diff --git a/scripts/infer.sh b/scripts/infer.sh index 051c5d26..46b3975f 100755 --- a/scripts/infer.sh +++ b/scripts/infer.sh @@ -17,10 +17,12 @@ # infer run -- javac \ - src/java/com/wolfssl/WolfSSLCertificate.java \ + src/java/com/wolfssl/WolfSSL.java \ + src/java/com/wolfssl/WolfSSLALPNSelectCallback.java \ src/java/com/wolfssl/WolfSSLCertManager.java \ + src/java/com/wolfssl/WolfSSLCertRequest.java \ + src/java/com/wolfssl/WolfSSLCertificate.java \ src/java/com/wolfssl/WolfSSLContext.java \ - src/java/com/wolfssl/WolfSSLCustomUser.java \ src/java/com/wolfssl/WolfSSLDecryptVerifyCallback.java \ src/java/com/wolfssl/WolfSSLEccSharedSecretCallback.java \ src/java/com/wolfssl/WolfSSLEccSignCallback.java \ @@ -30,7 +32,6 @@ infer run -- javac \ src/java/com/wolfssl/WolfSSLGenCookieCallback.java \ src/java/com/wolfssl/WolfSSLIORecvCallback.java \ src/java/com/wolfssl/WolfSSLIOSendCallback.java \ - src/java/com/wolfssl/WolfSSL.java \ src/java/com/wolfssl/WolfSSLJNIException.java \ src/java/com/wolfssl/WolfSSLLoggingCallback.java \ src/java/com/wolfssl/WolfSSLMacEncryptCallback.java \ @@ -44,15 +45,17 @@ infer run -- javac \ src/java/com/wolfssl/WolfSSLSession.java \ src/java/com/wolfssl/WolfSSLTls13SecretCallback.java \ src/java/com/wolfssl/WolfSSLVerifyCallback.java \ + src/java/com/wolfssl/WolfSSLX509Name.java \ src/java/com/wolfssl/WolfSSLX509StoreCtx.java \ src/java/com/wolfssl/wolfcrypt/ECC.java \ src/java/com/wolfssl/wolfcrypt/EccKey.java \ src/java/com/wolfssl/wolfcrypt/RSA.java \ src/java/com/wolfssl/provider/jsse/WolfSSLAuthStore.java \ src/java/com/wolfssl/provider/jsse/WolfSSLContext.java \ + src/java/com/wolfssl/provider/jsse/WolfSSLCustomUser.java \ src/java/com/wolfssl/provider/jsse/WolfSSLDebug.java \ - src/java/com/wolfssl/provider/jsse/WolfSSLEngineHelper.java \ src/java/com/wolfssl/provider/jsse/WolfSSLEngine.java \ + src/java/com/wolfssl/provider/jsse/WolfSSLEngineHelper.java \ src/java/com/wolfssl/provider/jsse/WolfSSLGenericHostName.java \ src/java/com/wolfssl/provider/jsse/WolfSSLImplementSSLSession.java \ src/java/com/wolfssl/provider/jsse/WolfSSLInternalVerifyCb.java \ @@ -62,14 +65,15 @@ infer run -- javac \ src/java/com/wolfssl/provider/jsse/WolfSSLParametersHelper.java \ src/java/com/wolfssl/provider/jsse/WolfSSLParameters.java \ src/java/com/wolfssl/provider/jsse/WolfSSLProvider.java \ - src/java/com/wolfssl/provider/jsse/WolfSSLServerSocketFactory.java \ + src/java/com/wolfssl/provider/jsse/WolfSSLSNIServerName.java \ src/java/com/wolfssl/provider/jsse/WolfSSLServerSocket.java \ + src/java/com/wolfssl/provider/jsse/WolfSSLServerSocketFactory.java \ src/java/com/wolfssl/provider/jsse/WolfSSLSessionContext.java \ - src/java/com/wolfssl/provider/jsse/WolfSSLSNIServerName.java \ src/java/com/wolfssl/provider/jsse/WolfSSLSocketFactory.java \ src/java/com/wolfssl/provider/jsse/WolfSSLSocket.java \ src/java/com/wolfssl/provider/jsse/WolfSSLTrustManager.java \ src/java/com/wolfssl/provider/jsse/WolfSSLTrustX509.java \ + src/java/com/wolfssl/provider/jsse/WolfSSLUtil.java \ src/java/com/wolfssl/provider/jsse/WolfSSLX509.java \ src/java/com/wolfssl/provider/jsse/WolfSSLX509X.java \ src/java/com/wolfssl/provider/jsse/adapter/WolfSSLJDK8Helper.java diff --git a/src/java/com/wolfssl/WolfSSLCertificate.java b/src/java/com/wolfssl/WolfSSLCertificate.java index f8922597..5b153ec9 100644 --- a/src/java/com/wolfssl/WolfSSLCertificate.java +++ b/src/java/com/wolfssl/WolfSSLCertificate.java @@ -323,7 +323,9 @@ protected long getX509Ptr() throws IllegalStateException { confirmObjectIsActive(); - return this.x509Ptr; + synchronized (x509Lock) { + return this.x509Ptr; + } } /** @@ -1435,14 +1437,14 @@ public Collection> getSubjectAltNames() confirmObjectIsActive(); - if (this.altNames != null) { - /* already gathered, return cached version */ - return this.altNames; - } + synchronized (x509Lock) { + if (this.altNames != null) { + /* already gathered, return cached version */ + return this.altNames; + } - Collection> names = new ArrayList>(); + Collection> names = new ArrayList>(); - synchronized (x509Lock) { String nextAltName = X509_get_next_altname(this.x509Ptr); while (nextAltName != null) { Object[] entry = new Object[2]; @@ -1453,12 +1455,12 @@ public Collection> getSubjectAltNames() names.add(Collections.unmodifiableList(entryList)); nextAltName = X509_get_next_altname(this.x509Ptr); } - } - /* cache altNames collection for later use */ - this.altNames = Collections.unmodifiableCollection(names); + /* cache altNames collection for later use */ + this.altNames = Collections.unmodifiableCollection(names); - return this.altNames; + return this.altNames; + } } /** diff --git a/src/java/com/wolfssl/WolfSSLContext.java b/src/java/com/wolfssl/WolfSSLContext.java index 81f65fb0..fe4d2f7e 100644 --- a/src/java/com/wolfssl/WolfSSLContext.java +++ b/src/java/com/wolfssl/WolfSSLContext.java @@ -104,32 +104,34 @@ public WolfSSLContext(long method) throws WolfSSLException { * * @return pointer to native WOLFSSL_CTX structure for this object */ - protected synchronized long getContextPtr() { - return sslCtxPtr; + protected long getContextPtr() { + synchronized (this.ctxLock) { + return sslCtxPtr; + } } /* used by JNI native recv Cb */ - WolfSSLIORecvCallback getInternRecvCb() { + synchronized WolfSSLIORecvCallback getInternRecvCb() { return internRecvCb; } /* used by JNI native send Cb */ - WolfSSLIOSendCallback getInternSendCb() { + synchronized WolfSSLIOSendCallback getInternSendCb() { return internSendCb; } /* used by JNI native cookie Cb */ - WolfSSLGenCookieCallback getInternCookieCb() { + synchronized WolfSSLGenCookieCallback getInternCookieCb() { return internCookieCb; } /* used by JNI native MAC/encrypt Cb */ - WolfSSLMacEncryptCallback getInternMacEncryptCb() { + synchronized WolfSSLMacEncryptCallback getInternMacEncryptCb() { return internMacEncryptCb; } /* used by JNI native decrypt/verify Cb */ - WolfSSLDecryptVerifyCallback getInternDecryptVerifyCb() { + synchronized WolfSSLDecryptVerifyCallback getInternDecryptVerifyCb() { return internDecryptVerifyCb; } @@ -1127,7 +1129,7 @@ public int setGroupMessages() throws IllegalStateException { * @throws WolfSSLJNIException Internal JNI error * @see #setIOSend(WolfSSLIOSendCallback) */ - public void setIORecv(WolfSSLIORecvCallback callback) + public synchronized void setIORecv(WolfSSLIORecvCallback callback) throws IllegalStateException, WolfSSLJNIException { confirmObjectIsActive(); @@ -1161,7 +1163,7 @@ public void setIORecv(WolfSSLIORecvCallback callback) * @throws WolfSSLJNIException Internal JNI error * @see #setIORecv(WolfSSLIORecvCallback) */ - public void setIOSend(WolfSSLIOSendCallback callback) + public synchronized void setIOSend(WolfSSLIOSendCallback callback) throws IllegalStateException, WolfSSLJNIException { confirmObjectIsActive(); @@ -1195,7 +1197,7 @@ public void setIOSend(WolfSSLIOSendCallback callback) * @throws IllegalStateException WolfSSLContext has been freed * @throws WolfSSLJNIException Internal JNI error */ - public void setGenCookie(WolfSSLGenCookieCallback callback) + public synchronized void setGenCookie(WolfSSLGenCookieCallback callback) throws IllegalStateException, WolfSSLJNIException { confirmObjectIsActive(); @@ -1444,7 +1446,7 @@ public int setOCSPOverrideUrl(String url) * @throws WolfSSLJNIException Internal JNI error * @see #setDecryptVerifyCb(WolfSSLDecryptVerifyCallback) */ - public void setMacEncryptCb(WolfSSLMacEncryptCallback callback) + public synchronized void setMacEncryptCb(WolfSSLMacEncryptCallback callback) throws IllegalStateException, WolfSSLJNIException { confirmObjectIsActive(); @@ -1483,7 +1485,8 @@ public void setMacEncryptCb(WolfSSLMacEncryptCallback callback) * @throws WolfSSLJNIException Internal JNI error * @see #setMacEncryptCb(WolfSSLMacEncryptCallback) */ - public void setDecryptVerifyCb(WolfSSLDecryptVerifyCallback callback) + public synchronized void setDecryptVerifyCb( + WolfSSLDecryptVerifyCallback callback) throws IllegalStateException, WolfSSLJNIException { confirmObjectIsActive(); @@ -1519,7 +1522,7 @@ public void setDecryptVerifyCb(WolfSSLDecryptVerifyCallback callback) * @throws WolfSSLJNIException Internal JNI error * @see WolfSSLSession#setEccSignCtx(Object) */ - public void setEccSignCb(WolfSSLEccSignCallback callback) + public synchronized void setEccSignCb(WolfSSLEccSignCallback callback) throws IllegalStateException, WolfSSLJNIException { confirmObjectIsActive(); @@ -1555,7 +1558,7 @@ public void setEccSignCb(WolfSSLEccSignCallback callback) * @throws WolfSSLJNIException Internal JNI error * @see WolfSSLSession#setEccVerifyCtx(Object) */ - public void setEccVerifyCb(WolfSSLEccVerifyCallback callback) + public synchronized void setEccVerifyCb(WolfSSLEccVerifyCallback callback) throws IllegalStateException, WolfSSLJNIException { confirmObjectIsActive(); @@ -1606,7 +1609,8 @@ public void setEccVerifyCb(WolfSSLEccVerifyCallback callback) * @see