1/* 2 * Copyright (c) 1999, 2012, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 27package sun.security.ssl; 28 29import java.util.Enumeration; 30import java.util.Vector; 31import java.util.Locale; 32 33import javax.net.ssl.SSLSession; 34import javax.net.ssl.SSLSessionContext; 35 36import sun.security.util.Cache; 37 38 39final class SSLSessionContextImpl implements SSLSessionContext { 40 private Cache<SessionId, SSLSessionImpl> sessionCache; 41 // session cache, session id as key 42 private Cache<String, SSLSessionImpl> sessionHostPortCache; 43 // session cache, "host:port" as key 44 private int cacheLimit; // the max cache size 45 private int timeout; // timeout in seconds 46 47 // package private 48 SSLSessionContextImpl() { 49 cacheLimit = getDefaultCacheLimit(); // default cache size 50 timeout = 86400; // default, 24 hours 51 52 // use soft reference 53 sessionCache = Cache.newSoftMemoryCache(cacheLimit, timeout); 54 sessionHostPortCache = Cache.newSoftMemoryCache(cacheLimit, timeout); 55 } 56 57 /** 58 * Returns the <code>SSLSession</code> bound to the specified session id. 59 */ 60 @Override 61 public SSLSession getSession(byte[] sessionId) { 62 if (sessionId == null) { 63 throw new NullPointerException("session id cannot be null"); 64 } 65 66 SSLSessionImpl sess = sessionCache.get(new SessionId(sessionId)); 67 if (!isTimedout(sess)) { 68 return sess; 69 } 70 71 return null; 72 } 73 74 /** 75 * Returns an enumeration of the active SSL sessions. 76 */ 77 @Override 78 public Enumeration<byte[]> getIds() { 79 SessionCacheVisitor scVisitor = new SessionCacheVisitor(); 80 sessionCache.accept(scVisitor); 81 82 return scVisitor.getSessionIds(); 83 } 84 85 /** 86 * Sets the timeout limit for cached <code>SSLSession</code> objects 87 * 88 * Note that after reset the timeout, the cached session before 89 * should be timed within the shorter one of the old timeout and the 90 * new timeout. 91 */ 92 @Override 93 public void setSessionTimeout(int seconds) 94 throws IllegalArgumentException { 95 if (seconds < 0) { 96 throw new IllegalArgumentException(); 97 } 98 99 if (timeout != seconds) { 100 sessionCache.setTimeout(seconds); 101 sessionHostPortCache.setTimeout(seconds); 102 timeout = seconds; 103 } 104 } 105 106 /** 107 * Gets the timeout limit for cached <code>SSLSession</code> objects 108 */ 109 @Override 110 public int getSessionTimeout() { 111 return timeout; 112 } 113 114 /** 115 * Sets the size of the cache used for storing 116 * <code>SSLSession</code> objects. 117 */ 118 @Override 119 public void setSessionCacheSize(int size) 120 throws IllegalArgumentException { 121 if (size < 0) 122 throw new IllegalArgumentException(); 123 124 if (cacheLimit != size) { 125 sessionCache.setCapacity(size); 126 sessionHostPortCache.setCapacity(size); 127 cacheLimit = size; 128 } 129 } 130 131 /** 132 * Gets the size of the cache used for storing 133 * <code>SSLSession</code> objects. 134 */ 135 @Override 136 public int getSessionCacheSize() { 137 return cacheLimit; 138 } 139 140 141 // package-private method, used ONLY by ServerHandshaker 142 SSLSessionImpl get(byte[] id) { 143 return (SSLSessionImpl)getSession(id); 144 } 145 146 // package-private method, used ONLY by ClientHandshaker 147 SSLSessionImpl get(String hostname, int port) { 148 /* 149 * If no session caching info is available, we won't 150 * get one, so exit before doing a lookup. 151 */ 152 if (hostname == null && port == -1) { 153 return null; 154 } 155 156 SSLSessionImpl sess = sessionHostPortCache.get(getKey(hostname, port)); 157 if (!isTimedout(sess)) { 158 return sess; 159 } 160 161 return null; 162 } 163 164 private String getKey(String hostname, int port) { 165 return (hostname + ":" + 166 String.valueOf(port)).toLowerCase(Locale.ENGLISH); 167 } 168 169 // cache a SSLSession 170 // 171 // In SunJSSE implementation, a session is created while getting a 172 // client hello or a server hello message, and cached while the 173 // handshaking finished. 174 // Here we time the session from the time it cached instead of the 175 // time it created, which is a little longer than the expected. So 176 // please do check isTimedout() while getting entry from the cache. 177 void put(SSLSessionImpl s) { 178 sessionCache.put(s.getSessionId(), s); 179 180 // If no hostname/port info is available, don't add this one. 181 if ((s.getPeerHost() != null) && (s.getPeerPort() != -1)) { 182 sessionHostPortCache.put( 183 getKey(s.getPeerHost(), s.getPeerPort()), s); 184 } 185 186 s.setContext(this); 187 } 188 189 // package-private method, remove a cached SSLSession 190 void remove(SessionId key) { 191 SSLSessionImpl s = sessionCache.get(key); 192 if (s != null) { 193 sessionCache.remove(key); 194 sessionHostPortCache.remove( 195 getKey(s.getPeerHost(), s.getPeerPort())); 196 } 197 } 198 199 private int getDefaultCacheLimit() { 200 int cacheLimit = 0; 201 try { 202 String s = java.security.AccessController.doPrivileged( 203 new java.security.PrivilegedAction<String>() { 204 @Override 205 public String run() { 206 return System.getProperty( 207 "javax.net.ssl.sessionCacheSize"); 208 } 209 }); 210 cacheLimit = (s != null) ? Integer.valueOf(s).intValue() : 0; 211 } catch (Exception e) { 212 } 213 214 return (cacheLimit > 0) ? cacheLimit : 0; 215 } 216 217 boolean isTimedout(SSLSession sess) { 218 if (timeout == 0) { 219 return false; 220 } 221 222 if ((sess != null) && ((sess.getCreationTime() + timeout * 1000L) 223 <= (System.currentTimeMillis()))) { 224 sess.invalidate(); 225 return true; 226 } 227 228 return false; 229 } 230 231 final class SessionCacheVisitor 232 implements Cache.CacheVisitor<SessionId, SSLSessionImpl> { 233 Vector<byte[]> ids = null; 234 235 // public void visit(java.util.Map<K,V> map) {} 236 @Override 237 public void visit(java.util.Map<SessionId, SSLSessionImpl> map) { 238 ids = new Vector<>(map.size()); 239 240 for (SessionId key : map.keySet()) { 241 SSLSessionImpl value = map.get(key); 242 if (!isTimedout(value)) { 243 ids.addElement(key.getId()); 244 } 245 } 246 } 247 248 public Enumeration<byte[]> getSessionIds() { 249 return ids != null ? ids.elements() : 250 new Vector<byte[]>().elements(); 251 } 252 } 253 254} 255