SSLSocket.session= needs to delay session initialization after the engine is setup

kares · kares · commit ed95b2c7bf85 · 2016-03-30T13:01:48.000+02:00
... hopefully the now removed `session=` warning won't confuse users as we do not do much except for copy-ing the timeout - although the underlying engine should now have an explicit hint not to create new sessions! resolves cases such as jruby/jruby#3765
diff --git a/src/main/java/org/jruby/ext/openssl/SSLSocket.java b/src/main/java/org/jruby/ext/openssl/SSLSocket.java
@@ -191,7 +191,9 @@ private SSLEngine ossl_ssl_setup(final ThreadContext context)
         peerAppData.limit(0);
         netData.limit(0);
         dummy = ByteBuffer.allocate(0);
-        return this.engine = engine;
+        this.engine = engine;
+        copySessionSetupIfSet();
+        return engine;
     }
 
     @JRubyMethod(name = "io", alias = "to_io")
@@ -1054,23 +1056,31 @@ private SSLSession getSession(final ThreadContext context) {
         return session;
     }
 
+    private transient SSLSession setSession = null;
+
     @JRubyMethod(name = "session=")
     public IRubyObject set_session(IRubyObject session) {
         final ThreadContext context = getRuntime().getCurrentContext();
         // NOTE: we can not fully support this without the SSL provider internals
         // but we can assume setting a session= is meant as a forced session re-use
-        if ( reusableSSLEngine() ) {
-            engine.setEnableSessionCreation(false);
-            if ( session instanceof SSLSession ) {
-                final SSLSession theSession = (SSLSession) session;
-                if ( ! theSession.equals( getSession(context) ) ) {
-                    getSession(context).set_timeout(context, theSession.timeout(context));
+        if ( session instanceof SSLSession ) {
+            setSession = (SSLSession) session;
+            if ( engine != null ) copySessionSetupIfSet();
+        }
+        //warn(context, "WARNING: SSLSocket#session= has not effect");
+        return context.nil;
+    }
+
+    private void copySessionSetupIfSet() {
+        if ( setSession != null ) {
+            if ( reusableSSLEngine() ) {
+                engine.setEnableSessionCreation(false);
+                final ThreadContext context = getRuntime().getCurrentContext();
+                if ( ! setSession.equals( getSession(context) ) ) {
+                    getSession(context).set_timeout(context, setSession.timeout(context));
                 }
             }
-            return getSession(context);
         }
-        warn(context, "WARNING: SSLSocket#session= has not effect");
-        return context.nil;
     }
 
     @JRubyMethod
