< prev index next >

src/java.base/share/classes/sun/security/ssl/ClientHello.java

Print this page
rev 52904 : 8234408: Improve TLS session handling
Reviewed-by: ascarpino, jjiang, ahgross, ssahoo, mullan, andrew


 390     private static final
 391             class ClientHelloKickstartProducer implements SSLProducer {
 392         // Prevent instantiation of this class.
 393         private ClientHelloKickstartProducer() {
 394             // blank
 395         }
 396 
 397         // Produce kickstart handshake message.
 398         @Override
 399         public byte[] produce(ConnectionContext context) throws IOException {
 400             // The producing happens in client side only.
 401             ClientHandshakeContext chc = (ClientHandshakeContext)context;
 402 
 403             // clean up this producer
 404             chc.handshakeProducers.remove(SSLHandshake.CLIENT_HELLO.id);
 405 
 406             // the max protocol version this client is supporting.
 407             ProtocolVersion maxProtocolVersion = chc.maximumActiveProtocol;
 408 
 409             // session ID of the ClientHello message
 410             SessionId sessionId = SSLSessionImpl.nullSession.getSessionId();
 411 
 412             // a list of cipher suites sent by the client
 413             List<CipherSuite> cipherSuites = chc.activeCipherSuites;
 414 
 415             //
 416             // Try to resume an existing session.
 417             //
 418             SSLSessionContextImpl ssci = (SSLSessionContextImpl)
 419                     chc.sslContext.engineGetClientSessionContext();
 420             SSLSessionImpl session = ssci.get(
 421                     chc.conContext.transport.getPeerHost(),
 422                     chc.conContext.transport.getPeerPort());
 423             if (session != null) {
 424                 // If unsafe server certificate change is not allowed, reserve
 425                 // current server certificates if the previous handshake is a
 426                 // session-resumption abbreviated initial handshake.
 427                 if (!ClientHandshakeContext.allowUnsafeServerCertChange &&
 428                         session.isSessionResumption()) {
 429                     try {
 430                         // If existing, peer certificate chain cannot be null.




 390     private static final
 391             class ClientHelloKickstartProducer implements SSLProducer {
 392         // Prevent instantiation of this class.
 393         private ClientHelloKickstartProducer() {
 394             // blank
 395         }
 396 
 397         // Produce kickstart handshake message.
 398         @Override
 399         public byte[] produce(ConnectionContext context) throws IOException {
 400             // The producing happens in client side only.
 401             ClientHandshakeContext chc = (ClientHandshakeContext)context;
 402 
 403             // clean up this producer
 404             chc.handshakeProducers.remove(SSLHandshake.CLIENT_HELLO.id);
 405 
 406             // the max protocol version this client is supporting.
 407             ProtocolVersion maxProtocolVersion = chc.maximumActiveProtocol;
 408 
 409             // session ID of the ClientHello message
 410             SessionId sessionId = new SessionId(new byte[0]);
 411 
 412             // a list of cipher suites sent by the client
 413             List<CipherSuite> cipherSuites = chc.activeCipherSuites;
 414 
 415             //
 416             // Try to resume an existing session.
 417             //
 418             SSLSessionContextImpl ssci = (SSLSessionContextImpl)
 419                     chc.sslContext.engineGetClientSessionContext();
 420             SSLSessionImpl session = ssci.get(
 421                     chc.conContext.transport.getPeerHost(),
 422                     chc.conContext.transport.getPeerPort());
 423             if (session != null) {
 424                 // If unsafe server certificate change is not allowed, reserve
 425                 // current server certificates if the previous handshake is a
 426                 // session-resumption abbreviated initial handshake.
 427                 if (!ClientHandshakeContext.allowUnsafeServerCertChange &&
 428                         session.isSessionResumption()) {
 429                     try {
 430                         // If existing, peer certificate chain cannot be null.


< prev index next >