Fix HttpClient 4.5.4 regression in BasicCookieStore serialization.

HttpClient 4.5.4 modified BasicCookieStore to introduce a new
ReadWriteLock field to improve performance. Unfortunately this
also changed the serialized data structure, and any objects
serialized using HttpClient 4.5.3 and before would be unusable
after restore in HttpClient 4.5.4 due to the new "lock" field
being null.

The fix is to change "lock" to be transient, and ensure it is
correctly instantiated upon object restore. This restores
compatibility with HttpClient 4.5.3, as well as maintaining
compatible with the intermediate versions containing the
regression. This also avoids unnecessary serialization of
the new "lock" field, which does not need to be persisted.
This commit is contained in:
Mark Mielke 2018-08-08 06:43:55 -04:00 committed by Oleg Kalnichevski
parent 769e9fab3f
commit d4be433a76
1 changed files with 10 additions and 1 deletions

View File

@ -26,6 +26,8 @@
*/
package org.apache.hc.client5.http.cookie;
import java.io.IOException;
import java.io.ObjectInputStream;
import java.io.Serializable;
import java.util.ArrayList;
import java.util.Date;
@ -50,7 +52,7 @@ public class BasicCookieStore implements CookieStore, Serializable {
private static final long serialVersionUID = -7581093305228232025L;
private final TreeSet<Cookie> cookies;
private final ReadWriteLock lock;
private transient ReadWriteLock lock;
public BasicCookieStore() {
super();
@ -58,6 +60,13 @@ public class BasicCookieStore implements CookieStore, Serializable {
this.lock = new ReentrantReadWriteLock();
}
private void readObject(final ObjectInputStream stream) throws IOException, ClassNotFoundException {
stream.defaultReadObject();
/* Reinstantiate transient fields. */
this.lock = new ReentrantReadWriteLock();
}
/**
* Adds an {@link Cookie HTTP cookie}, replacing any existing equivalent cookies.
* If the given cookie has already expired it will not be added, but existing