AI 144418: am: CL 144381 am: CL 144356 Synchronized code that touches native SSL sessions.
Original author: crazybob
Merged from: //branches/cupcake/...
Original author: android-build
Automated import of CL 144418
diff --git a/libcore/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSessionImpl.java b/libcore/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSessionImpl.java
index ca7d6f8..b218271 100644
--- a/libcore/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSessionImpl.java
+++ b/libcore/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSessionImpl.java
@@ -516,6 +516,8 @@
* Frees the OpenSSL session in the memory.
*/
protected void finalize() {
- nativefree(session);
+ synchronized (OpenSSLSocketImpl.class) {
+ nativefree(session);
+ }
}
}
diff --git a/libcore/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSocketImpl.java b/libcore/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSocketImpl.java
index 8779736..3b9006d 100644
--- a/libcore/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSocketImpl.java
+++ b/libcore/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSocketImpl.java
@@ -303,8 +303,12 @@
} else {
Socket socket = this.socket != null ? this.socket : this;
int sessionId = session != null ? session.session : 0;
- if (nativeconnect(ssl_ctx, socket, sslParameters.getUseClientMode(),
- sessionId)) {
+ boolean reusedSession;
+ synchronized (OpenSSLSocketImpl.class) {
+ reusedSession = nativeconnect(ssl_ctx, socket,
+ sslParameters.getUseClientMode(), sessionId);
+ }
+ if (reusedSession) {
// nativeconnect shouldn't return true if the session is not
// done
session.lastAccessedTime = System.currentTimeMillis();
@@ -323,14 +327,17 @@
ClientSessionContext sessionContext
= sslParameters.getClientSessionContext();
+ synchronized (OpenSSLSocketImpl.class) {
+ sessionId = nativegetsslsession(ssl);
+ }
if (address == null) {
sslSession = new OpenSSLSessionImpl(
- nativegetsslsession(ssl), sslParameters,
+ sessionId, sslParameters,
super.getInetAddress().getHostName(),
super.getPort(), sessionContext);
} else {
sslSession = new OpenSSLSessionImpl(
- nativegetsslsession(ssl), sslParameters,
+ sessionId, sslParameters,
address.getHostName(), address.getPort(),
sessionContext);
}
@@ -344,9 +351,13 @@
throw new SSLException("Server sends no certificate");
}
+ String authMethod;
+ synchronized (OpenSSLSocketImpl.class) {
+ authMethod = nativecipherauthenticationmethod();
+ }
sslParameters.getTrustManager().checkServerTrusted(
peerCertificates,
- nativecipherauthenticationmethod());
+ authMethod);
sessionContext.putSession(sslSession);
} catch (CertificateException e) {
throw new SSLException("Not trusted server certificate", e);