8130864: Better server identity handling

Reviewed-by: jnimeh, asmotrak, ahgross
2015-07-13 13:37:22 +00:00 · 2015-07-13 13:37:22 +00:00 · 6055fda904
commit 6055fda904
parent 3ca3a07d79
1 changed files with 3 additions and 0 deletions
--- a/jdk/src/java.base/share/classes/sun/security/ssl/ClientHandshaker.java
+++ b/jdk/src/java.base/share/classes/sun/security/ssl/ClientHandshaker.java
@ -672,6 +672,9 @@ final class ClientHandshaker extends Handshaker {
                }
            } else {
                // we wanted to resume, but the server refused
+                //
+                // Invalidate the session in case of reusing next time.
+                session.invalidate();
                session = null;
                if (!enableNewSession) {
                    throw new SSLException("New session creation is disabled");