WolfSSLSession#setEccSignCtx(Object) * @see WolfSSLSession#setEccVerifyCtx(Object) */ - public void setEccSharedSecretCb(WolfSSLEccSharedSecretCallback callback) + public synchronized void setEccSharedSecretCb( + WolfSSLEccSharedSecretCallback callback) throws IllegalStateException, WolfSSLJNIException { confirmObjectIsActive(); @@ -1642,7 +1646,7 @@ public void setEccSharedSecretCb(WolfSSLEccSharedSecretCallback callback) * @throws WolfSSLJNIException Internal JNI error * @see WolfSSLSession#setRsaSignCtx(Object) */ - public void setRsaSignCb(WolfSSLRsaSignCallback callback) + public synchronized void setRsaSignCb(WolfSSLRsaSignCallback callback) throws IllegalStateException, WolfSSLJNIException { confirmObjectIsActive(); @@ -1678,7 +1682,7 @@ public void setRsaSignCb(WolfSSLRsaSignCallback callback) * @throws WolfSSLJNIException Internal JNI error * @see WolfSSLSession#setRsaVerifyCtx(Object) */ - public void setRsaVerifyCb(WolfSSLRsaVerifyCallback callback) + public synchronized void setRsaVerifyCb(WolfSSLRsaVerifyCallback callback) throws IllegalStateException, WolfSSLJNIException { confirmObjectIsActive(); @@ -1714,7 +1718,7 @@ public void setRsaVerifyCb(WolfSSLRsaVerifyCallback callback) * @throws WolfSSLJNIException Internal JNI exception * @see WolfSSLSession#setRsaEncCtx(Object) */ - public void setRsaEncCb(WolfSSLRsaEncCallback callback) + public synchronized void setRsaEncCb(WolfSSLRsaEncCallback callback) throws IllegalStateException, WolfSSLJNIException { confirmObjectIsActive(); @@ -1749,7 +1753,7 @@ public void setRsaEncCb(WolfSSLRsaEncCallback callback) * @throws WolfSSLJNIException Internal JNI error * @see WolfSSLSession#setRsaDecCtx(Object) */ - public void setRsaDecCb(WolfSSLRsaDecCallback callback) + public synchronized void setRsaDecCb(WolfSSLRsaDecCallback callback) throws IllegalStateException, WolfSSLJNIException { confirmObjectIsActive(); @@ -1788,7 +1792,7 @@ public void setRsaDecCb(WolfSSLRsaDecCallback callback) * @see WolfSSLSession#getPskIdentityHint() * @see WolfSSLSession#usePskIdentityHint(String) */ - public void setPskClientCb(WolfSSLPskClientCallback callback) + public synchronized void setPskClientCb(WolfSSLPskClientCallback callback) throws IllegalStateException, WolfSSLJNIException { confirmObjectIsActive(); @@ -1826,7 +1830,7 @@ public void setPskClientCb(WolfSSLPskClientCallback callback) * @see WolfSSLSession#getPskIdentityHint() * @see WolfSSLSession#usePskIdentityHint(String) */ - public void setPskServerCb(WolfSSLPskServerCallback callback) + public synchronized void setPskServerCb(WolfSSLPskServerCallback callback) throws IllegalStateException, WolfSSLJNIException { confirmObjectIsActive(); diff --git a/src/java/com/wolfssl/WolfSSLSession.java b/src/java/com/wolfssl/WolfSSLSession.java index 8cb3f8da..64a55f0e 100644 --- a/src/java/com/wolfssl/WolfSSLSession.java +++ b/src/java/com/wolfssl/WolfSSLSession.java @@ -41,7 +41,10 @@ */ public class WolfSSLSession { - private long sslPtr; /* internal pointer to native WOLFSSL object */ + /* Internal pointer to native WOLFSSL object. Access to this pointer + * should be protected in this class with synchronization on the + * this.sslLock lock. */ + private long sslPtr; private Object ioReadCtx; private Object ioWriteCtx; @@ -125,52 +128,48 @@ public WolfSSLSession(WolfSSLContext ctx) throws WolfSSLException { /* ------------------- private/protected methods -------------------- */ - long getSessionPtr() { - return sslPtr; - } - /* used from JNI code */ WolfSSLContext getAssociatedContextPtr() { return ctx; } - Object getGenCookieCtx() { + synchronized Object getGenCookieCtx() { return this.genCookieCtx; } - Object getMacEncryptCtx() { + synchronized Object getMacEncryptCtx() { return this.macEncryptCtx; } - Object getDecryptVerifyCtx() { + synchronized Object getDecryptVerifyCtx() { return this.decryptVerifyCtx; } - Object getEccSignCtx() { + synchronized Object getEccSignCtx() { return this.eccSignCtx; } - Object getEccVerifyCtx() { + synchronized Object getEccVerifyCtx() { return this.eccVerifyCtx; } - Object getEccSharedSecretCtx() { + synchronized Object getEccSharedSecretCtx() { return this.eccSharedSecretCtx; } - Object getRsaSignCtx() { + synchronized Object getRsaSignCtx() { return this.rsaSignCtx; } - Object getRsaVerifyCtx() { + synchronized Object getRsaVerifyCtx() { return this.rsaVerifyCtx; } - Object getRsaEncCtx() { + synchronized Object getRsaEncCtx() { return this.rsaEncCtx; } - Object getRsaDecCtx() { + synchronized Object getRsaDecCtx() { return this.rsaDecCtx; } @@ -385,7 +384,7 @@ public int useCertificateFile(String file, int format) confirmObjectIsActive(); synchronized (sslLock) { - return useCertificateFile(getSessionPtr(), file, format); + return useCertificateFile(this.sslPtr, file, format); } } @@ -420,7 +419,7 @@ public int usePrivateKeyFile(String file, int format) confirmObjectIsActive(); synchronized (sslLock) { - return usePrivateKeyFile(getSessionPtr(), file, format); + return usePrivateKeyFile(this.sslPtr, file, format); } } @@ -450,7 +449,7 @@ public int useCertificateChainFile(String file) confirmObjectIsActive(); synchronized (sslLock) { - return useCertificateChainFile(getSessionPtr(), file); + return useCertificateChainFile(this.sslPtr, file); } } @@ -470,7 +469,7 @@ public int setFd(Socket sd) throws IllegalStateException { confirmObjectIsActive(); synchronized (sslLock) { - return setFd(getSessionPtr(), sd, 1); + return setFd(this.sslPtr, sd, 1); } } @@ -490,7 +489,7 @@ public int setFd(DatagramSocket sd) throws IllegalStateException { confirmObjectIsActive(); synchronized (sslLock) { - return setFd(getSessionPtr(), sd, 2); + return setFd(this.sslPtr, sd, 2); } } @@ -516,7 +515,7 @@ public void setUsingNonblock(int nonblock) confirmObjectIsActive(); synchronized (sslLock) { - setUsingNonblock(getSessionPtr(), nonblock); + setUsingNonblock(this.sslPtr, nonblock); } } @@ -541,7 +540,7 @@ public int getUsingNonblock() confirmObjectIsActive(); synchronized (sslLock) { - return getUsingNonblock(getSessionPtr()); + return getUsingNonblock(this.sslPtr); } } @@ -561,7 +560,7 @@ public int getFd() confirmObjectIsActive(); synchronized (sslLock) { - return getFd(getSessionPtr()); + return getFd(this.sslPtr); } } @@ -610,7 +609,7 @@ public int connect() confirmObjectIsActive(); synchronized (sslLock) { - ret = connect(getSessionPtr(), 0); + ret = connect(this.sslPtr, 0); } if (ret == WolfSSL.WOLFJNI_TIMEOUT) { @@ -672,7 +671,7 @@ public int connect(int timeout) confirmObjectIsActive(); synchronized (sslLock) { - ret = connect(getSessionPtr(), timeout); + ret = connect(this.sslPtr, timeout); } if (ret == WOLFJNI_TIMEOUT) { @@ -722,15 +721,22 @@ public int write(byte[] data, int length) throws IllegalStateException, SocketException { int ret; + long localPtr; confirmObjectIsActive(); + /* Fix for Infer scan, since not synchronizing on sslLock for + * access to this.sslPtr, see note below */ + synchronized (sslLock) { + localPtr = this.sslPtr; + } + /* not synchronizing on sslLock here since JNI write() locks * session mutex around native wolfSSL_write() call. If sslLock * is locked here, since we call select() inside native JNI we * could timeout waiting for corresponding read() operation to * occur if needed */ - ret = write(getSessionPtr(), data, 0, length, 0); + ret = write(localPtr, data, 0, length, 0); if (ret == WOLFJNI_SELECT_FAIL) { throw new SocketException("Socket select() failed, errno = " + @@ -823,15 +829,22 @@ public int write(byte[] data, int offset, int length, int timeout) throws IllegalStateException, SocketTimeoutException, SocketException { int ret; + long localPtr; confirmObjectIsActive(); + /* Fix for Infer scan, since not synchronizing on sslLock for + * access to this.sslPtr, see note below */ + synchronized (sslLock) { + localPtr = this.sslPtr; + } + /* not synchronizing on sslLock here since JNI write() locks * session mutex around native wolfSSL_write() call. If sslLock * is locked here, since we call select() inside native JNI we * could timeout waiting for corresponding read() operation to * occur if needed */ - ret = write(getSessionPtr(), data, offset, length, timeout); + ret = write(localPtr, data, offset, length, timeout); if (ret == WOLFJNI_TIMEOUT) { throw new SocketTimeoutException("Socket write timeout"); @@ -883,15 +896,22 @@ public int read(byte[] data, int sz) throws IllegalStateException, SocketException { int ret; + long localPtr; confirmObjectIsActive(); + /* Fix for Infer scan, since not synchronizing on sslLock for + * access to this.sslPtr, see note below */ + synchronized (sslLock) { + localPtr = this.sslPtr; + } + /* not synchronizing on sslLock here since JNI read() locks * session mutex around native wolfSSL_read() call. If sslLock * is locked here, since we call select() inside native JNI we * could timeout waiting for corresponding write() operation to * occur if needed */ - ret = read(getSessionPtr(), data, 