--- old/src/java.base/share/classes/sun/security/ssl/SSLSessionImpl.java 2017-07-18 14:01:58.639792926 -0300 +++ new/src/java.base/share/classes/sun/security/ssl/SSLSessionImpl.java 2017-07-18 14:01:58.548792684 -0300 @@ -48,6 +48,7 @@ import javax.net.ssl.SSLSessionBindingEvent; import javax.net.ssl.SSLPeerUnverifiedException; import javax.net.ssl.SSLPermission; +import javax.net.ssl.CertificateAuthority; import javax.net.ssl.ExtendedSSLSession; import javax.net.ssl.SNIServerName; @@ -107,6 +108,7 @@ private PrivateKey localPrivateKey; private String[] localSupportedSignAlgs; private String[] peerSupportedSignAlgs; + private CertificateAuthority[] certificateAuthorities; private List requestedServerNames; private List statusResponses; @@ -223,6 +225,17 @@ SignatureAndHashAlgorithm.getAlgorithmNames(algorithms); } + /** + * Sets the certificate authority indications for a TLS session (sent + * by either a Client or a Server). This information will be used for + * certificate selection during the TLS handshake. + * + * @param certificateAuthorities certificate authority indications. + */ + void setCertificateAuthorities(CertificateAuthority[] certificateAuthorities) { + this.certificateAuthorities = certificateAuthorities; + } + void setRequestedServerNames(List requestedServerNames) { this.requestedServerNames = new ArrayList<>(requestedServerNames); } @@ -939,6 +952,19 @@ } /** + * Gets the certificate authority indications for a TLS session (sent + * by either a Client or a Server). This information will be used for + * certificate selection during the TLS handshake. May be {@code null} + * certificate authority indications were not set. + * + * @return certificate authority indications for a TLS session. + */ + @Override + public CertificateAuthority[] getCertificateAuthorities() { + return this.certificateAuthorities; + } + + /** * Obtains a List containing all {@link SNIServerName}s * of the requested Server Name Indication (SNI) extension. */