src/share/classes/sun/security/ssl/Handshaker.java
Print this page
7188658 Add possibility to disable client initiated renegotiation
*** 184,193 ****
--- 184,202 ----
//
// By default, allow such legacy hello messages.
static final boolean allowLegacyHelloMessages = Debug.getBooleanProperty(
"sun.security.ssl.allowLegacyHelloMessages", true);
+ // To prevent the TLS renegotiation issues, by setting system property
+ // "jsse.rejectClientInitializedRenego" to true, applications in server
+ // side can disable all client initiated SSL renegotiations regardless
+ // of the support of TLS protocols.
+ //
+ // By default, allow client initiated renegotiations.
+ static final boolean rejectClientInitializedRenego =
+ Debug.getBooleanProperty("jsse.rejectClientInitializedRenego", false);
+
// need to dispose the object when it is invalidated
boolean invalidated;
Handshaker(SSLSocketImpl c, SSLContextImpl context,
ProtocolList enabledProtocols, boolean needCertVerify,