src/java.base/share/classes/sun/security/ssl/SSLSocketImpl.java

Print this page 







 379     /*
 380      * Whether local cipher suites preference in server side should be
 381      * honored during handshaking?
 382      */
 383     private boolean preferLocalCipherSuites = false;
 384 
 385     /*
 386      * The maximum expected network packet size for SSL/TLS/DTLS records.
 387      */
 388     private int maximumPacketSize = 0;
 389 
 390     /*
 391      * Is the local name service trustworthy?
 392      *
 393      * If the local name service is not trustworthy, reverse host name
 394      * resolution should not be performed for endpoint identification.
 395      */
 396     static final boolean trustNameService =
 397             Debug.getBooleanProperty("jdk.tls.trustNameService", false);
 398 



 399     //
 400     // CONSTRUCTORS AND INITIALIZATION CODE
 401     //
 402 
 403     /**
 404      * Constructs an SSL connection to a named host at a specified port,
 405      * using the authentication context provided.  This endpoint acts as
 406      * the client, and may rejoin an existing SSL session if appropriate.
 407      *
 408      * @param context authentication context to use
 409      * @param host name of the host with which to connect
 410      * @param port number of the server's port
 411      */
 412     SSLSocketImpl(SSLContextImpl context, String host, int port)
 413             throws IOException, UnknownHostException {
 414         super();
 415         this.host = host;
 416         this.serverNames =
 417             Utilities.addToSNIServerNameList(this.serverNames, this.host);
 418         init(context, false);


1777             }
1778         }
1779     }
1780 
1781     /**
1782      * Reads a close_notify or a fatal alert from the input stream.
1783      * Keep reading records until we get a close_notify or until
1784      * the connection is otherwise closed.  The close_notify or alert
1785      * might be read by another reader,
1786      * which will then process the close and set the connection state.
1787      */
1788     void waitForClose(boolean rethrow) throws IOException {
1789         if (debug != null && Debug.isOn("ssl")) {
1790             System.out.println(Thread.currentThread().getName() +
1791                 ", waiting for close_notify or alert: state "
1792                 + getConnectionState());
1793         }
1794 
1795         try {
1796             int state;

1797 
1798             while (((state = getConnectionState()) != cs_CLOSED) &&
1799                    (state != cs_ERROR) && (state != cs_APP_CLOSED)) {
1800 
1801                 // Ask for app data and then throw it away
1802                 try {
1803                     readRecord(true);
1804                 } catch (SocketTimeoutException e) {
1805                     // if time out, ignore the exception and continue





1806                 }

1807             }



1808         } catch (IOException e) {
1809             if (debug != null && Debug.isOn("ssl")) {
1810                 System.out.println(Thread.currentThread().getName() +
1811                     ", Exception while waiting for close " +e);
1812             }
1813             if (rethrow) {
1814                 throw e; // pass exception up
1815             }
1816         }
1817     }
1818 
1819     //
1820     // EXCEPTION AND ALERT HANDLING
1821     //
1822 
1823     /**
1824      * Handle an exception. This method is called by top level exception
1825      * handlers (in read(), write()) to make sure we always shutdown the
1826      * connection correctly and do not pass runtime exception to the
1827      * application.






 379     /*
 380      * Whether local cipher suites preference in server side should be
 381      * honored during handshaking?
 382      */
 383     private boolean preferLocalCipherSuites = false;
 384 
 385     /*
 386      * The maximum expected network packet size for SSL/TLS/DTLS records.
 387      */
 388     private int maximumPacketSize = 0;
 389 
 390     /*
 391      * Is the local name service trustworthy?
 392      *
 393      * If the local name service is not trustworthy, reverse host name
 394      * resolution should not be performed for endpoint identification.
 395      */
 396     static final boolean trustNameService =
 397             Debug.getBooleanProperty("jdk.tls.trustNameService", false);
 398 
 399     static final int retryCloseAttempts =
 400             Debug.getIntegerProperty("jdk.tls.closeRetries", 5);
 401 
 402     //
 403     // CONSTRUCTORS AND INITIALIZATION CODE
 404     //
 405 
 406     /**
 407      * Constructs an SSL connection to a named host at a specified port,
 408      * using the authentication context provided.  This endpoint acts as
 409      * the client, and may rejoin an existing SSL session if appropriate.
 410      *
 411      * @param context authentication context to use
 412      * @param host name of the host with which to connect
 413      * @param port number of the server's port
 414      */
 415     SSLSocketImpl(SSLContextImpl context, String host, int port)
 416             throws IOException, UnknownHostException {
 417         super();
 418         this.host = host;
 419         this.serverNames =
 420             Utilities.addToSNIServerNameList(this.serverNames, this.host);
 421         init(context, false);


1780             }
1781         }
1782     }
1783 
1784     /**
1785      * Reads a close_notify or a fatal alert from the input stream.
1786      * Keep reading records until we get a close_notify or until
1787      * the connection is otherwise closed.  The close_notify or alert
1788      * might be read by another reader,
1789      * which will then process the close and set the connection state.
1790      */
1791     void waitForClose(boolean rethrow) throws IOException {
1792         if (debug != null && Debug.isOn("ssl")) {
1793             System.out.println(Thread.currentThread().getName() +
1794                 ", waiting for close_notify or alert: state "
1795                 + getConnectionState());
1796         }
1797 
1798         try {
1799             int state;
1800             int retryCount = 0;
1801 
1802             while (((state = getConnectionState()) != cs_CLOSED) &&
1803                    (state != cs_ERROR) && (state != cs_APP_CLOSED)) {
1804 
1805                 // Ask for app data and then throw it away
1806                 try {
1807                     readRecord(true);
1808                 } catch (SocketTimeoutException e) {
1809                     // if time out, retry as specified by retryCloseAttempts
1810                     if (retryCloseAttempts > 0 && retryCount == retryCloseAttempts) {
1811                         if ((debug != null) && Debug.isOn("ssl")) {
1812                             System.out.println(
1813                                 Thread.currentThread().getName() +
1814                                 ", received Exception: " + e);
1815                         }
1816                         fatal((byte)(-1), "Did not receive close_notify from peer", e);
1817                     }
1818                     retryCount++;
1819                 }
1820             }
1821         } catch (IOException e) {
1822             if (debug != null && Debug.isOn("ssl")) {
1823                 System.out.println(Thread.currentThread().getName() +
1824                     ", Exception while waiting for close " +e);
1825             }
1826             if (rethrow) {
1827                 throw e; // pass exception up
1828             }
1829         }
1830     }
1831 
1832     //
1833     // EXCEPTION AND ALERT HANDLING
1834     //
1835 
1836     /**
1837      * Handle an exception. This method is called by top level exception
1838      * handlers (in read(), write()) to make sure we always shutdown the
1839      * connection correctly and do not pass runtime exception to the
1840      * application.