[refactor] re-org SSL engine init (so that BC engine boots as well)

Author: kares

src/main/java/org/jruby/ext/openssl/SSLContext.java

@@ -867,7 +867,7 @@ private class InternalContext {
             final List<X509AuxCertificate> clientCert,
             final List<X509AuxCertificate> extraChainCert,
             final int verifyMode,
-            final int timeout) throws NoSuchAlgorithmException, KeyManagementException {
+            final int timeout) throws NoSuchAlgorithmException {
 
             if ( pKey != null && xCert != null ) {
                 this.privateKey = pKey.getPrivateKey();
@@ -884,12 +884,26 @@ private class InternalContext {
             this.clientCert = clientCert;
             this.extraChainCert = extraChainCert;
             this.verifyMode = verifyMode;
-            //this.timeout = timeout;
+            this.timeout = timeout;
 
             // initialize SSL context :
 
             final javax.net.ssl.SSLContext sslContext = SecurityHelper.getSSLContext(protocol);
 
+            this.sslContext = sslContext;
+        }
+
+        void initSSLContext(final ThreadContext context) throws KeyManagementException {
+            final KeyManager[] keyManager = new KeyManager[] { new KeyManagerImpl(this) };
+            final TrustManager[] trustManager = new TrustManager[] { new TrustManagerImpl(this) };
+            // SSLContext (internals) on Sun JDK :
+            // private final java.security.Provider provider; "SunJSSE"
+            // private final javax.net.ssl.SSLContextSpi; sun.security.ssl.SSLContextImpl
+            sslContext.init(keyManager, trustManager, OpenSSL.getSecureRandomFrom(context));
+            // if secureRandom == null JSSE will try :
+            // - new SecureRandom();
+            // - SecureRandom.getInstance("PKCS11", cryptoProvider);
+
             if ( protocolForClient ) {
                 final SSLSessionContext clientContext = sslContext.getClientSessionContext();
                 clientContext.setSessionTimeout(timeout);
@@ -898,25 +912,12 @@ private class InternalContext {
                 }
             }
             if ( protocolForServer ) {
-                final SSLSessionContext serverContext = sslContext.getClientSessionContext();
+                final SSLSessionContext serverContext = sslContext.getServerSessionContext();
                 serverContext.setSessionTimeout(timeout);
                 if ( sessionCacheSize >= 0 ) {
                     serverContext.setSessionCacheSize(sessionCacheSize);
                 }
             }
-            this.sslContext = sslContext;
-        }
-
-        protected void initSSLContext(final ThreadContext context) throws KeyManagementException {
-            final KeyManager[] keyManager = new KeyManager[] { new KeyManagerImpl(this) };
-            final TrustManager[] trustManager = new TrustManager[] { new TrustManagerImpl(this) };
-            // SSLContext (internals) on Sun JDK :
-            // private final java.security.Provider provider; "SunJSSE"
-            // private final javax.net.ssl.SSLContextSpi; sun.security.ssl.SSLContextImpl
-            sslContext.init(keyManager, trustManager, OpenSSL.getSecureRandomFrom(context));
-            // if secureRandom == null JSSE will try :
-            // - new SecureRandom();
-            // - SecureRandom.getInstance("PKCS11", cryptoProvider);
         }
 
         final Store store;
@@ -929,7 +930,7 @@ protected void initSSLContext(final ThreadContext context) throws KeyManagementE
         final List<X509AuxCertificate> clientCert; // assumed always != null
         final List<X509AuxCertificate> extraChainCert; // empty assumed == null
 
-        //final int timeout;
+        private final int timeout;
 
         private final javax.net.ssl.SSLContext sslContext;