0, sz, 0); + ret = read(localPtr, data, 0, sz, 0); if (ret == WOLFJNI_SELECT_FAIL) { throw new SocketException("Socket select() failed, errno = " + @@ -988,15 +1008,22 @@ public int read(byte[] data, int offset, int sz, int timeout) throws IllegalStateException, SocketTimeoutException, SocketException { int ret; + long localPtr; confirmObjectIsActive(); + /* Fix for Infer scan, since not synchronizing on sslLock for + * access to this.sslPtr, see note below */ + synchronized (sslLock) { + localPtr = this.sslPtr; + } + /* not synchronizing on sslLock here since JNI read() locks * session mutex around native wolfSSL_read() call. If sslLock * is locked here, since we call select() inside native JNI we * could timeout waiting for corresponding write() operation to * occur if needed */ - ret = read(getSessionPtr(), data, offset, sz, timeout); + ret = read(localPtr, data, offset, sz, timeout); if (ret == WOLFJNI_TIMEOUT) { throw new SocketTimeoutException("Socket read timeout"); @@ -1045,7 +1072,7 @@ public int accept() confirmObjectIsActive(); synchronized (sslLock) { - ret = accept(getSessionPtr(), 0); + ret = accept(this.sslPtr, 0); } if (ret == WolfSSL.WOLFJNI_TIMEOUT) { @@ -1099,7 +1126,7 @@ public int accept(int timeout) confirmObjectIsActive(); synchronized (sslLock) { - ret = accept(getSessionPtr(), timeout); + ret = accept(this.sslPtr, timeout); } if (ret == WolfSSL.WOLFJNI_TIMEOUT) { @@ -1133,7 +1160,7 @@ public synchronized void freeSSL() synchronized (sslLock) { /* free native resources */ - freeSSL(getSessionPtr()); + freeSSL(this.sslPtr); /* free Java resources */ this.active = false; @@ -1180,7 +1207,7 @@ public int shutdownSSL() confirmObjectIsActive(); synchronized (sslLock) { - ret = shutdownSSL(getSessionPtr(), 0); + ret = shutdownSSL(this.sslPtr, 0); } if (ret == WOLFJNI_SELECT_FAIL) { @@ -1231,7 +1258,7 @@ public int shutdownSSL(int timeout) confirmObjectIsActive(); synchronized (sslLock) { - ret = shutdownSSL(getSessionPtr(), timeout); + ret = shutdownSSL(this.sslPtr, timeout); } if (ret == WOLFJNI_TIMEOUT) { @@ -1268,7 +1295,7 @@ public int getError(int ret) throws IllegalStateException { confirmObjectIsActive(); synchronized (sslLock) { - return getError(getSessionPtr(), ret); + return getError(this.sslPtr, ret); } } @@ -1298,7 +1325,7 @@ public int setSession(long session) throws IllegalStateException { confirmObjectIsActive(); synchronized (sslLock) { - return setSession(getSessionPtr(), session); + return setSession(this.sslPtr, session); } } @@ -1333,7 +1360,7 @@ public long getSession() throws IllegalStateException { confirmObjectIsActive(); synchronized (sslLock) { - return get1Session(getSessionPtr()); + return get1Session(this.sslPtr); } } @@ -1365,7 +1392,7 @@ public byte[] getSessionID() throws IllegalStateException { confirmObjectIsActive(); synchronized (sslLock) { - long sess = getSession(getSessionPtr()); + long sess = getSession(this.sslPtr); if (sess != 0) { /* returns new byte[] independent of sess ptr */ return getSessionID(sess); @@ -1407,7 +1434,9 @@ public int setServerID(byte[] id, int newSess) confirmObjectIsActive(); - return setServerID(getSessionPtr(), id, id.length, newSess); + synchronized (sslLock) { + return setServerID(this.sslPtr, id, id.length, newSess); + } } /** @@ -1450,7 +1479,7 @@ public long getSessTimeout() throws IllegalStateException { confirmObjectIsActive(); synchronized (sslLock) { - return getSessTimeout(this.getSession(getSessionPtr())); + return getSessTimeout(this.getSession(this.sslPtr)); } } @@ -1468,7 +1497,7 @@ public long setTimeout(long t) throws IllegalStateException { confirmObjectIsActive(); synchronized (sslLock) { - return setTimeout(getSessionPtr(), t); + return setTimeout(this.sslPtr, t); } } @@ -1485,7 +1514,7 @@ public long getTimeout() throws IllegalStateException { confirmObjectIsActive(); synchronized (sslLock) { - return getTimeout(getSessionPtr()); + return getTimeout(this.sslPtr); } } @@ -1517,7 +1546,7 @@ public int setCipherList(String list) throws IllegalStateException { confirmObjectIsActive(); synchronized (sslLock) { - return setCipherList(getSessionPtr(), list); + return setCipherList(this.sslPtr, list); } } @@ -1572,7 +1601,7 @@ public int setSignatureAlgorithms(String list) confirmObjectIsActive(); synchronized (sslLock) { - return set1SigAlgsList(getSessionPtr(), list); + return set1SigAlgsList(this.sslPtr, list); } } @@ -1607,7 +1636,7 @@ public int useSupportedCurves(String[] curveNames) for (String curve : curveNames) { curveEnum = WolfSSL.getNamedGroupFromString(curve); synchronized (sslLock) { - ret = useSupportedCurve(getSessionPtr(), curveEnum); + ret = useSupportedCurve(this.sslPtr, curveEnum); } } @@ -1639,7 +1668,7 @@ public int dtlsGetCurrentTimeout() confirmObjectIsActive(); synchronized (sslLock) { - return dtlsGetCurrentTimeout(getSessionPtr()); + return dtlsGetCurrentTimeout(this.sslPtr); } } @@ -1668,7 +1697,7 @@ public int dtlsGotTimeout() confirmObjectIsActive(); synchronized (sslLock) { - return dtlsGotTimeout(getSessionPtr()); + return dtlsGotTimeout(this.sslPtr); } } @@ -1690,7 +1719,7 @@ public int dtls() confirmObjectIsActive(); synchronized (sslLock) { - return dtls(getSessionPtr()); + return dtls(this.sslPtr); } } @@ -1714,7 +1743,7 @@ public int dtlsSetPeer(InetSocketAddress peer) confirmObjectIsActive(); synchronized (sslLock) { - return dtlsSetPeer(getSessionPtr(), peer); + return dtlsSetPeer(this.sslPtr, peer); } } @@ -1734,7 +1763,7 @@ public InetSocketAddress dtlsGetPeer() throws IllegalStateException { confirmObjectIsActive(); synchronized (sslLock) { - return dtlsGetPeer(getSessionPtr()); + return dtlsGetPeer(this.sslPtr); } } @@ -1758,7 +1787,7 @@ public int sessionReused() confirmObjectIsActive(); synchronized (sslLock) { - return sessionReused(getSessionPtr()); + return sessionReused(this.sslPtr); } } @@ -1781,7 +1810,7 @@ public long getPeerCertificate() confirmObjectIsActive(); synchronized (sslLock) { - return getPeerCertificate(getSessionPtr()); + return getPeerCertificate(this.sslPtr); } } @@ -1804,7 +1833,7 @@ public String getPeerX509Issuer(long x509) confirmObjectIsActive(); synchronized (sslLock) { - return getPeerX509Issuer(getSessionPtr(), x509); + return getPeerX509Issuer(this.sslPtr, x509); } } @@ -1827,7 +1856,7 @@ public String getPeerX509Subject(long x509) confirmObjectIsActive(); synchronized (sslLock) { - return getPeerX509Subject(getSessionPtr(), x509); + return getPeerX509Subject(this.sslPtr, x509); } } @@ -1854,7 +1883,7 @@ public String getPeerX509AltName(long x509) confirmObjectIsActive(); synchronized (sslLock) { - return getPeerX509AltName(getSessionPtr(), x509); + return getPeerX509AltName(this.sslPtr, x509); } } @@ -1875,7 +1904,7 @@ public String getVersion() confirmObjectIsActive(); synchronized (sslLock) { - return getVersion(getSessionPtr()); + return getVersion(this.sslPtr); } } @@ -1897,7 +1926,7 @@ public long getCurrentCipher() confirmObjectIsActive(); synchronized (sslLock) { - return getCurrentCipher(getSessionPtr()); + return getCurrentCipher(this.sslPtr); } } @@ -1922,7 +1951,7 @@ public int checkDomainName(String dn) confirmObjectIsActive(); synchronized (sslLock) { - return checkDomainName(getSessionPtr(), dn); + return checkDomainName(this.sslPtr, dn); } } @@ -1948,7 +1977,7 @@ public int setTmpDH(byte[] p, int pSz, byte[] g, int gSz) confirmObjectIsActive(); synchronized (sslLock) { - return setTmpDH(getSessionPtr(), p, pSz, g, gSz); + return setTmpDH(this.sslPtr, p, pSz, g, gSz); } } @@ -1977,7 +2006,7 @@ public int setTmpDHFile(String fname, int format) confirmObjectIsActive(); synchronized (sslLock) { - return setTmpDHFile(getSessionPtr(), fname, format); + return setTmpDHFile(this.sslPtr, fname, format); } } @@ -2014,7 +2043,7 @@ public int useCertificateBuffer(byte[] in, long sz, int format) confirmObjectIsActive(); synchronized (sslLock) { - return useCertificateBuffer(getSessionPtr(), in, sz, format); + return useCertificateBuffer(this.sslPtr, in, sz, format); } } @@ -2054,7 +2083,7 @@ public int usePrivateKeyBuffer(byte[] in, long sz, int format) confirmObjectIsActive(); synchronized (sslLock) { - return usePrivateKeyBuffer(getSessionPtr(), in, sz, format); + return usePrivateKeyBuffer(this.sslPtr, in, sz, format); } } @@ -2094,7 +2123,7 @@ public int useCertificateChainBuffer(byte[] in, long sz) confirmObjectIsActive(); synchronized (sslLock) { - return useCertificateChainBuffer(getSessionPtr(), in, sz); + return useCertificateChainBuffer(this.sslPtr, in, sz); } } @@ -2138,8 +2167,7 @@ public int useCertificateChainBufferFormat(byte[] in, long sz, int format) confirmObjectIsActive(); synchronized (sslLock) { - return useCertificateChainBufferFormat( - getSessionPtr(), in, sz, format); + return useCertificateChainBufferFormat(this.sslPtr, in, sz, format); } } @@ -2160,7 +2188,7 @@ public int setGroupMessages() confirmObjectIsActive(); synchronized (sslLock) { - return