From 2eaa54d89259065ce702cccb2ab4619f5669a75d Mon Sep 17 00:00:00 2001 From: Chris Conlon Date: Fri, 12 May 2023 14:27:53 -0600 Subject: [PATCH] add script to run Facebook Infer, fix reported issues --- .gitignore | 4 + scripts/infer.sh | 80 ++++ src/java/com/wolfssl/WolfSSL.java | 4 +- src/java/com/wolfssl/WolfSSLCertManager.java | 28 +- src/java/com/wolfssl/WolfSSLCertificate.java | 4 +- src/java/com/wolfssl/WolfSSLContext.java | 158 +++----- src/java/com/wolfssl/WolfSSLSession.java | 379 ++++++++---------- .../wolfssl/provider/jsse/WolfSSLEngine.java | 8 +- .../provider/jsse/WolfSSLEngineHelper.java | 45 ++- .../jsse/WolfSSLImplementSSLSession.java | 2 +- .../wolfssl/provider/jsse/WolfSSLSocket.java | 58 ++- 11 files changed, 402 insertions(+), 368 deletions(-) create mode 100755 scripts/infer.sh diff --git a/.gitignore b/.gitignore index a2b6bfc..0f7b6e2 100644 --- a/.gitignore +++ b/.gitignore @@ -29,3 +29,7 @@ IDE/WIN/DLL Release FIPS # RPM package files rpm/spec *.rpm + +# infer RacerD +infer-out/ + diff --git a/scripts/infer.sh b/scripts/infer.sh new file mode 100755 index 0000000..5045b00 --- /dev/null +++ b/scripts/infer.sh @@ -0,0 +1,80 @@ +#!/bin/bash + +# Simple script to run Facebook Infer over java files included in this package. +# +# This is set up to run entire infer over Java classes in this package. To +# only run the RacerD thread safety analysis tool, change the command +# invocation below from "run" to "--racerd-only", ie: +# +# infer --racerd-only -- javac \ +# +# Run from wolfssljni root: +# +# $ cd wolfssljni +# $ ./scripts/infer.sh +# +# wolfSSL Inc, May 2023 +# + +infer run -- javac \ + src/java/com/wolfssl/WolfSSLCertificate.java \ + src/java/com/wolfssl/WolfSSLCertManager.java \ + src/java/com/wolfssl/WolfSSLContext.java \ + src/java/com/wolfssl/WolfSSLCustomUser.java \ + src/java/com/wolfssl/WolfSSLDecryptVerifyCallback.java \ + src/java/com/wolfssl/WolfSSLEccSharedSecretCallback.java \ + src/java/com/wolfssl/WolfSSLEccSignCallback.java \ + src/java/com/wolfssl/WolfSSLEccVerifyCallback.java \ + src/java/com/wolfssl/WolfSSLException.java \ + src/java/com/wolfssl/WolfSSLFIPSErrorCallback.java \ + src/java/com/wolfssl/WolfSSLGenCookieCallback.java \ + src/java/com/wolfssl/WolfSSLIORecvCallback.java \ + src/java/com/wolfssl/WolfSSLIOSendCallback.java \ + src/java/com/wolfssl/WolfSSL.java \ + src/java/com/wolfssl/WolfSSLJNIException.java \ + src/java/com/wolfssl/WolfSSLLoggingCallback.java \ + src/java/com/wolfssl/WolfSSLMacEncryptCallback.java \ + src/java/com/wolfssl/WolfSSLMissingCRLCallback.java \ + src/java/com/wolfssl/WolfSSLPskClientCallback.java \ + src/java/com/wolfssl/WolfSSLPskServerCallback.java \ + src/java/com/wolfssl/WolfSSLRsaDecCallback.java \ + src/java/com/wolfssl/WolfSSLRsaEncCallback.java \ + src/java/com/wolfssl/WolfSSLRsaSignCallback.java \ + src/java/com/wolfssl/WolfSSLRsaVerifyCallback.java \ + src/java/com/wolfssl/WolfSSLSession.java \ + src/java/com/wolfssl/WolfSSLVerifyCallback.java \ + src/java/com/wolfssl/WolfSSLX509StoreCtx.java \ + src/java/com/wolfssl/wolfcrypt/ECC.java \ + src/java/com/wolfssl/wolfcrypt/EccKey.java \ + src/java/com/wolfssl/wolfcrypt/RSA.java \ + src/java/com/wolfssl/provider/jsse/WolfSSLAuthStore.java \ + src/java/com/wolfssl/provider/jsse/WolfSSLContext.java \ + src/java/com/wolfssl/provider/jsse/WolfSSLDebug.java \ + src/java/com/wolfssl/provider/jsse/WolfSSLEngineHelper.java \ + src/java/com/wolfssl/provider/jsse/WolfSSLEngine.java \ + src/java/com/wolfssl/provider/jsse/WolfSSLGenericHostName.java \ + src/java/com/wolfssl/provider/jsse/WolfSSLImplementSSLSession.java \ + src/java/com/wolfssl/provider/jsse/WolfSSLInternalVerifyCb.java \ + src/java/com/wolfssl/provider/jsse/WolfSSLKeyManager.java \ + src/java/com/wolfssl/provider/jsse/WolfSSLKeyX509.java \ + src/java/com/wolfssl/provider/jsse/WolfSSLParametersHelper.java \ + src/java/com/wolfssl/provider/jsse/WolfSSLParameters.java \ + src/java/com/wolfssl/provider/jsse/WolfSSLProvider.java \ + src/java/com/wolfssl/provider/jsse/WolfSSLServerSocketFactory.java \ + src/java/com/wolfssl/provider/jsse/WolfSSLServerSocket.java \ + src/java/com/wolfssl/provider/jsse/WolfSSLSessionContext.java \ + src/java/com/wolfssl/provider/jsse/WolfSSLSNIServerName.java \ + src/java/com/wolfssl/provider/jsse/WolfSSLSocketFactory.java \ + src/java/com/wolfssl/provider/jsse/WolfSSLSocket.java \ + src/java/com/wolfssl/provider/jsse/WolfSSLTrustManager.java \ + src/java/com/wolfssl/provider/jsse/WolfSSLTrustX509.java \ + src/java/com/wolfssl/provider/jsse/WolfSSLX509.java \ + src/java/com/wolfssl/provider/jsse/WolfSSLX509X.java \ + src/java/com/wolfssl/provider/jsse/adapter/WolfSSLJDK8Helper.java + +# remove compiled class files +rm -r ./com + +# remove infer out directory (comment this out to inspect logs if needed) +rm -r ./infer-out + diff --git a/src/java/com/wolfssl/WolfSSL.java b/src/java/com/wolfssl/WolfSSL.java index 76e64c5..dfddbe1 100644 --- a/src/java/com/wolfssl/WolfSSL.java +++ b/src/java/com/wolfssl/WolfSSL.java @@ -430,8 +430,8 @@ public class WolfSSL { int fipsLoaded = 0; - String osName = System.getProperty("os.name").toLowerCase(); - if (osName.contains("win")) { + String osName = System.getProperty("os.name"); + if (osName != null && osName.toLowerCase().contains("win")) { try { /* Default wolfCrypt FIPS library on Windows is compiled * as "wolfssl-fips" by Visual Studio solution */ diff --git a/src/java/com/wolfssl/WolfSSLCertManager.java b/src/java/com/wolfssl/WolfSSLCertManager.java index 065297b..e03994f 100644 --- a/src/java/com/wolfssl/WolfSSLCertManager.java +++ b/src/java/com/wolfssl/WolfSSLCertManager.java @@ -70,7 +70,7 @@ public class WolfSSLCertManager { * * @return WolfSSL.SSL_SUCESS on success, negative on error */ - public int CertManagerLoadCA(String f, String d) { + public synchronized int CertManagerLoadCA(String f, String d) { if (this.active == false) throw new IllegalStateException("Object has been freed"); @@ -88,7 +88,9 @@ public class WolfSSLCertManager { * * @return WolfSSL.SSL_SUCCESS on success, negative on error */ - public int CertManagerLoadCABuffer(byte[] in, long sz, int format) { + public synchronized int CertManagerLoadCABuffer( + byte[] in, long sz, int format) { + if (this.active == false) throw new IllegalStateException("Object has been freed"); @@ -103,7 +105,9 @@ public class WolfSSLCertManager { * @return WolfSSL.SSL_SUCCESS if at