1 /*
2 * Copyright (c) 1996, 2018, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
688 }
689 } else {
690 resumingSession = false;
691 if (debug != null && Debug.isOn("session"))
692 System.out.println("Kerberos credentials are" +
693 " not present in the current Subject;" +
694 " check if " +
695 " javax.security.auth.useSubjectAsCreds" +
696 " system property has been set to false");
697 }
698 }
699 }
700
701 // ensure that the endpoint identification algorithm matches the
702 // one in the session
703 String identityAlg = getEndpointIdentificationAlgorithmSE();
704 if (resumingSession && identityAlg != null) {
705
706 String sessionIdentityAlg =
707 previous.getEndpointIdentificationAlgorithm();
708 if (!Objects.equals(identityAlg, sessionIdentityAlg)) {
709
710 if (debug != null && Debug.isOn("session")) {
711 System.out.println("%% can't resume, endpoint id"
712 + " algorithm does not match, requested: " +
713 identityAlg + ", cached: " +
714 sessionIdentityAlg);
715 }
716 resumingSession = false;
717 }
718 }
719
720 if (resumingSession) {
721 CipherSuite suite = previous.getSuite();
722 // verify that the ciphersuite from the cached session
723 // is in the list of client requested ciphersuites and
724 // we have it enabled
725 if ((isNegotiable(suite) == false) ||
726 (mesg.getCipherSuites().contains(suite) == false)) {
727 resumingSession = false;
728 } else {
|
1 /*
2 * Copyright (c) 1996, 2019, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
688 }
689 } else {
690 resumingSession = false;
691 if (debug != null && Debug.isOn("session"))
692 System.out.println("Kerberos credentials are" +
693 " not present in the current Subject;" +
694 " check if " +
695 " javax.security.auth.useSubjectAsCreds" +
696 " system property has been set to false");
697 }
698 }
699 }
700
701 // ensure that the endpoint identification algorithm matches the
702 // one in the session
703 String identityAlg = getEndpointIdentificationAlgorithmSE();
704 if (resumingSession && identityAlg != null) {
705
706 String sessionIdentityAlg =
707 previous.getEndpointIdentificationAlgorithm();
708 if (!identityAlg.equalsIgnoreCase(sessionIdentityAlg)) {
709
710 if (debug != null && Debug.isOn("session")) {
711 System.out.println("%% can't resume, endpoint id"
712 + " algorithm does not match, requested: " +
713 identityAlg + ", cached: " +
714 sessionIdentityAlg);
715 }
716 resumingSession = false;
717 }
718 }
719
720 if (resumingSession) {
721 CipherSuite suite = previous.getSuite();
722 // verify that the ciphersuite from the cached session
723 // is in the list of client requested ciphersuites and
724 // we have it enabled
725 if ((isNegotiable(suite) == false) ||
726 (mesg.getCipherSuites().contains(suite) == false)) {
727 resumingSession = false;
728 } else {
|