setGroupMessages(getSessionPtr()); + return setGroupMessages(this.sslPtr); } } @@ -2183,7 +2211,7 @@ public int setGroupMessages() * @see WolfSSLContext#setIORecv(WolfSSLIORecvCallback) * @see WolfSSLContext#setIOSend(WolfSSLIOSendCallback) */ - public void setIOReadCtx(Object ctx) + public synchronized void setIOReadCtx(Object ctx) throws IllegalStateException, WolfSSLJNIException { confirmObjectIsActive(); @@ -2197,7 +2225,7 @@ public void setIOReadCtx(Object ctx) * @return Object that was set with setIOReadCtx(). * @throws IllegalStateException WolfSSLContext has been freed */ - public Object getIOReadCtx() + public synchronized Object getIOReadCtx() throws IllegalStateException { confirmObjectIsActive(); @@ -2224,7 +2252,7 @@ public Object getIOReadCtx() * @see WolfSSLContext#setIOSend(WolfSSLIOSendCallback) * @see WolfSSLContext#setIORecv(WolfSSLIORecvCallback) */ - public void setIOWriteCtx(Object ctx) + public synchronized void setIOWriteCtx(Object ctx) throws IllegalStateException, WolfSSLJNIException { confirmObjectIsActive(); @@ -2238,7 +2266,7 @@ public void setIOWriteCtx(Object ctx) * @return Object that was set with setIOWriteCtx(). * @throws IllegalStateException WolfSSLContext has been freed */ - public Object getIOWriteCtx() + public synchronized Object getIOWriteCtx() throws IllegalStateException { confirmObjectIsActive(); @@ -2260,7 +2288,7 @@ public Object getIOWriteCtx() * @throws WolfSSLJNIException Internal JNI error * @see WolfSSLContext#setGenCookie(WolfSSLGenCookieCallback) */ - public void setGenCookieCtx(Object ctx) + public synchronized void setGenCookieCtx(Object ctx) throws IllegalStateException, WolfSSLJNIException { confirmObjectIsActive(); @@ -2298,7 +2326,7 @@ public int enableCRL(int options) confirmObjectIsActive(); synchronized (sslLock) { - return enableCRL(getSessionPtr(), options); + return enableCRL(this.sslPtr, options); } } @@ -2325,7 +2353,7 @@ public int disableCRL() confirmObjectIsActive(); synchronized (sslLock) { - return disableCRL(getSessionPtr()); + return disableCRL(this.sslPtr); } } @@ -2373,7 +2401,7 @@ public int loadCRL(String path, int type, int monitor) confirmObjectIsActive(); synchronized (sslLock) { - return loadCRL(getSessionPtr(), path, type, monitor); + return loadCRL(this.sslPtr, path, type, monitor); } } @@ -2399,7 +2427,7 @@ public int setCRLCb(WolfSSLMissingCRLCallback cb) confirmObjectIsActive(); synchronized (sslLock) { - return setCRLCb(getSessionPtr(), cb); + return setCRLCb(this.sslPtr, cb); } } @@ -2419,7 +2447,7 @@ public String cipherGetName() confirmObjectIsActive(); synchronized (sslLock) { - return cipherGetName(getSessionPtr()); + return cipherGetName(this.sslPtr); } } @@ -2443,7 +2471,7 @@ public byte[] getMacSecret(int verify) confirmObjectIsActive(); synchronized (sslLock) { - return getMacSecret(getSessionPtr(), verify); + return getMacSecret(this.sslPtr, verify); } } @@ -2463,7 +2491,7 @@ public byte[] getClientWriteKey() confirmObjectIsActive(); synchronized (sslLock) { - return getClientWriteKey(getSessionPtr()); + return getClientWriteKey(this.sslPtr); } } @@ -2485,7 +2513,7 @@ public byte[] getClientWriteIV() confirmObjectIsActive(); synchronized (sslLock) { - return getClientWriteIV(getSessionPtr()); + return getClientWriteIV(this.sslPtr); } } @@ -2505,7 +2533,7 @@ public byte[] getServerWriteKey() confirmObjectIsActive(); synchronized (sslLock) { - return getServerWriteKey(getSessionPtr()); + return getServerWriteKey(this.sslPtr); } } @@ -2527,7 +2555,7 @@ public byte[] getServerWriteIV() confirmObjectIsActive(); synchronized (sslLock) { - return getServerWriteIV(getSessionPtr()); + return getServerWriteIV(this.sslPtr); } } @@ -2545,7 +2573,7 @@ public int getKeySize() throws IllegalStateException { confirmObjectIsActive(); synchronized (sslLock) { - return getKeySize(getSessionPtr()); + return getKeySize(this.sslPtr); } } @@ -2565,7 +2593,7 @@ public int getSide() throws IllegalStateException { confirmObjectIsActive(); synchronized (sslLock) { - return getSide(getSessionPtr()); + return getSide(this.sslPtr); } } @@ -2584,7 +2612,7 @@ public int isTLSv1_1() throws IllegalStateException { confirmObjectIsActive(); synchronized (sslLock) { - return isTLSv1_1(getSessionPtr()); + return isTLSv1_1(this.sslPtr); } } @@ -2610,7 +2638,7 @@ public int getBulkCipher() throws IllegalStateException { confirmObjectIsActive(); synchronized (sslLock) { - return getBulkCipher(getSessionPtr()); + return getBulkCipher(this.sslPtr); } } @@ -2629,7 +2657,7 @@ public int getCipherBlockSize() throws IllegalStateException { confirmObjectIsActive(); synchronized (sslLock) { - return getCipherBlockSize(getSessionPtr()); + return getCipherBlockSize(this.sslPtr); } } @@ -2649,7 +2677,7 @@ public int getAeadMacSize() throws IllegalStateException { confirmObjectIsActive(); synchronized (sslLock) { - return getAeadMacSize(getSessionPtr()); + return getAeadMacSize(this.sslPtr); } } @@ -2669,7 +2697,7 @@ public int getHmacSize() throws IllegalStateException { confirmObjectIsActive(); synchronized (sslLock) { - return getHmacSize(getSessionPtr()); + return getHmacSize(this.sslPtr); } } @@ -2696,7 +2724,7 @@ public int getHmacType() throws IllegalStateException { confirmObjectIsActive(); synchronized (sslLock) { - return getHmacType(getSessionPtr()); + return getHmacType(this.sslPtr); } } @@ -2719,7 +2747,7 @@ public int getCipherType() throws IllegalStateException { confirmObjectIsActive(); synchronized (sslLock) { - return getCipherType(getSessionPtr()); + return getCipherType(this.sslPtr); } } @@ -2748,7 +2776,7 @@ public int setTlsHmacInner(byte[] inner, long sz, int content, confirmObjectIsActive(); synchronized (sslLock) { - return setTlsHmacInner(getSessionPtr(), inner, sz, content, verify); + return setTlsHmacInner(this.sslPtr, inner, sz, content, verify); } } @@ -2762,7 +2790,7 @@ public int setTlsHmacInner(byte[] inner, long sz, int content, * @throws WolfSSLJNIException Internal JNI error * @see WolfSSLContext#setMacEncryptCb(WolfSSLMacEncryptCallback) */ - public void setMacEncryptCtx(Object ctx) + public synchronized void setMacEncryptCtx(Object ctx) throws IllegalStateException, WolfSSLJNIException { confirmObjectIsActive(); @@ -2780,7 +2808,7 @@ public void setMacEncryptCtx(Object ctx) * @throws WolfSSLJNIException Internal JNI error * @see WolfSSLContext#setDecryptVerifyCb(WolfSSLDecryptVerifyCallback) */ - public void setDecryptVerifyCtx(Object ctx) + public synchronized void setDecryptVerifyCtx(Object ctx) throws IllegalStateException, WolfSSLJNIException { confirmObjectIsActive(); @@ -2797,14 +2825,14 @@ public void setDecryptVerifyCtx(Object ctx) * @throws WolfSSLJNIException Internal JNI error * @see WolfSSLContext#setEccSignCb(WolfSSLEccSignCallback) */ - public void setEccSignCtx(Object ctx) + public synchronized void setEccSignCtx(Object ctx) throws IllegalStateException, WolfSSLJNIException { confirmObjectIsActive(); eccSignCtx = ctx; synchronized (sslLock) { - setEccSignCtx(getSessionPtr()); + setEccSignCtx(this.sslPtr); } } @@ -2817,14 +2845,14 @@ public void setEccSignCtx(Object ctx) * @throws WolfSSLJNIException Internal JNI error * @see WolfSSLContext#setEccVerifyCb(WolfSSLEccVerifyCallback) */ - public void setEccVerifyCtx(Object ctx) + public synchronized void setEccVerifyCtx(Object ctx) throws IllegalStateException, WolfSSLJNIException { confirmObjectIsActive(); eccVerifyCtx = ctx; synchronized (sslLock) { - setEccVerifyCtx(getSessionPtr()); + setEccVerifyCtx(this.sslPtr); } } @@ -2838,14 +2866,14 @@ public void setEccVerifyCtx(Object ctx) * @see WolfSSLContext#setEccSignCb(WolfSSLEccSignCallback) * @see WolfSSLContext#setEccVerifyCb(WolfSSLEccVerifyCallback) */ - public void setEccSharedSecretCtx(Object ctx) + public synchronized void setEccSharedSecretCtx(Object ctx) throws IllegalStateException, WolfSSLJNIException { confirmObjectIsActive(); eccSharedSecretCtx = ctx; synchronized (sslLock) { - setEccSharedSecretCtx(getSessionPtr()); + setEccSharedSecretCtx(this.sslPtr); } } @@ -2858,14 +2886,14 @@ public void setEccSharedSecretCtx(Object ctx) * @throws WolfSSLJNIException Internal JNI error * @see WolfSSLContext#setRsaSignCb(WolfSSLRsaSignCallback) */ - public void setRsaSignCtx(Object ctx) + public synchronized void setRsaSignCtx(Object ctx) throws IllegalStateException, WolfSSLJNIException { confirmObjectIsActive(); rsaSignCtx = ctx; synchronized (sslLock) { - setRsaSignCtx(getSessionPtr()); + setRsaSignCtx(this.sslPtr); } } @@ -2879,14 +2907,14 @@ public void setRsaSignCtx(Object ctx) * @throws WolfSSLJNIException Internal JNI error * @see WolfSSLContext#setRsaVerifyCb(WolfSSLRsaVerifyCallback) */ - public void setRsaVerifyCtx(Object ctx) + public synchronized void setRsaVerifyCtx(Object ctx) throws IllegalStateException, WolfSSLJNIException { confirmObjectIsActive(); rsaVerifyCtx = ctx; synchronized (sslLock) { - setRsaVerifyCtx(getSessionPtr()); + setRsaVerifyCtx(this.sslPtr); } } @@ -2900,14 +2928,14 @@ public void setRsaVerifyCtx(Object ctx) * @throws WolfSSLJNIException Internal JNI error * @see WolfSSLContext#setRsaEncCb(WolfSSLRsaEncCallback) */ - public void setRsaEncCtx(Object ctx) + public synchronized void setRsaEncCtx(Object ctx) throws IllegalStateException, WolfSSLJNIException { confirmObjectIsActive(); rsaEncCtx = ctx; synchronized (sslLock) { - setRsaEncCtx(getSessionPtr()); + setRsaEncCtx(this.sslPtr); } } @@ -2921,14 +2949,14 @@ public void setRsaEncCtx(Object ctx) * @throws WolfSSLJNIException Internal JNI error * @see WolfSSLContext#setRsaDecCb(WolfSSLRsaDecCallback) */ - public void setRsaDecCtx(Object ctx) + public synchronized void setRsaDecCtx(Object ctx) throws IllegalStateException, WolfSSLJNIException { confirmObjectIsActive(); rsaDecCtx = ctx; synchronized (sslLock) { - setRsaDecCtx(getSessionPtr()); + setRsaDecCtx(this.sslPtr); } } @@ -2963,7 +2991,7 @@ public void setRsaDecCtx(Object ctx) * @see WolfSSLSession#getPskIdentity() * @see WolfSSLSession#getPskIdentityHint() */ - public void setPskClientCb(WolfSSLPskClientCallback callback) + public synchronized void setPskClientCb(WolfSSLPskClientCallback callback) throws IllegalStateException, WolfSSLJNIException { confirmObjectIsActive(); @@ -2973,7 +3001,7 @@ public void setPskClientCb(WolfSSLPskClientCallback callback) /* register internal callback with native library */ synchronized (sslLock) { - setPskClientCb(getSessionPtr()); + setPskClientCb(this.sslPtr); } } @@ -3004,7 +3032,7 @@ public void setPskClientCb(WolfSSLPskClientCallback callback) * @see WolfSSLSession#getPskIdentity() * @see WolfSSLSession#getPskIdentityHint() */ - public void setPskServerCb(WolfSSLPskServerCallback callback) + public synchronized void setPskServerCb(WolfSSLPskServerCallback callback) throws IllegalStateException, WolfSSLJNIException { confirmObjectIsActive(); @@ -3014,7 +3042,7 @@ public void setPskServerCb(WolfSSLPskServerCallback callback) /* register internal callback with native library */ synchronized (sslLock) { - setPskServerCb(getSessionPtr()); + setPskServerCb(this.sslPtr); } } @@ -3036,7 +3064,7 @@ public String getPskIdentityHint() throws IllegalStateException { confirmObjectIsActive(); synchronized (sslLock) { - return getPskIdentityHint(getSessionPtr()); + return getPskIdentityHint(this.sslPtr); } } @@ -3058,7 +3086,7 @@ public String getPskIdentity() { confirmObjectIsActive(); synchronized (sslLock) { - return getPskIdentity(getSessionPtr()); + return getPskIdentity(this.sslPtr); } } @@ -3082,7 +3110,7 @@ public int usePskIdentityHint(String hint) { confirmObjectIsActive(); synchronized (sslLock) { - return usePskIdentityHint(getSessionPtr(), hint); + return usePskIdentityHint(this.sslPtr, hint); } } @@ -3097,7 +3125,7 @@ public boolean handshakeDone() { confirmObjectIsActive(); synchronized (sslLock) { - return handshakeDone(getSessionPtr()); + return handshakeDone(this.sslPtr); } } @@ -3111,7 +3139,7 @@ public void setConnectState() { confirmObjectIsActive(); synchronized (sslLock) { - setConnectState(getSessionPtr()); + setConnectState(this.sslPtr); } } @@ -3125,7 +3153,7 @@ public void setAcceptState() { confirmObjectIsActive(); synchronized (sslLock) { - setAcceptState(getSessionPtr()); + setAcceptState(this.sslPtr); } } @@ -3169,7 +3197,7 @@ public void setVerify(int mode, WolfSSLVerifyCallback callback) confirmObjectIsActive(); synchronized (sslLock) { - setVerify(getSessionPtr(), mode, callback); + setVerify(this.sslPtr, mode, callback); } } @@ -3188,7 +3216,7 @@ public long setOptions(long op) confirmObjectIsActive(); synchronized (sslLock) { - return setOptions(getSessionPtr(), op); + return setOptions(this.sslPtr, op); } } @@ -3207,7 +3235,7 @@ public long getOptions() confirmObjectIsActive(); synchronized (sslLock) { - return getOptions(getSessionPtr()); + return getOptions(this.sslPtr); } } @@ -3222,7 +3250,7 @@ public boolean gotCloseNotify() { confirmObjectIsActive(); synchronized (sslLock) { - int ret = gotCloseNotify(getSessionPtr()); + int ret = gotCloseNotify(this.sslPtr); if (ret == 1) { return true; } else { @@ -3251,7 +3279,7 @@ public boolean gotCloseNotify() { * @throws WolfSSLJNIException Internal JNI error * @see #setIOSend(WolfSSLIOSendCallback) */ - public void setIORecv(WolfSSLIORecvCallback callback) + public synchronized void setIORecv(WolfSSLIORecvCallback callback) throws IllegalStateException, WolfSSLJNIException { confirmObjectIsActive(); @@ -3261,7 +3289,7 @@ public void setIORecv(WolfSSLIORecvCallback callback) /* register internal callback with native library */ synchronized (sslLock) { - setSSLIORecv(getSessionPtr()); + setSSLIORecv(this.sslPtr); } } @@ -3285,7 +3313,7 @@ public void setIORecv(WolfSSLIORecvCallback callback) * @throws WolfSSLJNIException Internal JNI error * @see #setIORecv(WolfSSLIORecvCallback) */ - public void setIOSend(WolfSSLIOSendCallback callback) + public synchronized void setIOSend(WolfSSLIOSendCallback callback) throws IllegalStateException, WolfSSLJNIException { confirmObjectIsActive(); @@ -3295,7 +3323,7 @@ public void setIOSend(WolfSSLIOSendCallback callback) /* register internal callback with native library */ synchronized (sslLock) { - setSSLIOSend(getSessionPtr()); + setSSLIOSend(this.sslPtr); } } @@ -3311,14 +3339,15 @@ public void setIOSend(WolfSSLIOSendCallback callback) * @throws IllegalStateException if called when WolfSSLSession is not * active */ - public int useSNI(byte type, byte[] data) throws IllegalStateException { + public synchronized int useSNI(byte type, byte[] data) + throws IllegalStateException { int ret; confirmObjectIsActive(); synchronized (sslLock) { - ret = useSNI(getSessionPtr(), type, data); + ret = useSNI(this.sslPtr, type, data); if (ret == WolfSSL.SSL_SUCCESS) { /* Save SNI requested by client for use later if needed */ @@ -3337,7 +3366,8 @@ public int useSNI(byte type, byte[] data) throws IllegalStateException { * @throws IllegalStateException if called when WolfSSLSession is not * active */ - public byte[] getClientSNIRequest() throws IllegalStateException { + public synchronized byte[] getClientSNIRequest() + throws IllegalStateException { confirmObjectIsActive(); @@ -3367,7 +3397,7 @@ public String getSNIRequest(byte type) throws IllegalStateException { synchronized (sslLock) { /* Returns a byte array representing SNI host name */ - reqBytes = getSNIRequest(getSessionPtr(), type); + reqBytes = getSNIRequest(this.sslPtr, type); } if (reqBytes != null) { @@ -3383,14 +3413,15 @@ public String getSNIRequest(byte type) throws IllegalStateException { * @return WolfSSL.SSL_SUCCESS on success, otherwise negative. * @throws IllegalStateException WolfSSLSession has been freed */ - public int useSessionTicket() throws IllegalStateException { + public synchronized int useSessionTicket() + throws IllegalStateException { int ret; confirmObjectIsActive(); synchronized (sslLock) { - ret = useSessionTicket(getSessionPtr()); + ret = useSessionTicket(this.sslPtr); if (ret == WolfSSL.SSL_SUCCESS) { this.sessionTicketsEnabled = true; @@ -3408,7 +3439,8 @@ public int useSessionTicket() throws IllegalStateException { * @return true if enabled, otherwise false. * @throws IllegalStateException WolfSSLSession has been freed */ - public boolean sessionTicketsEnabled() throws IllegalStateException { + public synchronized boolean sessionTicketsEnabled() + throws IllegalStateException { confirmObjectIsActive(); @@ -3433,7 +3465,7 @@ public int useALPN(byte[] alpnProtos) throws IllegalStateException { confirmObjectIsActive(); synchronized (sslLock) { - return sslSetAlpnProtos(getSessionPtr(), alpnProtos); + return sslSetAlpnProtos(this.sslPtr, alpnProtos); } } @@ -3473,7 +3505,7 @@ public int useALPN(String[] protocols, int options) { } synchronized (sslLock) { - return useALPN(getSessionPtr(), allProtocols.toString(), options); + return useALPN(this.sslPtr, allProtocols.toString(), options); } } @@ -3488,7 +3520,7 @@ public byte[] getAlpnSelected() throws IllegalStateException { confirmObjectIsActive(); synchronized (sslLock) { - return sslGet0AlpnSelected(getSessionPtr()); + return sslGet0AlpnSelected(this.sslPtr); } } @@ -3542,7 +3574,7 @@ public int setAlpnSelectCb(WolfSSLALPNSelectCallback cb, Object arg) confirmObjectIsActive(); synchronized (sslLock) { - ret = setALPNSelectCb(getSessionPtr()); + ret = setALPNSelectCb(this.sslPtr); if (ret == WolfSSL.SSL_SUCCESS) { /* set ALPN select callback */ internAlpnSelectCb = cb; @@ -3582,7 +3614,7 @@ public int setTls13SecretCb(WolfSSLTls13SecretCallback cb, Object ctx) confirmObjectIsActive(); synchronized (sslLock) { - ret = setTls13SecretCb(getSessionPtr()); + ret = setTls13SecretCb(this.sslPtr); if (ret == WolfSSL.SSL_SUCCESS) { /* Set TLS 1.3 secret callback */ internTls13SecretCb = cb; @@ -3610,7 +3642,7 @@ public void keepArrays() confirmObjectIsActive(); synchronized (sslLock) { - keepArrays(getSessionPtr()); + keepArrays(this.sslPtr); } } @@ -3628,7 +3660,7 @@ public byte[] getClientRandom() confirmObjectIsActive(); synchronized (sslLock) { - return getClientRandom(getSessionPtr()); + return getClientRandom(this.sslPtr); } } @@ -3648,7 +3680,7 @@ public int useSecureRenegotiation() throws IllegalStateException { confirmObjectIsActive(); synchronized (sslLock) { - return useSecureRenegotiation(getSessionPtr()); + return useSecureRenegotiation(this.sslPtr); } } @@ -3698,7 +3730,7 @@ public int rehandshake() throws IllegalStateException { confirmObjectIsActive(); synchronized (sslLock) { - return rehandshake(getSessionPtr()); + return rehandshake(this.sslPtr); } } @@ -3711,7 +3743,7 @@ public int getShutdown() throws IllegalStateException { confirmObjectIsActive(); synchronized (sslLock) { - return getShutdown(getSessionPtr()); + return getShutdown(this.sslPtr); } } @@ -3721,8 +3753,6 @@ protected void finalize() throws Throwable { /* free resources, freeSSL() checks and sets state */ this.freeSSL(); - this.sslPtr = 0; - super.finalize(); } diff --git a/src/java/com/wolfssl/WolfSSLX509Name.java b/src/java/com/wolfssl/WolfSSLX509Name.java index e661c392..e32c917e 100644 --- a/src/java/com/wolfssl/WolfSSLX509Name.java +++ b/src/java/com/wolfssl/WolfSSLX509Name.java @@ -31,6 +31,9 @@ public class WolfSSLX509Name { /* Lock around active state */ private final Object stateLock = new Object(); + /* Lock around x509NamePtr pointer access */ + private final Object x509NameLock = new Object(); + /* Cache name elements in Java before pushing through JNI, for easier * retrieval from getXXX() methods */ private String countryName = null; @@ -97,8 +100,10 @@ protected long getNativeX509NamePtr() throws IllegalStateException { confirmObjectIsActive(); - /* TODO lock around x509NamePtr */ - return this.x509NamePtr; + /* TODO lock around x509NamePtr for caller use */ + synchronized (x509NameLock) { + return this.x509NamePtr; + } } /** @@ -122,9 +127,11 @@ private synchronized void addEntryByTxt(String field, String entry) "addEntryByTxt()"); } - ret = X509_NAME_add_entry_by_txt(this.x509NamePtr, field, - MBSTRING_UTF8, entry.getBytes(), - entry.getBytes().length, -1, 0); + synchronized (x509NameLock) { + ret = X509_NAME_add_entry_by_txt(this.x509NamePtr, field, + MBSTRING_UTF8, entry.getBytes(), + entry.getBytes().length, -1, 0); + } if (ret != WolfSSL.SSL_SUCCESS) { throw new WolfSSLException("Error setting " + field + " into " + @@ -507,12 +514,14 @@ public synchronized void free() { /* already freed, just return */ return; } - - /* free native resources */ - X509_NAME_free(this.x509NamePtr); - this.active = false; - this.x509NamePtr = 0; + synchronized (x509NameLock) { + /* free native resources */ + X509_NAME_free(this.x509NamePtr); + + this.active = false; + this.x509NamePtr = 0; + } } } diff --git a/src/java/com/wolfssl/provider/jsse/WolfSSLEngine.java b/src/java/com/wolfssl/provider/jsse/WolfSSLEngine.java index 9955b5ba..ece185e9 100644 --- a/src/java/com/wolfssl/provider/jsse/WolfSSLEngine.java +++ b/src/java/com/wolfssl/provider/jsse/WolfSSLEngine.java @@ -66,7 +66,7 @@ */ public class WolfSSLEngine extends SSLEngine { - private WolfSSLEngineHelper EngineHelper = null; + private WolfSSLEngineHelper engineHelper = null; private WolfSSLSession ssl = null; private com.wolfssl.WolfSSLContext ctx = null; private WolfSSLAuthStore authStore = null; @@ -164,11 +164,11 @@ protected WolfSSLEngine(com.wolfssl.WolfSSLContext ctx, null, ex); throw new WolfSSLException("Error with init"); } - EngineHelper = new WolfSSLEngineHelper(this.ssl, this.authStore, - this.params); + this.engineHelper = new WolfSSLEngineHelper(this.ssl, this.authStore, + this.params); try { - EngineHelper.LoadKeyAndCertChain(null, this); + this.engineHelper.LoadKeyAndCertChain(null, this); } catch (CertificateEncodingException | IOException e) { WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "failed to load private key and/or cert chain"); @@ -200,11 +200,11 @@ protected WolfSSLEngine(com.wolfssl.WolfSSLContext ctx, null, ex); throw new WolfSSLException("Error with init"); } - EngineHelper = new WolfSSLEngineHelper(this.ssl, this.authStore, + this.engineHelper = new WolfSSLEngineHelper(this.ssl, this.authStore, this.params, port, host); try { - EngineHelper.LoadKeyAndCertChain(null, this); + this.engineHelper.LoadKeyAndCertChain(null, this); } catch (CertificateEncodingException | IOException e) { WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "failed to load private key and/or cert chain"); @@ -355,7 +355,7 @@ private synchronized int ClosingConnection() throws SocketException { * since underlying get1Session can use I/O with peek. */ if (!this.sessionStored) { synchronized (ioLock) { - EngineHelper.saveSession(); + this.engineHelper.saveSession(); } } @@ -444,7 +444,7 @@ private synchronized int SendAppData(ByteBuffer[] in, int ofst, int len) /* only send up to maximum app data size chunk */ sendSz = Math.min(totalIn, - EngineHelper.getSession().getApplicationBufferSize()); + this.engineHelper.getSession().getApplicationBufferSize()); dataBuf = ByteBuffer.allocate(sendSz); /* gather byte array of sendSz bytes from input buffers */ @@ -533,7 +533,7 @@ public synchronized SSLEngineResult wrap(ByteBuffer[] in, int ofst, int len, WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "==== [ entering wrap() ] ==================================="); WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, - "setUseClientMode: " + EngineHelper.getUseClientMode()); + "setUseClientMode: " + this.engineHelper.getUseClientMode()); for (i = 0; i < len; i++) { WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "ByteBuffer in["+i+"].remaining(): " + in[i].remaining()); @@ -583,7 +583,7 @@ public synchronized SSLEngineResult wrap(ByteBuffer[] in, int ofst, int len, } if (needInit) { - EngineHelper.initHandshake(this); + this.engineHelper.initHandshake(this); needInit = false; closed = false; /* opened a connection */ } @@ -593,7 +593,8 @@ public synchronized SSLEngineResult wrap(ByteBuffer[] in, int ofst, int len, } /* Force out buffer to be large enough to hold max packet size */ - if (out.remaining() < EngineHelper.getSession().getPacketBufferSize()) { + if (out.remaining() < + this.engineHelper.getSession().getPacketBufferSize()) { return new SSLEngineResult(Status.BUFFER_OVERFLOW, hs, 0, 0); } @@ -610,7 +611,7 @@ public synchronized SSLEngineResult wrap(ByteBuffer[] in, int ofst, int len, status = SSLEngineResult.Status.CLOSED; /* Handshake has finished and SSLEngine is closed, release * global JNI verify callback pointer */ - this.EngineHelper.unsetVerifyCallback(); + this.engineHelper.unsetVerifyCallback(); try { ClosingConnection(); @@ -645,7 +646,7 @@ else if (produced == 0) { WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "==== [ exiting wrap() ] ==================================="); WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, - "setUseClientMode: " + EngineHelper.getUseClientMode()); + "setUseClientMode: " + this.engineHelper.getUseClientMode()); for (i = 0; i < len; i++) { WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "ByteBuffer in["+i+"].remaining(): " + in[i].remaining()); @@ -896,7 +897,7 @@ public synchronized SSLEngineResult unwrap(ByteBuffer in, ByteBuffer[] out, WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "==== [ entering unwrap() ] ================================="); WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, - "setUseClientMode: " + EngineHelper.getUseClientMode()); + "setUseClientMode: " + this.engineHelper.getUseClientMode()); WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "in.remaining(): " + in.remaining()); WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, @@ -959,7 +960,7 @@ else if (hs == SSLEngineResult.HandshakeStatus.NEED_WRAP && else { if (needInit) { - EngineHelper.initHandshake(this); + this.engineHelper.initHandshake(this); needInit = false; closed = false; } @@ -971,7 +972,7 @@ else if (hs == SSLEngineResult.HandshakeStatus.NEED_WRAP && status = SSLEngineResult.Status.CLOSED; /* Handshake has finished and SSLEngine is closed, * release, global JNI verify callback pointer */ - this.EngineHelper.unsetVerifyCallback(); + this.engineHelper.unsetVerifyCallback(); } } catch (SocketException e) { throw new SSLException(e); @@ -1027,8 +1028,8 @@ else if (hs == SSLEngineResult.HandshakeStatus.NEED_WRAP && if (!this.sessionStored) { synchronized (ioLock) { WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, - "calling EngineHelper.saveSession()"); - int ret2 = EngineHelper.saveSession(); + "calling engineHelper.saveSession()"); + int ret2 = this.engineHelper.saveSession(); WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "return from saveSession(), ret = " + ret2); if (ret2 == WolfSSL.SSL_SUCCESS) { @@ -1043,7 +1044,7 @@ else if (hs == SSLEngineResult.HandshakeStatus.NEED_WRAP && status = SSLEngineResult.Status.CLOSED; /* Handshake has finished and SSLEngine is