least one cert was loaded * successfully, otherwise WolfSSL.SSL_FAILURE. */ - public int CertManagerLoadCAKeyStore(KeyStore ks) throws WolfSSLException { + public synchronized int CertManagerLoadCAKeyStore(KeyStore ks) + throws WolfSSLException { + int ret = 0; int loadedCerts = 0; @@ -156,7 +160,7 @@ public class WolfSSLCertManager { * * @return WolfSSL.SSL_SUCCESS on success, negative on error. */ - public int CertManagerUnloadCAs() { + public synchronized int CertManagerUnloadCAs() { if (this.active == false) { throw new IllegalStateException("Object has been freed"); } @@ -176,7 +180,9 @@ public class WolfSSLCertManager { * @return WolfSSL.SSL_SUCCESS on successful verification, otherwise * negative on error. */ - public int CertManagerVerifyBuffer(byte[] in, long sz, int format) { + public synchronized int CertManagerVerifyBuffer( + byte[] in, long sz, int format) { + if (this.active == false) throw new IllegalStateException("Object has been freed"); @@ -206,13 +212,11 @@ public class WolfSSLCertManager { @Override protected void finalize() throws Throwable { - if (this.active == true) { - try { - this.free(); - } catch (IllegalStateException e) { - /* already freed */ - } - this.active = false; + try { + /* checks active state in this.free() */ + this.free(); + } catch (IllegalStateException e) { + /* already freed */ } super.finalize(); } diff --git a/src/java/com/wolfssl/WolfSSLCertificate.java b/src/java/com/wolfssl/WolfSSLCertificate.java index 07e493c..838b82d 100644 --- a/src/java/com/wolfssl/WolfSSLCertificate.java +++ b/src/java/com/wolfssl/WolfSSLCertificate.java @@ -641,9 +641,9 @@ public class WolfSSLCertificate { /* cache altNames collection for later use */ this.altNames = Collections.unmodifiableCollection(names); - } - return this.altNames; + return this.altNames; + } } /** diff --git a/src/java/com/wolfssl/WolfSSLContext.java b/src/java/com/wolfssl/WolfSSLContext.java index 9d03cf7..fda74f7 100644 --- a/src/java/com/wolfssl/WolfSSLContext.java +++ b/src/java/com/wolfssl/WolfSSLContext.java @@ -97,7 +97,7 @@ public class WolfSSLContext { /* ------------------- private/protected methods -------------------- */ - long getContextPtr() + protected synchronized long getContextPtr() { if (this.active == false) { return 0; @@ -310,6 +310,19 @@ public class WolfSSLContext { return ret; } + /** + * Verifies that the current WolfSSLContext object is active. + * + * @throws IllegalStateException if object has been freed + */ + private synchronized void confirmObjectIsActive() + throws IllegalStateException { + + if (this.active == false) { + throw new IllegalStateException( + "WolfSSLContext object has been freed"); + } + } /* ------------------ native method declarations -------------------- */ @@ -392,8 +405,7 @@ public class WolfSSLContext { public int useCertificateFile(String file, int format) throws IllegalStateException, NullPointerException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return useCertificateFile(getContextPtr(), file, format); } @@ -426,8 +438,7 @@ public class WolfSSLContext { public int usePrivateKeyFile(String file, int format) throws IllegalStateException, NullPointerException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return usePrivateKeyFile(getContextPtr(), file, format); } @@ -478,8 +489,7 @@ public class WolfSSLContext { public int loadVerifyLocations(String file, String path) throws IllegalStateException, NullPointerException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return loadVerifyLocations(getContextPtr(), file, path); } @@ -507,8 +517,7 @@ public class WolfSSLContext { public int useCertificateChainFile(String file) throws IllegalStateException, NullPointerException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return useCertificateChainFile(getContextPtr(), file); } @@ -551,8 +560,7 @@ public class WolfSSLContext { public void setVerify(int mode, WolfSSLVerifyCallback callback) throws IllegalStateException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); setVerify(getContextPtr(), mode, callback); } @@ -569,8 +577,7 @@ public class WolfSSLContext { public long setOptions(long op) throws IllegalStateException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return setOptions(getContextPtr(), op); } @@ -586,8 +593,7 @@ public class WolfSSLContext { public long getOptions() throws IllegalStateException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return getOptions(getContextPtr()); } @@ -602,8 +608,7 @@ public class WolfSSLContext { */ public synchronized void free() throws IllegalStateException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); /* free native resources */ freeContext(this.sslCtxPtr); @@ -641,8 +646,7 @@ public class WolfSSLContext { public int memsaveCertCache(byte[] mem, int sz, int[] used) throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return memsaveCertCache(getContextPtr(), mem, sz, used); } @@ -675,8 +679,7 @@ public class WolfSSLContext { public int memrestoreCertCache(byte[] mem, int sz) throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return memrestoreCertCache(getContextPtr(), mem, sz); } @@ -698,8 +701,7 @@ public class WolfSSLContext { public int getCertCacheMemsize() throws IllegalStateException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return getCertCacheMemsize(getContextPtr()); } @@ -715,8 +717,8 @@ public class WolfSSLContext { * @throws IllegalStateException WolfSSLContext has been freed */ public long setCacheSize(long sz) throws IllegalStateException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + + confirmObjectIsActive(); return setCacheSize(getContextPtr(), sz); } @@ -730,8 +732,8 @@ public class WolfSSLContext { * @throws IllegalStateException WolfSSLContext has been freed */ public long getCacheSize() throws IllegalStateException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + + confirmObjectIsActive(); return getCacheSize(getContextPtr()); } @@ -765,8 +767,7 @@ public class WolfSSLContext { public int setCipherList(String list) throws IllegalStateException, NullPointerException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return setCipherList(getContextPtr(), list); } @@ -811,8 +812,7 @@ public class WolfSSLContext { public int loadVerifyBuffer(byte[] in, long sz, int format) throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return loadVerifyBuffer(getContextPtr(), in, sz, format); } @@ -848,8 +848,7 @@ public class WolfSSLContext { public int useCertificateBuffer(byte[] in, long sz, int format) throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return useCertificateBuffer(getContextPtr(), in, sz, format); } @@ -888,8 +887,7 @@ public class WolfSSLContext { public int usePrivateKeyBuffer(byte[] in, long sz, int format) throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return usePrivateKeyBuffer(getContextPtr(), in, sz, format); } @@ -928,8 +926,7 @@ public class WolfSSLContext { public int useCertificateChainBuffer(byte[] in, long sz) throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return useCertificateChainBuffer(getContextPtr(), in, sz); } @@ -972,8 +969,7 @@ public class WolfSSLContext { public int useCertificateChainBufferFormat(byte[] in, long sz, int format) throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return useCertificateChainBufferFormat(getContextPtr(), in, sz, format); } @@ -989,8 +985,7 @@ public class WolfSSLContext { */ public int setGroupMessages() throws IllegalStateException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return setGroupMessages(getContextPtr()); } @@ -1018,8 +1013,7 @@ public class WolfSSLContext { public void setIORecv(WolfSSLIORecvCallback callback) throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); /* set user I/O recv */ internRecvCb = callback; @@ -1051,8 +1045,7 @@ public class WolfSSLContext { public void setIOSend(WolfSSLIOSendCallback callback) throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); /* set user I/O send */ internSendCb = callback; @@ -1084,8 +1077,7 @@ public class WolfSSLContext { public void setGenCookie(WolfSSLGenCookieCallback callback) throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); /* set DTLS cookie generation callback */ internCookieCb = callback; @@ -1119,8 +1111,7 @@ public class WolfSSLContext { */ public int enableCRL(int options) throws IllegalStateException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return enableCRL(getContextPtr(), options); } @@ -1144,8 +1135,7 @@ public class WolfSSLContext { */ public int disableCRL() throws IllegalStateException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return disableCRL(getContextPtr()); } @@ -1192,8 +1182,7 @@ public class WolfSSLContext { public int loadCRL(String path, int type, int monitor) throws IllegalStateException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return loadCRL(getContextPtr(), path, type, monitor); } @@ -1218,8 +1207,7 @@ public class WolfSSLContext { public int setCRLCb(WolfSSLMissingCRLCallback cb) throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return setCRLCb(getContextPtr(), cb); } @@ -1249,8 +1237,7 @@ public class WolfSSLContext { public int enableOCSP(long options) throws IllegalStateException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return enableOCSP(getContextPtr(), options); } @@ -1265,8 +1252,7 @@ public class WolfSSLContext { */ public int disableOCSP() throws IllegalStateException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return disableOCSP(getContextPtr()); } @@ -1291,8 +1277,7 @@ public class WolfSSLContext { public int setOCSPOverrideUrl(String url) throws IllegalStateException, NullPointerException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return setOCSPOverrideUrl(getContextPtr(), url); } @@ -1325,8 +1310,7 @@ public class WolfSSLContext { public void setMacEncryptCb(WolfSSLMacEncryptCallback callback) throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); /* set MAC encrypt callback */ internMacEncryptCb = callback; @@ -1363,8 +1347,7 @@ public class WolfSSLContext { public void setDecryptVerifyCb(WolfSSLDecryptVerifyCallback callback) throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); /* set decrypt/verify callback */ internDecryptVerifyCb = callback; @@ -1398,8 +1381,7 @@ public class WolfSSLContext { public void setEccSignCb(WolfSSLEccSignCallback callback) throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); /* set ecc sign callback */ internEccSignCb = callback; @@ -1433,8 +1415,7 @@ public class WolfSSLContext { public void setEccVerifyCb(WolfSSLEccVerifyCallback callback) throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); /* set ecc verify callback */ internEccVerifyCb = callback; @@ -1483,8 +1464,7 @@ public class WolfSSLContext { public void setEccSharedSecretCb(WolfSSLEccSharedSecretCallback callback) throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); /* set ecc shared secret callback */ internEccSharedSecretCb = callback; @@ -1518,8 +1498,7 @@ public class WolfSSLContext { public void setRsaSignCb(WolfSSLRsaSignCallback callback) throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); /* set rsa sign callback */ internRsaSignCb = callback; @@ -1553,8 +1532,7 @@ public class WolfSSLContext { public void setRsaVerifyCb(WolfSSLRsaVerifyCallback callback) throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); /* set rsa verify callback */ internRsaVerifyCb = callback; @@ -1588,8 +1566,7 @@ public class WolfSSLContext { public void setRsaEncCb(WolfSSLRsaEncCallback callback) throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); /* set rsa public encrypt callback */ internRsaEncCb = callback; @@ -1622,8 +1599,7 @@ public class WolfSSLContext { public void setRsaDecCb(WolfSSLRsaDecCallback callback) throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); /* set rsa private decrypt callback */ internRsaDecCb = callback; @@ -1660,8 +1636,7 @@ public class WolfSSLContext { public void setPskClientCb(WolfSSLPskClientCallback callback) throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); /* set PSK client callback */ internPskClientCb = callback; @@ -1697,8 +1672,7 @@ public class WolfSSLContext { public void setPskServerCb(WolfSSLPskServerCallback callback) throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); /* set PSK server callback */ internPskServerCb = callback; @@ -1725,8 +1699,7 @@ public class WolfSSLContext { */ public int usePskIdentityHint(String hint) { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return usePskIdentityHint(getContextPtr(), hint); } @@ -1744,8 +1717,7 @@ public class WolfSSLContext { */ public int useSecureRenegotiation() throws IllegalStateException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return useSecureRenegotiation(getContextPtr()); } @@ -1754,13 +1726,11 @@ public class WolfSSLContext { @Override