Merge pull request #304 from cconlon/ctxNullChecks

Allow SSLSessionContext access before SSLContext.init()

Author: rlm2002

src/java/com/wolfssl/provider/jsse/WolfSSLAuthStore.java

@@ -73,11 +73,14 @@ public class WolfSSLAuthStore {
      * @param trustman trust manager to use
      * @param random secure random
      * @param version TLS protocol version to use
+     * @param serverCtx server session context (created by WolfSSLContext)
+     * @param clientCtx client session context (created by WolfSSLContext)
      * @throws IllegalArgumentException when bad values are passed in
      * @throws KeyManagementException in the case that getting keys fails
      */
     protected WolfSSLAuthStore(KeyManager[] keyman, TrustManager[] trustman,
-        SecureRandom random, TLS_VERSION version)
+        SecureRandom random, TLS_VERSION version,
+        WolfSSLSessionContext serverCtx, WolfSSLSessionContext clientCtx)
         throws IllegalArgumentException, KeyManagementException {
 
             /* default session cache size of 33 to match native wolfSSL
@@ -99,10 +102,11 @@ protected WolfSSLAuthStore(KeyManager[] keyman, TrustManager[] trustman,
         if (store == null) {
             store = new SessionStore<>(defaultCacheSize);
         }
-        this.serverCtx = new WolfSSLSessionContext(
-            defaultCacheSize, WolfSSL.WOLFSSL_SERVER_END);
-        this.clientCtx = new WolfSSLSessionContext(
-            defaultCacheSize, WolfSSL.WOLFSSL_CLIENT_END);
+
+        /* Use session contexts passed in from WolfSSLContext, allowing
+         * session context access before init() is called */
+        this.serverCtx = serverCtx;
+        this.clientCtx = clientCtx;
     }
 
     /**

src/java/com/wolfssl/provider/jsse/WolfSSLContext.java

@@ -55,8 +55,19 @@ public class WolfSSLContext extends SSLContextSpi {
     private com.wolfssl.WolfSSLContext ctx = null;
     private WolfSSLParameters params = null;
 
+    /* Created during construction to allow access before init() is called */
+    private WolfSSLSessionContext serverSessionCtx = null;
+    private WolfSSLSessionContext clientSessionCtx = null;
+
+    /* Default session cache size of 33 to match native wolfSSL default */
+    private static final int DEFAULT_CACHE_SIZE = 33;
+
     private WolfSSLContext(TLS_VERSION version) {
         this.currentVersion = version;
+        this.serverSessionCtx = new WolfSSLSessionContext(
+            DEFAULT_CACHE_SIZE, WolfSSL.WOLFSSL_SERVER_END);
+        this.clientSessionCtx = new WolfSSLSessionContext(
+            DEFAULT_CACHE_SIZE, WolfSSL.WOLFSSL_CLIENT_END);
     }
 
     private void createCtx() throws WolfSSLException {
@@ -399,10 +410,15 @@ protected void engineInit(KeyManager[] km, TrustManager[] tm,
             Arrays.toString(tm) + ", sr=" + sr +")");
 
         try {
-            authStore = new WolfSSLAuthStore(km, tm, sr, currentVersion);
+            authStore = new WolfSSLAuthStore(km, tm, sr, currentVersion,
+                this.serverSessionCtx, this.clientSessionCtx);
             params = new WolfSSLParameters();
             createCtx();
 
+            /* Link authStore to session contexts for session operations */
+            this.serverSessionCtx.setWolfSSLAuthStore(authStore);
+            this.clientSessionCtx.setWolfSSLAuthStore(authStore);
+
         } catch (IllegalArgumentException iae) {
             throw new KeyManagementException(iae);
 
@@ -507,21 +523,27 @@ protected SSLEngine engineCreateSSLEngine(String host, int port)
     /**
      * Returns the SSLServerSessionContext associated with this SSLContext.
      *
-     * @throws UnsupportedOperationException operation not yet supported
+     * Session contexts are created during SSLContext construction to allow
+     * access before init() is called.
+     *
+     * @return SSLSessionContext for server sessions
      */
     @Override
     protected SSLSessionContext engineGetServerSessionContext() {
-        return authStore.getServerContext();
+        return this.serverSessionCtx;
     }
 
     /**
      * Returns the SSLClientSessionContext associated with this SSLContext.
      *
-     * @throws UnsupportedOperationException operation not yet supported
+     * Session contexts are created during SSLContext construction to allow
+     * access before init() is called.
+     *
+     * @return SSLSessionContext for client sessions
      */
     @Override
     protected SSLSessionContext engineGetClientSessionContext() {
-        return authStore.getClientContext();
+        return this.clientSessionCtx;
     }
 
     /**

src/test/com/wolfssl/provider/jsse/test/WolfSSLContextTest.java

@@ -96,7 +96,6 @@ public static void testProviderInstallationAtRuntime()
         try {
             tf = new WolfSSLTestFactory();
         } catch (WolfSSLException e) {
-            // TODO Auto-generated catch block
             e.printStackTrace();
         }
 
@@ -285,6 +284,42 @@ public void testGetSessionContext() throws NoSuchProviderException,
         System.out.println("\t\t... passed");
     }
 
+    @Test
+    public void testGetSessionContextBeforeInit()
+        throws NoSuchProviderException, NoSuchAlgorithmException {
+
+        System.out.print("\tgetSessionContext before init");
+
+        SSLContext ctx = null;
+        SSLSessionContext sess = null;
+
+        for (int i = 0; i < enabledProtocols.size(); i++) {
+
+            ctx = SSLContext.getInstance(enabledProtocols.get(i), ctxProvider);
+
+            /* getServerSessionContext() should work before init() */
+            sess = ctx.getServerSessionContext();
+            if (sess == null) {
+                System.out.println("\t... failed");
+                fail("getServerSessionContext() returned null before init()");
+                return;
+            }
+
+            /* getClientSessionContext() should work before init() */
+            sess = ctx.getClientSessionContext();
+            if (sess == null) {
+                System.out.println("\t... failed");
+                fail("getClientSessionContext() returned null before init()");
+                return;
+            }
+
+            /* Verify session context operations work before init() */
+            int timeout = sess.getSessionTimeout();
+            sess.setSessionTimeout(timeout);
+        }
+        System.out.println("\t... passed");
+    }
+
     @Test
     public void testGetSupportedSSLParameters() throws NoSuchProviderException,
         NoSuchAlgorithmException, IllegalStateException,