src/share/classes/sun/security/ssl/Handshaker.java

7188658 Add possibility to disable client initiated renegotiation

*** 184,193 ****
--- 184,203 ----
      //
      // By default, allow such legacy hello messages.
      static final boolean allowLegacyHelloMessages = Debug.getBooleanProperty(
                      "sun.security.ssl.allowLegacyHelloMessages", true);
  
+     // To prevent the TLS renegotiation issues, by setting system property
+     // "jdk.tls.rejectClientInitializedRenego" to true, applications in server
+     // side can disable all client initiated SSL renegotiations regardless
+     // of the support of TLS protocols.
+     //
+     // By default, allow client initiated renegotiations.
+     static final boolean rejectClientInitializedRenego =
+             Debug.getBooleanProperty(
+                 "jdk.tls.rejectClientInitializedRenego", false);
+ 
      // need to dispose the object when it is invalidated
      boolean invalidated;
  
      Handshaker(SSLSocketImpl c, SSLContextImpl context,
              ProtocolList enabledProtocols, boolean needCertVerify,