closed, * release, global JNI verify callback pointer */ - this.EngineHelper.unsetVerifyCallback(); + this.engineHelper.unsetVerifyCallback(); } int err = ssl.getError(ret); @@ -1083,7 +1084,7 @@ else if (hs == SSLEngineResult.HandshakeStatus.NEED_WRAP && WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "==== [ exiting unwrap() ] =================================="); WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, - "setUseClientMode: " + EngineHelper.getUseClientMode()); + "setUseClientMode: " + this.engineHelper.getUseClientMode()); WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "in.remaining(): " + in.remaining()); WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, @@ -1188,10 +1189,10 @@ else if (!this.outBoundOpen && !this.closeNotifySent) { "SSL/TLS handshake finished"); WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "SSL/TLS protocol: " + - EngineHelper.getSession().getProtocol()); + this.engineHelper.getSession().getProtocol()); WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "SSL/TLS cipher suite: " + - EngineHelper.getSession().getCipherSuite()); + this.engineHelper.getSession().getCipherSuite()); } /* give priority of WRAP/UNWRAP to state of our internal * I/O data buffers first, then wolfSSL err status */ @@ -1279,49 +1280,49 @@ public synchronized boolean isOutboundDone() { public String[] getSupportedCipherSuites() { WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "entered getSupportedCipherSuites()"); - return EngineHelper.getAllCiphers(); + return this.engineHelper.getAllCiphers(); } @Override public String[] getEnabledCipherSuites() { WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "entered getEnabledCipherSuites()"); - return EngineHelper.getCiphers(); + return this.engineHelper.getCiphers(); } @Override public void setEnabledCipherSuites(String[] suites) { WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "entered setEnabledCipherSuites()"); - EngineHelper.setCiphers(suites); + this.engineHelper.setCiphers(suites); } @Override public String[] getSupportedProtocols() { WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "entered getSupportedProtocols()"); - return EngineHelper.getAllProtocols(); + return this.engineHelper.getAllProtocols(); } @Override public synchronized String[] getEnabledProtocols() { WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "entered getEnabledProtocols()"); - return EngineHelper.getProtocols(); + return this.engineHelper.getProtocols(); } @Override public synchronized void setEnabledProtocols(String[] protocols) { WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "entered setEnabledProtocols()"); - EngineHelper.setProtocols(protocols); + this.engineHelper.setProtocols(protocols); } @Override public synchronized SSLSession getSession() { WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "entered getSession()"); - return EngineHelper.getSession(); + return this.engineHelper.getSession(); } /** @@ -1335,7 +1336,7 @@ public synchronized SSLSession getSession() { * @throws SSLException if native JNI call fails or underlying * WolfSSLSession has been freed */ - public boolean sessionResumed() throws SSLException { + public synchronized boolean sessionResumed() throws SSLException { if (this.ssl != null) { try { int resume = this.ssl.sessionReused(); @@ -1353,7 +1354,7 @@ public boolean sessionResumed() throws SSLException { public synchronized SSLSession getHandshakeSession() { WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "entered getHandshakeSession()"); - return EngineHelper.getSession(); + return this.engineHelper.getSession(); } @Override @@ -1379,14 +1380,14 @@ public synchronized void beginHandshake() throws SSLException { if (needInit == true) { /* will throw SSLHandshakeException if session creation is not allowed */ - EngineHelper.initHandshake(this); + this.engineHelper.initHandshake(this); needInit = false; } try { WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, - "calling EngineHelper.doHandshake()"); - int ret = EngineHelper.doHandshake(1, 0); + "calling engineHelper.doHandshake()"); + int ret = this.engineHelper.doHandshake(1, 0); SetHandshakeStatus(ret); } catch (SocketTimeoutException e) { @@ -1422,7 +1423,7 @@ public synchronized SSLEngineResult.HandshakeStatus getHandshakeStatus() { public synchronized void setUseClientMode(boolean mode) { WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "entered setUseClientMode(" + mode + ")"); - EngineHelper.setUseClientMode(mode); + this.engineHelper.setUseClientMode(mode); this.clientModeSet = true; } @@ -1430,55 +1431,55 @@ public synchronized void setUseClientMode(boolean mode) { public synchronized boolean getUseClientMode() { WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "entered getUseClientMode()"); - return EngineHelper.getUseClientMode(); + return this.engineHelper.getUseClientMode(); } @Override public synchronized void setNeedClientAuth(boolean need) { WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "entered setNeedClientAuth(" + need + ")"); - EngineHelper.setNeedClientAuth(need); + this.engineHelper.setNeedClientAuth(need); } @Override public synchronized boolean getNeedClientAuth() { WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "entered getNeedClientAuth()"); - return EngineHelper.getNeedClientAuth(); + return this.engineHelper.getNeedClientAuth(); } @Override public synchronized void setWantClientAuth(boolean want) { WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "entered setWantClientAuth(" + want + ")"); - EngineHelper.setWantClientAuth(want); + this.engineHelper.setWantClientAuth(want); } @Override public synchronized boolean getWantClientAuth() { WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "entered getWantClientAuth()"); - return EngineHelper.getWantClientAuth(); + return this.engineHelper.getWantClientAuth(); } @Override public synchronized void setEnableSessionCreation(boolean flag) { WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "entered setEnableSessionCreation(" + flag + ")"); - EngineHelper.setEnableSessionCreation(flag); + this.engineHelper.setEnableSessionCreation(flag); } @Override public synchronized boolean getEnableSessionCreation() { WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "entered getEnableSessionCreation()"); - return EngineHelper.getEnableSessionCreation(); + return this.engineHelper.getEnableSessionCreation(); } public synchronized String getApplicationProtocol() { WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "entered getApplicationProtocol()"); - return EngineHelper.getAlpnSelectedProtocolString(); + return this.engineHelper.getAlpnSelectedProtocolString(); } /** @@ -1501,7 +1502,7 @@ public synchronized String getHandshakeApplicationProtocol() { "entered getHandshakeApplicationProtocol()"); if (!this.needInit && !this.handshakeFinished) { - return EngineHelper.getAlpnSelectedProtocolString(); + return this.engineHelper.getAlpnSelectedProtocolString(); } return null; @@ -1786,7 +1787,6 @@ protected synchronized void finalize() throws Throwable { this.ssl.freeSSL(); this.ssl = null; } - this.EngineHelper = null; super.finalize(); } } diff --git a/src/java/com/wolfssl/provider/jsse/WolfSSLEngineHelper.java b/src/java/com/wolfssl/provider/jsse/WolfSSLEngineHelper.java index ea3316ee..257eec22 100644 --- a/src/java/com/wolfssl/provider/jsse/WolfSSLEngineHelper.java +++ b/src/java/com/wolfssl/provider/jsse/WolfSSLEngineHelper.java @@ -284,7 +284,8 @@ else if (engine != null) { * @throws IOException on error concatenating certificate chain into * single byte array */ - protected void LoadKeyAndCertChain(Socket sock, SSLEngine engine) + protected synchronized void LoadKeyAndCertChain( + Socket sock, SSLEngine engine) throws WolfSSLException, CertificateEncodingException, IOException { int ret; @@ -388,7 +389,7 @@ protected void LoadKeyAndCertChain(Socket sock, SSLEngine engine) * @param hostname peer hostname String * @param port peer port number */ - protected void setHostAndPort(String hostname, int port) { + protected synchronized void setHostAndPort(String hostname, int port) { WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "entered setHostAndPort()"); @@ -403,7 +404,7 @@ protected void setHostAndPort(String hostname, int port) { * * @param peerAddr InetAddress of peer */ - protected void setPeerAddress(InetAddress peerAddr) { + protected synchronized void setPeerAddress(InetAddress peerAddr) { WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "entered setPeerAddress()"); @@ -416,7 +417,7 @@ protected void setPeerAddress(InetAddress peerAddr) { * * @return com.wolfssl.WolfSSLSession for this object */ - protected WolfSSLSession getWolfSSLSession() { + protected synchronized WolfSSLSession getWolfSSLSession() { return ssl; } @@ -425,7 +426,7 @@ protected WolfSSLSession getWolfSSLSession() { * * @return WolfSSLImplementSession for this object */ - protected WolfSSLImplementSSLSession