OpenJDK / amber / amber
changeset 57391:afeafa018937
8227551: Session Resumption without Server-Side State off by default
Reviewed-by: xuelei, jnimeh, jjiang
author | ascarpino |
---|---|
date | Wed, 17 Jul 2019 12:31:21 -0700 |
parents | 2e63fb0a885f |
children | e8b8460b191c |
files | open.iml src/java.base/share/classes/sun/security/ssl/SSLSessionContextImpl.java |
diffstat | 2 files changed, 17 insertions(+), 7 deletions(-) [+] |
line wrap: on
line diff
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/open.iml Wed Jul 17 12:31:21 2019 -0700 @@ -0,0 +1,11 @@ +<?xml version="1.0" encoding="UTF-8"?> +<module type="JAVA_MODULE" version="4"> + <component name="NewModuleRootManager" inherit-compiler-output="true"> + <exclude-output /> + <content url="file://$MODULE_DIR$"> + <sourceFolder url="file://$MODULE_DIR$/src/java.base/share/classes" isTestSource="false" /> + </content> + <orderEntry type="sourceFolder" forTests="false" /> + <orderEntry type="inheritedJdk" /> + </component> +</module> \ No newline at end of file
--- a/src/java.base/share/classes/sun/security/ssl/SSLSessionContextImpl.java Wed Jul 17 08:34:45 2019 -0700 +++ b/src/java.base/share/classes/sun/security/ssl/SSLSessionContextImpl.java Wed Jul 17 12:31:21 2019 -0700 @@ -69,8 +69,8 @@ private int cacheLimit; // the max cache size private int timeout; // timeout in seconds - // Does this context support stateless session (RFC 5077) - private boolean statelessSession = true; + // Default setting for stateless session resumption support (RFC 5077) + private boolean statelessSession = false; // package private SSLSessionContextImpl(boolean server) { @@ -234,14 +234,13 @@ // Property for Session Cache state if (server) { st = GetPropertyAction.privilegedGetProperty( - "jdk.tls.server.enableSessionTicketExtension", "true"); + "jdk.tls.server.enableSessionTicketExtension", "false"); } else { st = GetPropertyAction.privilegedGetProperty( - "jdk.tls.client.enableSessionTicketExtension", "true"); + "jdk.tls.client.enableSessionTicketExtension", "false"); } - if (st.compareToIgnoreCase("false") == 0) { - statelessSession = false; - } + + statelessSession = Boolean.parseBoolean(st); // Property for Session Ticket Timeout. The value can be changed // by SSLSessionContext.setSessionTimeout(int)