Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8242008

SSLSession inconsistencies

    XMLWordPrintable

    Details

    • Subcomponent:
    • Resolved In Build:
      b20
    • Verification:
      Verified

      Description

      SSLSessions obtained after an initial connection may return a null value when its getSessionContext() method is called. This appears to happen with both SSLSocket and SSLEngine objects.

      Pulling the SSLSession after a resumption does return a non-null SSLSessionContext object when getSessionContext is called. Setting jdk.tls.server.enableSessionTicketExtension=false also appears to work around the issue.

      A modified version of the original reproducer code has been attached. The original reproducer can be found at:
      https://github.com/normanmaurer/jdk_ssl_session_context_reproducer

      ----

      Also added to this bug not related to netty:
      - An unnecessary add to the session cache for 1.3 w/ state
      - Fix to the stateless session data that can corrupt the SSLSession getPeerHost and getPeerPort

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              ascarpino Anthony Scarpino
              Reporter:
              jnimeh Jamil Nimeh
              Votes:
              0 Vote for this issue
              Watchers:
              8 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: