jdk11 Udiff src/java.base/share/classes/sun/security/ssl/HandshakeContext.java

src/java.base/share/classes/sun/security/ssl/HandshakeContext.java

rev 52896 : 8229733: TLS message handling improvements
Summary: Includes changes to TransportContext from JDK-8211018
Reviewed-by: andrew
rev 52899 : 8232424: More constrained algorithms
Reviewed-by: jnimeh, rhalade, ahgross

@@ -161,12 +161,14 @@
             TransportContext conContext) throws IOException {
         this.sslContext = sslContext;
         this.conContext = conContext;
         this.sslConfig = (SSLConfiguration)conContext.sslConfig.clone();
 
+        this.algorithmConstraints = new SSLAlgorithmConstraints(
+                sslConfig.userSpecifiedAlgorithmConstraints);
         this.activeProtocols = getActiveProtocols(sslConfig.enabledProtocols,
-                sslConfig.enabledCipherSuites, sslConfig.algorithmConstraints);
+                sslConfig.enabledCipherSuites, algorithmConstraints);
         if (activeProtocols.isEmpty()) {
             throw new SSLHandshakeException(
                 "No appropriate protocol (protocol is disabled or " +
                 "cipher suites are inappropriate)");
         }

@@ -178,16 +180,14 @@
                 maximumVersion = pv;
             }
         }
         this.maximumActiveProtocol = maximumVersion;
         this.activeCipherSuites = getActiveCipherSuites(this.activeProtocols,
-                sslConfig.enabledCipherSuites, sslConfig.algorithmConstraints);
+                sslConfig.enabledCipherSuites, algorithmConstraints);
         if (activeCipherSuites.isEmpty()) {
             throw new SSLHandshakeException("No appropriate cipher suite");
         }
-        this.algorithmConstraints =
-                new SSLAlgorithmConstraints(sslConfig.algorithmConstraints);
 
         this.handshakeConsumers = new LinkedHashMap<>();
         this.handshakeProducers = new HashMap<>();
         this.handshakeHash = conContext.inputRecord.handshakeHash;
         this.handshakeOutput = new HandshakeOutStream(conContext.outputRecord);

@@ -206,20 +206,21 @@
     }
 
     /**
      * Constructor for PostHandshakeContext
      */
-    HandshakeContext(TransportContext conContext) {
+    protected HandshakeContext(TransportContext conContext) {
         this.sslContext = conContext.sslContext;
         this.conContext = conContext;
         this.sslConfig = conContext.sslConfig;
 
         this.negotiatedProtocol = conContext.protocolVersion;
         this.negotiatedCipherSuite = conContext.cipherSuite;
         this.handshakeOutput = new HandshakeOutStream(conContext.outputRecord);
         this.delegatedActions = new LinkedList<>();
 
+        this.handshakeConsumers = new LinkedHashMap<>();
         this.handshakeProducers = null;
         this.handshakeHash = null;
         this.activeProtocols = null;
         this.activeCipherSuites = null;
         this.algorithmConstraints = null;

< prev index next >