c88f9f55a523f128f0e4dace76a34724bfa1e88c |
|
08-Dec-2017 |
Nathan Mittler <nathanmittler@google.com> |
Refactoring externalization of SSLSessions (#383) This is an implementation to #381. This change attempts to provide more consistency to the session that is returned to the caller by `ConscryptEngine`/`ConscryptFileDescriptorSocket`. Main changes: - New interface ConscryptSession adds a few methods currently only defined by ActiveSession - New interface SessionDecorator that defines getDelegate() - New class ProvidedSessionDecorator delegates to an external provider of the "current" session. The provider implementations are in ConscryptEngine and ConscryptFileDescriptorSocket. - New class SessionSnapshot that takes a snapshot of any ConscryptSession. - Changed ActiveSession and SSLNullSession to implement ConscryptSession. - Updated ConscryptEngine/ConscryptFileDescriptorSocket to create a SessionSnapshot when closing. Additional cleanup: - Split out Java7SessionWrapper into two classes: Java7ExtendedSSLSession and Java8ExtendedSSLSession. The Java 8 version no longer requires reflection and is more consistent with platform-specific code elsewhere. Both classes implement SessionDecorator. - Renamed SslWrapper->NativeSsl and SslSessionWrapper->NativeSslSession for clarity, since the term "wrapper" was being overloaded. Fixes #379
/external/conscrypt/openjdk/src/test/java/org/conscrypt/MockSessionBuilder.java
|
047b527e07329fdeb4fd50fd32a6a066c474b7c8 |
|
13-Sep-2017 |
Nathan Mittler <nathanmittler@google.com> |
Support renegotiation with sockets (#321) Fixes #228 Fixes #310
/external/conscrypt/openjdk/src/test/java/org/conscrypt/MockSessionBuilder.java
|
f0e05d561147458e3a10b4806e24d0752dfd5d4b |
|
20-Jun-2017 |
Nathan Mittler <nathanmittler@google.com> |
Refactoring session management (#172) This change breaks session management into two distinct types: - SslSessionWrapper: These are created as BoringSSL calls back the new session handler, allowing the application to cache sessions. Clients will also offer these to BoringSSL for reuse if a compatible session was found. BoringSSL is free to use it or not, but the Conscrypt code no longer makes assumptions here. Instead, it always uses the ActiveSession. - ActiveSession: This is a session that wraps the SSL instance (rather than the SSL_SESSION wherever possible). That way no concern has to be paid to what BoringSSL is doing with sessions under the covers. Fixes #98
/external/conscrypt/openjdk/src/test/java/org/conscrypt/MockSessionBuilder.java
|