diff options
Diffstat (limited to 'security-utils/src/main/java/com/yahoo/security/tls/ConfigFileBasedTlsContext.java')
-rw-r--r-- | security-utils/src/main/java/com/yahoo/security/tls/ConfigFileBasedTlsContext.java | 25 |
1 files changed, 19 insertions, 6 deletions
diff --git a/security-utils/src/main/java/com/yahoo/security/tls/ConfigFileBasedTlsContext.java b/security-utils/src/main/java/com/yahoo/security/tls/ConfigFileBasedTlsContext.java index 26dfbf9fd9f..9527d50f339 100644 --- a/security-utils/src/main/java/com/yahoo/security/tls/ConfigFileBasedTlsContext.java +++ b/security-utils/src/main/java/com/yahoo/security/tls/ConfigFileBasedTlsContext.java @@ -31,13 +31,17 @@ public class ConfigFileBasedTlsContext implements TlsContext { private static TlsManager getOrCreateTrustManager(Path tlsOptionsConfigFile) { synchronized (trustManagers) { - WeakReference<TlsManager> tlsManager = trustManagers.get(tlsOptionsConfigFile); - if (tlsManager == null || tlsManager.get() == null) { - TlsManager manager = new TlsManager(tlsOptionsConfigFile); - trustManagers.put(tlsOptionsConfigFile, new WeakReference<>(manager)); - return manager; + WeakReference<TlsManager> tlsRef = trustManagers.get(tlsOptionsConfigFile); + TlsManager tlsManager = null; + if (tlsRef != null) { + tlsManager = tlsRef.get(); } - return tlsManager.get(); + if (tlsManager == null) { + tlsManager = new TlsManager(tlsOptionsConfigFile); + trustManagers.put(tlsOptionsConfigFile, new WeakReference<>(tlsManager)); + } + tlsManager.addRef(); + return tlsManager; } } @@ -59,6 +63,15 @@ public class ConfigFileBasedTlsContext implements TlsContext { @Override public SSLParameters parameters() { return tlsContext.parameters(); } @Override public SSLEngine createSslEngine() { return tlsContext.createSslEngine(); } @Override public SSLEngine createSslEngine(String peerHost, int peerPort) { return tlsContext.createSslEngine(peerHost, peerPort); } + @Override public void close() { + synchronized (trustManagers) { + int references = tlsManager.subRef(); + if (references == 0) { + tlsManager.close(); + trustManagers.remove(tlsManager.getTlsConfigFile()); + } + } + } private static DefaultTlsContext createDefaultTlsContext(TransportSecurityOptions options, AuthorizationMode mode, |