protected void finalize() throws Throwable { - if (this.active == true) { - try { - this.free(); - } catch (IllegalStateException e) { - /* already freed */ - } - this.active = false; + try { + /* free() checks and resets this.active */ + this.free(); + } catch (IllegalStateException e) { + /* already freed */ } super.finalize(); } diff --git a/src/java/com/wolfssl/WolfSSLSession.java b/src/java/com/wolfssl/WolfSSLSession.java index 2c1a327..1c62b12 100644 --- a/src/java/com/wolfssl/WolfSSLSession.java +++ b/src/java/com/wolfssl/WolfSSLSession.java @@ -108,16 +108,6 @@ public class WolfSSLSession { return ctx; } - Object getIOReadCtx() - { - return this.ioReadCtx; - } - - Object getIOWriteCtx() - { - return this.ioWriteCtx; - } - Object getGenCookieCtx() { return this.genCookieCtx; } @@ -183,6 +173,20 @@ public class WolfSSLSession { return ret; } + /** + * Verifies that the current WolfSSLSession object is active. + * + * @throws IllegalStateException if object has been freed + */ + private synchronized void confirmObjectIsActive() + throws IllegalStateException { + + if (this.active == false) { + throw new IllegalStateException( + "WolfSSLSession object has been freed"); + } + } + /* ------------------ native method declarations -------------------- */ private native long newSSL(long ctx); @@ -311,8 +315,7 @@ public class WolfSSLSession { public int useCertificateFile(String file, int format) throws IllegalStateException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return useCertificateFile(getSessionPtr(), file, format); } @@ -345,8 +348,7 @@ public class WolfSSLSession { public int usePrivateKeyFile(String file, int format) throws IllegalStateException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return usePrivateKeyFile(getSessionPtr(), file, format); } @@ -374,8 +376,7 @@ public class WolfSSLSession { public int useCertificateChainFile(String file) throws IllegalStateException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return useCertificateChainFile(getSessionPtr(), file); } @@ -393,8 +394,7 @@ public class WolfSSLSession { */ public int setFd(Socket sd) throws IllegalStateException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return setFd(getSessionPtr(), sd, 1); } @@ -412,8 +412,7 @@ public class WolfSSLSession { */ public int setFd(DatagramSocket sd) throws IllegalStateException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return setFd(getSessionPtr(), sd, 2); } @@ -437,8 +436,7 @@ public class WolfSSLSession { public void setUsingNonblock(int nonblock) throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); setUsingNonblock(getSessionPtr(), nonblock); } @@ -461,8 +459,7 @@ public class WolfSSLSession { public int getUsingNonblock() throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return getUsingNonblock(getSessionPtr()); } @@ -480,8 +477,7 @@ public class WolfSSLSession { public int getFd() throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return getFd(getSessionPtr()); } @@ -525,8 +521,7 @@ public class WolfSSLSession { int ret = 0; - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); ret = connect(getSessionPtr(), 0); @@ -581,8 +576,7 @@ public class WolfSSLSession { int ret; - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); ret = connect(getSessionPtr(), timeout); @@ -626,8 +620,7 @@ public class WolfSSLSession { */ public int write(byte[] data, int length) throws IllegalStateException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return write(getSessionPtr(), data, length, 0); } @@ -671,8 +664,7 @@ public class WolfSSLSession { int ret; - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); ret = write(getSessionPtr(), data, length, timeout); @@ -719,8 +711,7 @@ public class WolfSSLSession { */ public int read(byte[] data, int sz) throws IllegalStateException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return read(getSessionPtr(), data, sz, 0); } @@ -766,8 +757,7 @@ public class WolfSSLSession { int ret; - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); ret = read(getSessionPtr(), data, sz, timeout); @@ -806,8 +796,7 @@ public class WolfSSLSession { */ public int accept() throws IllegalStateException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return accept(getSessionPtr()); } @@ -864,8 +853,7 @@ public class WolfSSLSession { */ public int shutdownSSL() throws IllegalStateException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return shutdownSSL(getSessionPtr(), 0); } @@ -906,8 +894,7 @@ public class WolfSSLSession { int ret; - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); ret = shutdownSSL(getSessionPtr(), timeout); @@ -938,8 +925,7 @@ public class WolfSSLSession { */ public int getError(int ret) throws IllegalStateException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return getError(getSessionPtr(), ret); } @@ -967,8 +953,7 @@ public class WolfSSLSession { */ public int setSession(long session) throws IllegalStateException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return setSession(getSessionPtr(), session); } @@ -996,8 +981,7 @@ public class WolfSSLSession { */ public long getSession() throws IllegalStateException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return getSession(getSessionPtr()); } @@ -1012,8 +996,7 @@ public class WolfSSLSession { */ public byte[] getSessionID() throws IllegalStateException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); long sess = getSession(); if (sess != 0) { @@ -1032,8 +1015,8 @@ public class WolfSSLSession { * @throws IllegalStateException WolfSSLSession has been freed */ public long getCacheSize() throws IllegalStateException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + + confirmObjectIsActive(); return this.getAssociatedContextPtr().getCacheSize(); } @@ -1053,8 +1036,7 @@ public class WolfSSLSession { long session; - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); session = this.getSession(); if (session == 0) { @@ -1076,8 +1058,7 @@ public class WolfSSLSession { */ public long getSessTimeout() throws IllegalStateException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return getSessTimeout(this.getSession()); } @@ -1093,8 +1074,7 @@ public class WolfSSLSession { */ public long setTimeout(long t) throws IllegalStateException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return setTimeout(getSessionPtr(), t); } @@ -1109,8 +1089,7 @@ public class WolfSSLSession { */ public long getTimeout() throws IllegalStateException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return getTimeout(getSessionPtr()); } @@ -1140,8 +1119,7 @@ public class WolfSSLSession { */ public int setCipherList(String list) throws IllegalStateException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return setCipherList(getSessionPtr(), list); } @@ -1169,8 +1147,7 @@ public class WolfSSLSession { public int dtlsGetCurrentTimeout() throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return dtlsGetCurrentTimeout(getSessionPtr()); } @@ -1197,8 +1174,7 @@ public class WolfSSLSession { public int dtlsGotTimeout() throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return dtlsGotTimeout(getSessionPtr()); } @@ -1218,8 +1194,7 @@ public class WolfSSLSession { public int dtls() throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return dtls(getSessionPtr()); } @@ -1241,8 +1216,7 @@ public class WolfSSLSession { public int dtlsSetPeer(InetSocketAddress peer) throws IllegalStateException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return dtlsSetPeer(getSessionPtr(), peer); } @@ -1260,8 +1234,7 @@ public class WolfSSLSession { */ public InetSocketAddress dtlsGetPeer() throws IllegalStateException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return dtlsGetPeer(getSessionPtr()); } @@ -1283,8 +1256,7 @@ public class WolfSSLSession { public int sessionReused() throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return sessionReused(getSessionPtr()); } @@ -1305,8 +1277,7 @@ public class WolfSSLSession { public long getPeerCertificate() throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return getPeerCertificate(getSessionPtr()); } @@ -1327,8 +1298,7 @@ public class WolfSSLSession { public String getPeerX509Issuer(long x509) throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return getPeerX509Issuer(getSessionPtr(), x509); } @@ -1349,8 +1319,7 @@ public class WolfSSLSession { public String getPeerX509Subject(long x509) throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return getPeerX509Subject(getSessionPtr(), x509); } @@ -1375,8 +1344,7 @@ public class WolfSSLSession { public String getPeerX509AltName(long x509) throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return getPeerX509AltName(getSessionPtr(), x509); } @@ -1395,8 +1363,7 @@ public class WolfSSLSession { public String getVersion() throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return getVersion(getSessionPtr()); } @@ -1416,8 +1383,7 @@ public class WolfSSLSession { public long getCurrentCipher() throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return getCurrentCipher(getSessionPtr()); } @@ -1440,8 +1406,7 @@ public class WolfSSLSession { public int checkDomainName(String dn) throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return checkDomainName(getSessionPtr(), dn); } @@ -1465,8 +1430,7 @@ public class WolfSSLSession { public int setTmpDH(byte[] p, int pSz, byte[] g, int gSz) throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return setTmpDH(getSessionPtr(), p, pSz, g, gSz); } @@ -1493,8 +1457,7 @@ public class WolfSSLSession { public int setTmpDHFile(String fname, int format) throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return setTmpDHFile(getSessionPtr(), fname, format); } @@ -1529,8 +1492,7 @@ public class WolfSSLSession { public int useCertificateBuffer(byte[] in, long sz, int format) throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return useCertificateBuffer(getSessionPtr(), in, sz, format); } @@ -1568,8 +1530,7 @@ public class WolfSSLSession { public int usePrivateKeyBuffer(byte[] in, long sz, int format) throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return usePrivateKeyBuffer(getSessionPtr(), in, sz, format); } @@ -1607,8 +1568,7 @@ public class WolfSSLSession { public int useCertificateChainBuffer(byte[] in, long sz) throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return useCertificateChainBuffer(getSessionPtr(), in, sz); } @@ -1626,8 +1586,7 @@ public class WolfSSLSession { public int setGroupMessages() throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return setGroupMessages(getSessionPtr()); } @@ -1654,12 +1613,25 @@ public class WolfSSLSession { public void setIOReadCtx(Object ctx) throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); ioReadCtx = ctx; } + /** + * Return the SSL session's receive callback context, if set. + * + * @return Object that was set with setIOReadCtx(). + * @throws IllegalStateException WolfSSLContext has been freed + */ + public Object getIOReadCtx() + throws IllegalStateException { + + confirmObjectIsActive(); + + return this.ioReadCtx; + } + /** * Registers a context for the SSL session's send callback method. * By default, wolfSSL sets the file descriptor passed to setFd() as @@ -1682,12 +1654,25 @@ public class WolfSSLSession { public void setIOWriteCtx(Object ctx) throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); ioWriteCtx = ctx; } + /** + * Return the SSL session's write callback context, if set. + * + * @return Object that was set with setIOWriteCtx(). + * @throws IllegalStateException WolfSSLContext has been freed + */ + public Object getIOWriteCtx() + throws IllegalStateException { + + confirmObjectIsActive(); + + return this.ioWriteCtx; + } + /** * Registers a context for the SSL session's DTLS cookie generation * callback method. @@ -1705,8 +1690,7 @@ public class WolfSSLSession { public void setGenCookieCtx(Object ctx) throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); genCookieCtx = ctx; } @@ -1738,8 +1722,7 @@ public class WolfSSLSession { public int enableCRL(int options) throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return enableCRL(getSessionPtr(), options); } @@ -1764,8 +1747,7 @@ public class WolfSSLSession { public int disableCRL() throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return disableCRL(getSessionPtr()); } @@ -1811,8 +1793,7 @@ public class WolfSSLSession { public int loadCRL(String path, int type, int monitor) throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return loadCRL(getSessionPtr(), path, type, monitor); } @@ -1836,8 +1817,7 @@ public class WolfSSLSession { public int setCRLCb(WolfSSLMissingCRLCallback cb) throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return setCRLCb(getSessionPtr(), cb); } @@ -1855,8 +1835,7 @@ public class WolfSSLSession { public String