From 132cd097ceb73c241ef4b1715d095ffdc5c21e3e Mon Sep 17 00:00:00 2001 From: Greg Wilkins Date: Sat, 23 Apr 2016 09:31:55 +1000 Subject: [PATCH 1/3] Issue #519 Disable SSL session caching Improved javadoc wired up session cache size correctly --- .../jetty/util/ssl/SslContextFactory.java | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) diff --git a/jetty-util/src/main/java/org/eclipse/jetty/util/ssl/SslContextFactory.java b/jetty-util/src/main/java/org/eclipse/jetty/util/ssl/SslContextFactory.java index 42f109c7d4d..e0a87a77ed4 100644 --- a/jetty-util/src/main/java/org/eclipse/jetty/util/ssl/SslContextFactory.java +++ b/jetty-util/src/main/java/org/eclipse/jetty/util/ssl/SslContextFactory.java @@ -60,6 +60,7 @@ import javax.net.ssl.SSLPeerUnverifiedException; import javax.net.ssl.SSLServerSocket; import javax.net.ssl.SSLServerSocketFactory; import javax.net.ssl.SSLSession; +import javax.net.ssl.SSLSessionContext; import javax.net.ssl.SSLSocket; import javax.net.ssl.SSLSocketFactory; import javax.net.ssl.StandardConstants; @@ -209,7 +210,7 @@ public class SslContextFactory extends AbstractLifeCycle /** Set to true to enable SSL Session caching */ private boolean _sessionCachingEnabled = true; /** SSL session cache size */ - private int _sslSessionCacheSize; + private int _sslSessionCacheSize=0; /** SSL session timeout */ private int _sslSessionTimeout; @@ -384,9 +385,15 @@ public class SslContextFactory extends AbstractLifeCycle SecureRandom secureRandom = (_secureRandomAlgorithm == null)?null:SecureRandom.getInstance(_secureRandomAlgorithm); context = _sslProvider == null ? SSLContext.getInstance(_sslProtocol) : SSLContext.getInstance(_sslProtocol, _sslProvider); context.init(keyManagers,trustManagers,secureRandom); + } } + // Initialize cache + SSLSessionContext serverContext=context.getServerSessionContext(); + if (serverContext!=null) + serverContext.setSessionCacheSize(getSslSessionCacheSize()); + // select the protocols and ciphers SSLEngine sslEngine=context.createSSLEngine(); selectCipherSuites( @@ -1401,14 +1408,20 @@ public class SslContextFactory extends AbstractLifeCycle } /** Set the flag to enable SSL Session caching. - * @param enableSessionCaching the value of the flag - */ + * If set to true, then the {@link SSLContext#createSSLEngine(String, int)} method is + * used to pass host and port information as a hint for session reuse. Note that + * this is only a hint and session may not be reused. Moreover, the hint is typically + * only used on client side implementations and setting this to false does not + * stop a server from accepting an offered session ID to reuse. + * @param enableSessionCaching the value of the flag + */ public void setSessionCachingEnabled(boolean enableSessionCaching) { _sessionCachingEnabled = enableSessionCaching; } /** Get SSL session cache size. + * Passed directly to {@link SSLSessionContext#setSessionCacheSize(int)} * @return SSL session cache size */ public int getSslSessionCacheSize() From ec8e1055e3a27f8a7e08731e58d6b612137601d2 Mon Sep 17 00:00:00 2001 From: Greg Wilkins Date: Sat, 23 Apr 2016 09:33:17 +1000 Subject: [PATCH 2/3] Issue #533 Do not hide file resource exception Add exception as suppressed --- .../java/org/eclipse/jetty/util/resource/Resource.java | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/jetty-util/src/main/java/org/eclipse/jetty/util/resource/Resource.java b/jetty-util/src/main/java/org/eclipse/jetty/util/resource/Resource.java index df689617f00..c31447be7cb 100644 --- a/jetty-util/src/main/java/org/eclipse/jetty/util/resource/Resource.java +++ b/jetty-util/src/main/java/org/eclipse/jetty/util/resource/Resource.java @@ -155,6 +155,7 @@ public abstract class Resource implements ResourceFactory, Closeable * @param useCaches controls URLConnection caching * @return A Resource object. * @throws MalformedURLException Problem accessing URI + * @throws IOException Problem handling resource as file. */ public static Resource newResource(String resource, boolean useCaches) throws MalformedURLException @@ -176,13 +177,13 @@ public abstract class Resource implements ResourceFactory, Closeable // It's a file. if (resource.startsWith("./")) resource=resource.substring(2); - File file=new File(resource).getCanonicalFile(); - return new PathResource(file.toPath()); + return new PathResource(file); } - catch(Exception e2) + catch(IOException e2) { - LOG.debug(Log.EXCEPTION,e2); + // TODO throw the IOException instead + e.addSuppressed(e2); throw e; } } From bf5b6f8939f38e63e73f967d60a5a8d3344bbeb0 Mon Sep 17 00:00:00 2001 From: Greg Wilkins Date: Sat, 23 Apr 2016 09:35:58 +1000 Subject: [PATCH 3/3] Issue #533 Do not hide file resource exception ignore exception --- .../src/main/java/org/eclipse/jetty/util/resource/Resource.java | 1 + 1 file changed, 1 insertion(+) diff --git a/jetty-util/src/main/java/org/eclipse/jetty/util/resource/Resource.java b/jetty-util/src/main/java/org/eclipse/jetty/util/resource/Resource.java index c31447be7cb..d0b8e155edd 100644 --- a/jetty-util/src/main/java/org/eclipse/jetty/util/resource/Resource.java +++ b/jetty-util/src/main/java/org/eclipse/jetty/util/resource/Resource.java @@ -227,6 +227,7 @@ public abstract class Resource implements ResourceFactory, Closeable } catch (IllegalArgumentException e) { + LOG.ignore(e); // Catches scenario where a bad Windows path like "C:\dev" is // improperly escaped, which various downstream classloaders // tend to have a problem with