedMaxFragLen = negotiatedMaxFragLen;
     }
 
     /**
      * Get the negotiated maximum fragment length, as specified by the
      * max_fragment_length ClientHello extension in RFC 6066.
      *
      * @return the negotiated maximum fragment length, or {@code -1} if
      *         no such length has been negotiated.
      */
-    int getNegotiatedMaxFragSize() {
-        sessionLock.lock();
-        try {
-            return negotiatedMaxFragLen;
-        } finally {
-            sessionLock.unlock();
-        }
+    synchronized int getNegotiatedMaxFragSize() {
+        return negotiatedMaxFragLen;
     }
 
-    void setMaximumPacketSize(int maximumPacketSize) {
-        sessionLock.lock();
-        try {
-            this.maximumPacketSize = maximumPacketSize;
-        } finally {
-            sessionLock.unlock();
-        }
+    synchronized void setMaximumPacketSize(int maximumPacketSize) {
+        this.maximumPacketSize = maximumPacketSize;
     }
 
-    int getMaximumPacketSize() {
-        sessionLock.lock();
-        try {
-            return maximumPacketSize;
-        } finally {
-            sessionLock.unlock();
-        }
+    synchronized int getMaximumPacketSize() {
+        return maximumPacketSize;
     }
 
     /**
      * Gets an array of supported signature algorithm names that the local
      * side is willing to verify.
< prev index next >