getSession() { + protected synchronized WolfSSLImplementSSLSession getSession() { if (this.session == null) { WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, @@ -444,7 +445,7 @@ protected WolfSSLImplementSSLSession getSession() { * * @return String array of all supported cipher suites */ - protected String[] getAllCiphers() { + protected synchronized String[] getAllCiphers() { return WolfSSLUtil.sanitizeSuites(WolfSSL.getCiphersIana()); } @@ -454,7 +455,7 @@ protected String[] getAllCiphers() { * * @return String array of all enabled cipher suites */ - protected String[] getCiphers() { + protected synchronized String[] getCiphers() { return WolfSSLUtil.sanitizeSuites(this.params.getCipherSuites()); } @@ -469,7 +470,8 @@ protected String[] getCiphers() { * cipher suites, input array is null, or input array has length * zero */ - protected void setCiphers(String[] suites) throws IllegalArgumentException { + protected synchronized void setCiphers(String[] suites) + throws IllegalArgumentException { if (suites == null) { throw new IllegalArgumentException("input array is null"); @@ -501,7 +503,8 @@ protected void setCiphers(String[] suites) throws IllegalArgumentException { * @throws IllegalArgumentException if input array is null, * has length zero, or contains invalid/unsupported protocols */ - protected void setProtocols(String[] p) throws IllegalArgumentException { + protected synchronized void setProtocols(String[] p) + throws IllegalArgumentException { if (p == null) { throw new IllegalArgumentException("input array is null"); @@ -528,7 +531,7 @@ protected void setProtocols(String[] p) throws IllegalArgumentException { * * @return String array of enabled SSL/TLS protocols */ - protected String[] getProtocols() { + protected synchronized String[] getProtocols() { return WolfSSLUtil.sanitizeProtocols(this.params.getProtocols()); } @@ -539,7 +542,7 @@ protected String[] getProtocols() { * * @return String array of supported protocols */ - protected String[] getAllProtocols() { + protected synchronized String[] getAllProtocols() { return WolfSSLUtil.sanitizeProtocols(WolfSSL.getProtocols()); } @@ -551,7 +554,7 @@ protected String[] getAllProtocols() { * @throws IllegalArgumentException if called after SSL/TLS handshake * has been completed. Only allowed before. */ - protected void setUseClientMode(boolean mode) + protected synchronized void setUseClientMode(boolean mode) throws IllegalArgumentException { if (this.ssl.handshakeDone()) { @@ -574,7 +577,7 @@ protected void setUseClientMode(boolean mode) * * @return boolean value of clientMode set for this session */ - protected boolean getUseClientMode() { + protected synchronized boolean getUseClientMode() { return this.clientMode; } @@ -583,7 +586,7 @@ protected boolean getUseClientMode() { * * @param need boolean if session needs client authentication */ - protected void setNeedClientAuth(boolean need) { + protected synchronized void setNeedClientAuth(boolean need) { this.params.setNeedClientAuth(need); } @@ -592,7 +595,7 @@ protected void setNeedClientAuth(boolean need) { * * @return boolean value for needClientAuth */ - protected boolean getNeedClientAuth() { + protected synchronized boolean getNeedClientAuth() { return this.params.getNeedClientAuth(); } @@ -601,7 +604,7 @@ protected boolean getNeedClientAuth() { * * @param want boolean value of wantClientAuth for this session */ - protected void setWantClientAuth(boolean want) { + protected synchronized void setWantClientAuth(boolean want) { this.params.setWantClientAuth(want); } @@ -610,7 +613,7 @@ protected void setWantClientAuth(boolean want) { * * @return boolean value for wantClientAuth */ - protected boolean getWantClientAuth() { + protected synchronized boolean getWantClientAuth() { return this.params.getWantClientAuth(); } @@ -619,7 +622,7 @@ protected boolean getWantClientAuth() { * * @param flag boolean to set enable session creation */ - protected void setEnableSessionCreation(boolean flag) { + protected synchronized void setEnableSessionCreation(boolean flag) { this.sessionCreation = flag; } @@ -628,7 +631,7 @@ protected void setEnableSessionCreation(boolean flag) { * * @return boolean value for enableSessionCreation */ - protected boolean getEnableSessionCreation() { + protected synchronized boolean getEnableSessionCreation() { return this.sessionCreation; } @@ -637,7 +640,7 @@ protected boolean getEnableSessionCreation() { * * @param flag boolean to enable/disable session tickets */ - protected void setUseSessionTickets(boolean flag) { + protected synchronized void setUseSessionTickets(boolean flag) { this.params.setUseSessionTickets(flag); } @@ -646,7 +649,7 @@ protected void setUseSessionTickets(boolean flag) { * * @param alpnProtos encoded byte array of ALPN protocols */ - protected void setAlpnProtocols(byte[] alpnProtos) { + protected synchronized void setAlpnProtocols(byte[] alpnProtos) { this.params.setAlpnProtocols(alpnProtos); } @@ -658,7 +661,7 @@ protected void setAlpnProtocols(byte[] alpnProtos) { * @return encoded byte array for selected ALPN protocol or null if * handshake has not finished */ - protected byte[] getAlpnSelectedProtocol() { + protected synchronized byte[] getAlpnSelectedProtocol() { if (this.ssl.handshakeDone()) { return ssl.getAlpnSelected(); } @@ -672,7 +675,7 @@ protected byte[] getAlpnSelectedProtocol() { * if protocol is not available yet, or empty String if * ALPN will not be used for this connection. */ - protected String getAlpnSelectedProtocolString() { + protected synchronized String getAlpnSelectedProtocolString() { String proto = ssl.getAlpnSelectedString(); WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, @@ -1133,7 +1136,9 @@ private void setLocalParams(SSLSocket socket, SSLEngine engine) * @throws SSLHandshakeException session creation is not allowed * */ - protected void initHandshake(SSLSocket socket) throws SSLException { + protected synchronized void initHandshake(SSLSocket socket) + throws SSLException { + initHandshakeInternal(socket, null); } @@ -1152,7 +1157,9 @@ protected void initHandshake(SSLSocket socket) throws SSLException { * @throws SSLHandshakeException session creation is not allowed * */ - protected void initHandshake(SSLEngine engine) throws SSLException { + protected synchronized void initHandshake(SSLEngine engine) + throws SSLException { + initHandshakeInternal(null, engine); } @@ -1235,7 +1242,7 @@ private void initHandshakeInternal(SSLSocket socket, SSLEngine engine) * on native socket error * @throws SocketTimeoutException if socket timed out */ - protected int doHandshake(int isSSLEngine, int timeout) + protected synchronized int doHandshake(int isSSLEngine, int timeout) throws SSLException, SocketTimeoutException { int ret, err; diff --git a/src/java/com/wolfssl/provider/jsse/WolfSSLImplementSSLSession.java b/src/java/com/wolfssl/provider/jsse/WolfSSLImplementSSLSession.java index 464c51d9..e0e92fe9 100644 --- a/src/java/com/wolfssl/provider/jsse/WolfSSLImplementSSLSession.java +++ b/src/java/com/wolfssl/provider/jsse/WolfSSLImplementSSLSession.java @@ -315,7 +315,7 @@ public long getLastAccessedTime() { /** * Invalidate this session */ - public void invalidate() { + public synchronized void invalidate() { this.valid = false; } @@ -324,7 +324,7 @@ public void invalidate() { * * @return boolean if this session is valid */ - public boolean isValid() { + public synchronized boolean isValid() { return this.valid; } @@ -333,7 +333,7 @@ public boolean isValid() { * session is then valid and can be joined or resumed * @param in true/false valid boolean */ - protected void setValid(boolean in) { + protected synchronized void setValid(boolean in) { this.valid = in; } @@ -836,7 +836,7 @@ public String[] getPeerSupportedSignatureAlgorithms() { * if no SNI names were requested. */ @Override - public List getRequestedServerNames() + public synchronized List getRequestedServerNames() throws UnsupportedOperationException { byte[] sniRequestArr = null; @@ -863,7 +863,7 @@ public List getRequestedServerNames() @SuppressWarnings("deprecation") @Override - protected void finalize() throws Throwable + protected synchronized void finalize() throws Throwable { WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "entered finalize(): this.sesPtr = " + this.sesPtr); diff --git a/src/java/com/wolfssl/provider/jsse/WolfSSLSocket.java b/src/java/com/wolfssl/provider/jsse/WolfSSLSocket.java index 3f67ec9b..74a844e0 100644 --- a/src/java/com/wolfssl/provider/jsse/WolfSSLSocket.java +++ b/src/java/com/wolfssl/provider/jsse/WolfSSLSocket.java @@ -1781,7 +1781,7 @@ public synchronized SSLParameters getSSLParameters() { * @throws SSLException if native JNI call fails or underlying * WolfSSLSession has been freed */ - public boolean sessionResumed() throws SSLException { + public synchronized boolean sessionResumed() throws SSLException { if (this.ssl != null) { try { int resume = this.ssl.sessionReused();