src/share/classes/sun/security/ssl/Handshaker.java
Print this page
7188658 Add possibility to disable client initiated renegotiation
*** 184,193 ****
--- 184,203 ----
//
// By default, allow such legacy hello messages.
static final boolean allowLegacyHelloMessages = Debug.getBooleanProperty(
"sun.security.ssl.allowLegacyHelloMessages", true);
+ // To prevent the TLS renegotiation issues, by setting system property
+ // "jdk.tls.rejectClientInitializedRenego" to true, applications in server
+ // side can disable all client initiated SSL renegotiations regardless
+ // of the support of TLS protocols.
+ //
+ // By default, allow client initiated renegotiations.
+ static final boolean rejectClientInitializedRenego =
+ Debug.getBooleanProperty(
+ "jdk.tls.rejectClientInitializedRenego", false);
+
// need to dispose the object when it is invalidated
boolean invalidated;
Handshaker(SSLSocketImpl c, SSLContextImpl context,
ProtocolList enabledProtocols, boolean needCertVerify,