src/share/classes/sun/security/ssl/Handshaker.java

7188658 Add possibility to disable client initiated renegotiation

@@ -184,10 +184,19 @@
     //
     // By default, allow such legacy hello messages.
     static final boolean allowLegacyHelloMessages = Debug.getBooleanProperty(
                     "sun.security.ssl.allowLegacyHelloMessages", true);
 
+    // To prevent the TLS renegotiation issues, by setting system property
+    // "jsse.rejectClientInitializedRenego" to true, applications in server
+    // side can disable all client initiated SSL renegotiations regardless
+    // of the support of TLS protocols.
+    //
+    // By default, allow client initiated renegotiations.
+    static final boolean rejectClientInitializedRenego =
+        Debug.getBooleanProperty("jsse.rejectClientInitializedRenego", false);
+
     // need to dispose the object when it is invalidated
     boolean invalidated;
 
     Handshaker(SSLSocketImpl c, SSLContextImpl context,
             ProtocolList enabledProtocols, boolean needCertVerify,