8242008: SSLSession inconsistencies

Reviewed-by: jnimeh, xuelei
2025-08-27 23:04:50 +02:00 · 2020-04-15 13:50:41 -07:00 · 2020-04-15 13:50:41 -07:00 · ed18906c08
commit ed18906c08
parent cc05419e1a
5 changed files with 361 additions and 28 deletions
--- a/src/java.base/share/classes/sun/security/ssl/Finished.java
+++ b/src/java.base/share/classes/sun/security/ssl/Finished.java
@ -481,11 +481,16 @@ final class Finished {
                        SSLHandshake.FINISHED.id, SSLHandshake.FINISHED);
                shc.conContext.inputRecord.expectingFinishFlight();
            } else {
-                if (shc.handshakeSession.isRejoinable() &&
-                        !shc.handshakeSession.isStatelessable(shc)) {
-                    ((SSLSessionContextImpl)shc.sslContext.
-                        engineGetServerSessionContext()).put(
-                            shc.handshakeSession);
+                // Set the session's context based on stateless/cache status
+                if (shc.handshakeSession.isStatelessable(shc)) {
+                    shc.handshakeSession.setContext((SSLSessionContextImpl)
+                            shc.sslContext.engineGetServerSessionContext());
+                } else {
+                    if (shc.handshakeSession.isRejoinable()) {
+                        ((SSLSessionContextImpl)shc.sslContext.
+                                engineGetServerSessionContext()).put(
+                                shc.handshakeSession);
+                    }
                }
                shc.conContext.conSession = shc.handshakeSession.finish();
                shc.conContext.protocolVersion = shc.negotiatedProtocol;
@ -857,6 +862,9 @@ final class Finished {
                shc.conContext.serverVerifyData = fm.verifyData;
            }

+            // Make sure session's context is set
+            shc.handshakeSession.setContext((SSLSessionContextImpl)
+                    shc.sslContext.engineGetServerSessionContext());
            shc.conContext.conSession = shc.handshakeSession.finish();

            // update the context
@ -1074,14 +1082,6 @@ final class Finished {
                        shc.negotiatedProtocol);
            }

-            // Save the session if possible and not stateless
-            if (!shc.statelessResumption && !shc.isResumption &&
-                    shc.handshakeSession.isRejoinable()) {
-                SSLSessionContextImpl sessionContext = (SSLSessionContextImpl)
-                        shc.sslContext.engineGetServerSessionContext();
-                sessionContext.put(shc.handshakeSession);
-            }
-
            try {
                // update the application traffic read keys.
                SecretKey readSecret = kd.deriveKey(