23 * questions.
24 */
25
26
27 package sun.security.ssl;
28
29 import java.io.*;
30 import java.nio.*;
31 import java.net.*;
32 import java.security.GeneralSecurityException;
33 import java.security.AccessController;
34 import java.security.AccessControlContext;
35 import java.security.PrivilegedAction;
36 import java.security.AlgorithmConstraints;
37 import java.util.*;
38 import java.util.concurrent.TimeUnit;
39 import java.util.concurrent.locks.ReentrantLock;
40
41 import javax.crypto.BadPaddingException;
42 import javax.net.ssl.*;
43 import sun.misc.ManagedLocalsThread;
44
45 import jdk.internal.misc.JavaNetInetAddressAccess;
46 import jdk.internal.misc.SharedSecrets;
47
48 /**
49 * Implementation of an SSL socket. This is a normal connection type
50 * socket, implementing SSL over some lower level socket, such as TCP.
51 * Because it is layered over some lower level socket, it MUST override
52 * all default socket methods.
53 *
54 * <P> This API offers a non-traditional option for establishing SSL
55 * connections. You may first establish the connection directly, then pass
56 * that connection to the SSL socket constructor with a flag saying which
57 * role should be taken in the handshake protocol. (The two ends of the
58 * connection must not choose the same role!) This allows setup of SSL
59 * proxying or tunneling, and also allows the kind of "role reversal"
60 * that is required for most FTP data transfers.
61 *
62 * @see javax.net.ssl.SSLSocket
63 * @see SSLServerSocket
1136 serverVerifyData = handshaker.getServerVerifyData();
1137 // set connection ALPN value
1138 applicationProtocol =
1139 handshaker.getHandshakeApplicationProtocol();
1140
1141 sess = handshaker.getSession();
1142 handshakeSession = null;
1143 handshaker = null;
1144 inputRecord.setHandshakeHash(null);
1145 outputRecord.setHandshakeHash(null);
1146 connectionState = cs_DATA;
1147
1148 //
1149 // Tell folk about handshake completion, but do
1150 // it in a separate thread.
1151 //
1152 if (handshakeListeners != null) {
1153 HandshakeCompletedEvent event =
1154 new HandshakeCompletedEvent(this, sess);
1155
1156 Thread thread = new ManagedLocalsThread(
1157 new NotifyHandshake(
1158 handshakeListeners.entrySet(), event),
1159 "HandshakeCompletedNotify-Thread");
1160 thread.start();
1161 }
1162 }
1163
1164 break;
1165
1166 case Record.ct_application_data:
1167 if (connectionState != cs_DATA
1168 && connectionState != cs_RENEGOTIATE
1169 && connectionState != cs_SENT_CLOSE) {
1170 throw new SSLProtocolException(
1171 "Data received in non-data state: " +
1172 connectionState);
1173 }
1174 if (expectingFinished) {
1175 throw new SSLProtocolException
1176 ("Expecting finished message, received data");
1177 }
1178 if (!needAppData) {
1179 throw new SSLException("Discarding app data");
|
23 * questions.
24 */
25
26
27 package sun.security.ssl;
28
29 import java.io.*;
30 import java.nio.*;
31 import java.net.*;
32 import java.security.GeneralSecurityException;
33 import java.security.AccessController;
34 import java.security.AccessControlContext;
35 import java.security.PrivilegedAction;
36 import java.security.AlgorithmConstraints;
37 import java.util.*;
38 import java.util.concurrent.TimeUnit;
39 import java.util.concurrent.locks.ReentrantLock;
40
41 import javax.crypto.BadPaddingException;
42 import javax.net.ssl.*;
43
44 import jdk.internal.misc.JavaNetInetAddressAccess;
45 import jdk.internal.misc.SharedSecrets;
46
47 /**
48 * Implementation of an SSL socket. This is a normal connection type
49 * socket, implementing SSL over some lower level socket, such as TCP.
50 * Because it is layered over some lower level socket, it MUST override
51 * all default socket methods.
52 *
53 * <P> This API offers a non-traditional option for establishing SSL
54 * connections. You may first establish the connection directly, then pass
55 * that connection to the SSL socket constructor with a flag saying which
56 * role should be taken in the handshake protocol. (The two ends of the
57 * connection must not choose the same role!) This allows setup of SSL
58 * proxying or tunneling, and also allows the kind of "role reversal"
59 * that is required for most FTP data transfers.
60 *
61 * @see javax.net.ssl.SSLSocket
62 * @see SSLServerSocket
1135 serverVerifyData = handshaker.getServerVerifyData();
1136 // set connection ALPN value
1137 applicationProtocol =
1138 handshaker.getHandshakeApplicationProtocol();
1139
1140 sess = handshaker.getSession();
1141 handshakeSession = null;
1142 handshaker = null;
1143 inputRecord.setHandshakeHash(null);
1144 outputRecord.setHandshakeHash(null);
1145 connectionState = cs_DATA;
1146
1147 //
1148 // Tell folk about handshake completion, but do
1149 // it in a separate thread.
1150 //
1151 if (handshakeListeners != null) {
1152 HandshakeCompletedEvent event =
1153 new HandshakeCompletedEvent(this, sess);
1154
1155 Thread thread = new Thread(
1156 null,
1157 new NotifyHandshake(
1158 handshakeListeners.entrySet(), event),
1159 "HandshakeCompletedNotify-Thread",
1160 0,
1161 false);
1162 thread.start();
1163 }
1164 }
1165
1166 break;
1167
1168 case Record.ct_application_data:
1169 if (connectionState != cs_DATA
1170 && connectionState != cs_RENEGOTIATE
1171 && connectionState != cs_SENT_CLOSE) {
1172 throw new SSLProtocolException(
1173 "Data received in non-data state: " +
1174 connectionState);
1175 }
1176 if (expectingFinished) {
1177 throw new SSLProtocolException
1178 ("Expecting finished message, received data");
1179 }
1180 if (!needAppData) {
1181 throw new SSLException("Discarding app data");
|