cipherGetName() throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return cipherGetName(getSessionPtr()); } @@ -1878,8 +1857,7 @@ public class WolfSSLSession { public byte[] getMacSecret(int verify) throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return getMacSecret(getSessionPtr(), verify); } @@ -1897,8 +1875,7 @@ public class WolfSSLSession { public byte[] getClientWriteKey() throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return getClientWriteKey(getSessionPtr()); } @@ -1918,8 +1895,7 @@ public class WolfSSLSession { public byte[] getClientWriteIV() throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return getClientWriteIV(getSessionPtr()); } @@ -1937,8 +1913,7 @@ public class WolfSSLSession { public byte[] getServerWriteKey() throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return getServerWriteKey(getSessionPtr()); } @@ -1958,8 +1933,7 @@ public class WolfSSLSession { public byte[] getServerWriteIV() throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return getServerWriteIV(getSessionPtr()); } @@ -1975,8 +1949,7 @@ public class WolfSSLSession { */ public int getKeySize() throws IllegalStateException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return getKeySize(getSessionPtr()); } @@ -1994,8 +1967,7 @@ public class WolfSSLSession { */ public int getSide() throws IllegalStateException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return getSide(getSessionPtr()); } @@ -2012,8 +1984,7 @@ public class WolfSSLSession { */ public int isTLSv1_1() throws IllegalStateException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return isTLSv1_1(getSessionPtr()); } @@ -2037,8 +2008,7 @@ public class WolfSSLSession { */ public int getBulkCipher() throws IllegalStateException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return getBulkCipher(getSessionPtr()); } @@ -2055,8 +2025,7 @@ public class WolfSSLSession { */ public int getCipherBlockSize() throws IllegalStateException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return getCipherBlockSize(getSessionPtr()); } @@ -2074,8 +2043,7 @@ public class WolfSSLSession { */ public int getAeadMacSize() throws IllegalStateException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return getAeadMacSize(getSessionPtr()); } @@ -2093,8 +2061,7 @@ public class WolfSSLSession { */ public int getHmacSize() throws IllegalStateException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return getHmacSize(getSessionPtr()); } @@ -2119,8 +2086,7 @@ public class WolfSSLSession { */ public int getHmacType() throws IllegalStateException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return getHmacType(getSessionPtr()); } @@ -2141,8 +2107,7 @@ public class WolfSSLSession { */ public int getCipherType() throws IllegalStateException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return getCipherType(getSessionPtr()); } @@ -2169,8 +2134,7 @@ public class WolfSSLSession { public int setTlsHmacInner(byte[] inner, long sz, int content, int verify) throws IllegalStateException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return setTlsHmacInner(getSessionPtr(), inner, sz, content, verify); } @@ -2188,8 +2152,7 @@ public class WolfSSLSession { public void setMacEncryptCtx(Object ctx) throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); macEncryptCtx = ctx; } @@ -2207,8 +2170,7 @@ public class WolfSSLSession { public void setDecryptVerifyCtx(Object ctx) throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); decryptVerifyCtx = ctx; } @@ -2225,8 +2187,7 @@ public class WolfSSLSession { public void setEccSignCtx(Object ctx) throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); eccSignCtx = ctx; setEccSignCtx(getSessionPtr()); @@ -2244,8 +2205,7 @@ public class WolfSSLSession { public void setEccVerifyCtx(Object ctx) throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); eccVerifyCtx = ctx; setEccVerifyCtx(getSessionPtr()); @@ -2264,8 +2224,7 @@ public class WolfSSLSession { public void setEccSharedSecretCtx(Object ctx) throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); eccSharedSecretCtx = ctx; setEccSharedSecretCtx(getSessionPtr()); @@ -2283,8 +2242,7 @@ public class WolfSSLSession { public void setRsaSignCtx(Object ctx) throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); rsaSignCtx = ctx; setRsaSignCtx(getSessionPtr()); @@ -2303,8 +2261,7 @@ public class WolfSSLSession { public void setRsaVerifyCtx(Object ctx) throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); rsaVerifyCtx = ctx; setRsaVerifyCtx(getSessionPtr()); @@ -2323,8 +2280,7 @@ public class WolfSSLSession { public void setRsaEncCtx(Object ctx) throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); rsaEncCtx = ctx; setRsaEncCtx(getSessionPtr()); @@ -2343,8 +2299,7 @@ public class WolfSSLSession { public void setRsaDecCtx(Object ctx) throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); rsaDecCtx = ctx; setRsaDecCtx(getSessionPtr()); @@ -2384,8 +2339,7 @@ public class WolfSSLSession { public void setPskClientCb(WolfSSLPskClientCallback callback) throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); /* set PSK client callback */ internPskClientCb = callback; @@ -2424,8 +2378,7 @@ public class WolfSSLSession { public void setPskServerCb(WolfSSLPskServerCallback callback) throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); /* set PSK server callback */ internPskServerCb = callback; @@ -2449,8 +2402,7 @@ public class WolfSSLSession { */ public String getPskIdentityHint() throws IllegalStateException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return getPskIdentityHint(getSessionPtr()); } @@ -2470,8 +2422,7 @@ public class WolfSSLSession { */ public String getPskIdentity() { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return getPskIdentity(getSessionPtr()); } @@ -2493,8 +2444,7 @@ public class WolfSSLSession { */ public int usePskIdentityHint(String hint) { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return usePskIdentityHint(getSessionPtr(), hint); } @@ -2506,8 +2456,9 @@ public class WolfSSLSession { * @return true if the handshake is completed -- false if not. */ public boolean handshakeDone() { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + + confirmObjectIsActive(); + return handshakeDone(getSessionPtr()); } @@ -2517,8 +2468,9 @@ public class WolfSSLSession { * @throws IllegalStateException WolfSSLContext has been freed */ public void setConnectState() { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + + confirmObjectIsActive(); + setConnectState(getSessionPtr()); } @@ -2528,8 +2480,9 @@ public class WolfSSLSession { * @throws IllegalStateException WolfSSLContext has been freed\ */ public void setAcceptState() { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + + confirmObjectIsActive(); + setAcceptState(getSessionPtr()); } @@ -2570,8 +2523,7 @@ public class WolfSSLSession { public void setVerify(int mode, WolfSSLVerifyCallback callback) throws IllegalStateException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); setVerify(getSessionPtr(), mode, callback); } @@ -2588,8 +2540,7 @@ public class WolfSSLSession { public long setOptions(long op) throws IllegalStateException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return setOptions(getSessionPtr(), op); } @@ -2606,8 +2557,7 @@ public class WolfSSLSession { public long getOptions() throws IllegalStateException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return getOptions(getSessionPtr()); } @@ -2619,8 +2569,8 @@ public class WolfSSLSession { * @return true if close_notify has been received, otherwise false */ public boolean gotCloseNotify() { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + + confirmObjectIsActive(); int ret = gotCloseNotify(getSessionPtr()); @@ -2653,8 +2603,8 @@ public class WolfSSLSession { */ public void setIORecv(WolfSSLIORecvCallback callback) throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + + confirmObjectIsActive(); /* set user I/O recv */ internRecvSSLCb = callback; @@ -2686,8 +2636,7 @@ public class WolfSSLSession { public void setIOSend(WolfSSLIOSendCallback callback) throws IllegalStateException, WolfSSLJNIException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); /* set user I/O send */ internSendSSLCb = callback; @@ -2712,8 +2661,7 @@ public class WolfSSLSession { int ret; - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); ret = useSNI(getSessionPtr(), type, data); @@ -2730,8 +2678,7 @@ public class WolfSSLSession { int ret; - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); ret = useSessionTicket(getSessionPtr()); if (ret == WolfSSL.SSL_SUCCESS) { @@ -2751,8 +2698,7 @@ public class WolfSSLSession { */ public boolean sessionTicketsEnabled() throws IllegalStateException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return this.sessionTicketsEnabled; } @@ -2772,8 +2718,7 @@ public class WolfSSLSession { */ public int useALPN(byte[] alpnProtos) throws IllegalStateException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return sslSetAlpnProtos(getSessionPtr(), alpnProtos); } @@ -2800,8 +2745,7 @@ public class WolfSSLSession { /* all protocols, comma delimited */ StringBuilder allProtocols = new StringBuilder(); - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); if (protocols == null) { return WolfSSL.BAD_FUNC_ARG; @@ -2825,8 +2769,7 @@ public class WolfSSLSession { */ public byte[] getAlpnSelected() throws IllegalStateException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return sslGet0AlpnSelected(getSessionPtr()); } @@ -2844,8 +2787,7 @@ public class WolfSSLSession { byte[] alpnSelectedBytes = null; - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); alpnSelectedBytes = getAlpnSelected(); @@ -2869,8 +2811,7 @@ public class WolfSSLSession { */ public int useSecureRenegotiation() throws IllegalStateException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return useSecureRenegotiation(getSessionPtr()); } @@ -2918,8 +2859,7 @@ public class WolfSSLSession { */ public int rehandshake() throws IllegalStateException { - if (this.active == false) - throw new IllegalStateException("Object has been freed"); + confirmObjectIsActive(); return rehandshake(getSessionPtr()); } @@ -2928,7 +2868,10 @@ public class WolfSSLSession { * Getter function to tell if shutdown has been sent or received * @return WolfSSL.SSL_SENT_SHUTDOWN or WolfSSL.SSL_RECEIVED_SHUTDOWN */ - public int getShutdown() { + public int getShutdown() throws IllegalStateException { + + confirmObjectIsActive(); + return getShutdown(getSessionPtr()); } @@ -2961,12 +2904,10 @@ public class WolfSSLSession { @Override protected void finalize() throws Throwable { - if (this.active == true) { - /* free resources, set state */ - this.freeSSL(); - this.active = false; - this.sslPtr = 0; - } + /* free resources, freeSSL() checks and sets state */ + this.freeSSL(); + this.sslPtr = 0; + super.finalize(); } diff --git a/src/java/com/wolfssl/provider/jsse/WolfSSLEngine.java b/src/java/com/wolfssl/provider/jsse/WolfSSLEngine.java index 463d821..8766432 100644 --- a/src/java/com/wolfssl/provider/jsse/WolfSSLEngine.java +++ b/src/java/com/wolfssl/provider/jsse/WolfSSLEngine.java @@ -1065,7 +1065,7 @@ public class WolfSSLEngine extends SSLEngine { } @Override - public boolean getUseClientMode() { + public synchronized boolean getUseClientMode() { WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "entered getUseClientMode()"); return EngineHelper.getUseClientMode(); @@ -1079,7 +1079,7 @@ public class WolfSSLEngine extends SSLEngine { } @Override - public boolean getNeedClientAuth() { + public synchronized boolean getNeedClientAuth() { WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "entered getNeedClientAuth()"); return EngineHelper.getNeedClientAuth(); @@ -1093,7 +1093,7 @@ public class WolfSSLEngine extends SSLEngine { } @Override - public boolean getWantClientAuth() { + public synchronized boolean getWantClientAuth() { WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "entered getWantClientAuth()"); return EngineHelper.getWantClientAuth(); @@ -1107,7 +1107,7 @@ public class WolfSSLEngine extends SSLEngine { } @Override - public boolean getEnableSessionCreation() { + public synchronized boolean getEnableSessionCreation() { WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "entered getEnableSessionCreation()"); return EngineHelper.getEnableSessionCreation(); diff --git a/src/java/com/wolfssl/provider/jsse/WolfSSLEngineHelper.java b/src/java/com/wolfssl/provider/jsse/WolfSSLEngineHelper.java index f966db6..9b082c3 100644 --- a/src/java/com/wolfssl/provider/jsse/WolfSSLEngineHelper.java +++ b/src/java/com/wolfssl/provider/jsse/WolfSSLEngineHelper.java @@ -690,32 +690,33 @@ public class WolfSSLEngineHelper { this.session = this.authStore.getSession(ssl, this.port, this.hostname, this.clientMode); - if (this.session != null && this.clientMode) { - this.session.setSessionContext(authStore.getClientContext()); - this.session.setSide(WolfSSL.WOLFSSL_CLIENT_END); - } - else { - this.session.setSessionContext(authStore.getServerContext()); - this.session.setSide(WolfSSL.WOLFSSL_SERVER_END); - } + if (this.session != null) { + if (this.clientMode) { + this.session.setSessionContext(authStore.getClientContext()); + this.session.setSide(WolfSSL.WOLFSSL_CLIENT_END); + } + else { + this.session.setSessionContext(authStore.getServerContext()); + this.session.setSide(WolfSSL.WOLFSSL_SERVER_END); + } - if (this.session != null && this.sessionCreation == false && - !this.session.fromTable) { - /* new handshakes can not be made in this case. */ - WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, - "session creation not allowed"); + if (this.sessionCreation == false && !this.session.fromTable) { + /* new handshakes can not be made in this case. */ + WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, + "session creation not allowed"); - /* send CloseNotify */ - /* TODO: SunJSSE sends a Handshake Failure alert instead here */ - this.ssl.shutdownSSL(); + /* send CloseNotify */ + /* TODO: SunJSSE sends a Handshake Failure alert instead here */ + this.ssl.shutdownSSL(); - throw new SSLHandshakeException("Session creation not allowed"); - } + throw new SSLHandshakeException("Session creation not allowed"); + } - if (this.session != null && this.sessionCreation) { - /* can only add new sessions to the resumption table if session - * creation is allowed */ - this.authStore.addSession(this.session); + if (this.sessionCreation) { + /* can only add new sessions to the resumption table if session + * creation is allowed */ + this.authStore.addSession(this.session); + } } this.setLocalParams(); diff --git a/src/java/com/wolfssl/provider/jsse/WolfSSLImplementSSLSession.java b/src/java/com/wolfssl/provider/jsse/WolfSSLImplementSSLSession.java index b52e97c..e06da85 100644 --- a/src/java/com/wolfssl/provider/jsse/WolfSSLImplementSSLSession.java +++ b/src/java/com/wolfssl/provider/jsse/WolfSSLImplementSSLSession.java @@ -526,7 +526,7 @@ public class WolfSSLImplementSSLSession implements SSLSession { * Sets the native WOLFSSL_SESSION timeout * @param in timeout in seconds */ - protected void setNativeTimeout(long in) { + protected synchronized void setNativeTimeout(long in) { ssl.setSessTimeout(in); } diff --git a/src/java/com/wolfssl/provider/jsse/WolfSSLSocket.java b/src/java/com/wolfssl/provider/jsse/WolfSSLSocket.java index 34c7e7f..e39b6ce 100644 --- a/src/java/com/wolfssl/provider/jsse/WolfSSLSocket.java +++ b/src/java/com/wolfssl/provider/jsse/WolfSSLSocket.java @@ -1354,7 +1354,7 @@ public class WolfSSLSocket extends SSLSocket { * @throws IOException if InputStream is not able to be returned */ @Override - public InputStream getInputStream() throws IOException { + public synchronized InputStream getInputStream() throws IOException { WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "entered getInputStream()"); @@ -1376,7 +1376,7 @@ public class WolfSSLSocket extends SSLSocket { * @throws IOException if OutputStream is not able to be returned */ @Override - public OutputStream getOutputStream() throws IOException { + public synchronized OutputStream getOutputStream() throws IOException { WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "entered getOutputStream()"); @@ -1509,6 +1509,12 @@ public class WolfSSLSocket extends SSLSocket { /* Connection is closed, free native WOLFSSL session * to release native memory earlier than garbage * collector might with finalize(). */ + Object readCtx = this.ssl.getIOReadCtx(); + if (readCtx != null && + readCtx instanceof ConsumedRecvCtx) { + ConsumedRecvCtx rctx = (ConsumedRecvCtx)readCtx; + rctx.closeDataStreams(); + } this.ssl.freeSSL(); this.ssl = null; } @@ -1528,10 +1534,10 @@ public class WolfSSLSocket extends SSLSocket { } else { if (this.socket != null) { WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, - "socket (external) not closed, autoClose set to false"); + "socket (external) not closed, autoClose set to false"); } else { WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, - "socket (super) not closed, autoClose set to false"); + "socket (super) not closed, autoClose set to false"); } } @@ -1655,8 +1661,14 @@ public class WolfSSLSocket extends SSLSocket { @SuppressWarnings("deprecation") @Override - protected void finalize() throws Throwable { + protected synchronized void finalize() throws Throwable { if (this.ssl != null) { + Object readCtx = this.ssl.getIOReadCtx(); + if (readCtx != null && + readCtx instanceof ConsumedRecvCtx) { + ConsumedRecvCtx rctx = (ConsumedRecvCtx)readCtx; + rctx.closeDataStreams(); + } this.ssl.freeSSL(); this.ssl = null; } @@ -1664,21 +1676,43 @@ public class WolfSSLSocket extends SSLSocket { } class ConsumedRecvCtx { - private Socket s; - private DataInputStream consumed; + private Socket s = null; + private DataInputStream consumed = null; + private DataInputStream sockStream = null; public ConsumedRecvCtx(Socket s, InputStream in) { this.s = s; this.consumed = new DataInputStream(in); } - public DataInputStream getSocketDataStream() throws IOException { - return new DataInputStream(this.s.getInputStream()); + public synchronized DataInputStream getSocketDataStream() + throws IOException { + + if (this.s != null) { + if (this.sockStream == null) { + this.sockStream = + new DataInputStream(this.s.getInputStream()); + } + return this.sockStream; + } + else { + return null; + } } - public DataInputStream getConsumedDataStream() { + public synchronized DataInputStream getConsumedDataStream() { return this.consumed; } + + public synchronized void closeDataStreams() + throws IOException { + if (consumed != null) { + consumed.close(); + } + if (sockStream != null) { + sockStream.close(); + } + } } class ConsumedRecvCallback implements WolfSSLIORecvCallback { @@ -1686,7 +1720,7 @@ public class WolfSSLSocket extends SSLSocket { public int receiveCallback(WolfSSLSession ssl, byte[] buf, int sz, Object ctx) { - int ret; + int ret = 0; try { ConsumedRecvCtx context = (ConsumedRecvCtx)ctx; @@ -1701,7 +1735,7 @@ public class WolfSSLSocket extends SSLSocket { ret = 0; } - } else { + } else if (current != null) { /* read directly from Socket, may throw SocketException * if underlying socket is non-blocking and returns * WANT_READ. */