jdk11 Udiff src/java.base/share/classes/sun/security/ssl/PostHandshakeContext.java

src/java.base/share/classes/sun/security/ssl/PostHandshakeContext.java

rev 52896 : 8229733: TLS message handling improvements
Summary: Includes changes to TransportContext from JDK-8211018
Reviewed-by: andrew

@@ -28,33 +28,40 @@
 import java.io.IOException;
 import java.nio.BufferOverflowException;
 import java.nio.BufferUnderflowException;
 import java.nio.ByteBuffer;
 import java.util.ArrayList;
-import java.util.LinkedHashMap;
-import java.util.Map;
 
 /**
  * A compact implementation of HandshakeContext for post-handshake messages
  */
 final class PostHandshakeContext extends HandshakeContext {
-    private final static Map<Byte, SSLConsumer> consumers = Map.of(
-        SSLHandshake.KEY_UPDATE.id, SSLHandshake.KEY_UPDATE,
-        SSLHandshake.NEW_SESSION_TICKET.id, SSLHandshake.NEW_SESSION_TICKET);
-
     PostHandshakeContext(TransportContext context) throws IOException {
         super(context);
 
         if (!negotiatedProtocol.useTLS13PlusSpec()) {
             throw conContext.fatal(Alert.UNEXPECTED_MESSAGE,
                 "Post-handshake not supported in " + negotiatedProtocol.name);
         }
 
-        this.localSupportedSignAlgs = new ArrayList<SignatureScheme>(
+        this.localSupportedSignAlgs = new ArrayList<>(
             context.conSession.getLocalSupportedSignatureSchemes());
 
-        handshakeConsumers = new LinkedHashMap<>(consumers);
+        // Add the potential post-handshake consumers.
+        if (context.sslConfig.isClientMode) {
+            handshakeConsumers.putIfAbsent(
+                    SSLHandshake.KEY_UPDATE.id,
+                    SSLHandshake.KEY_UPDATE);
+            handshakeConsumers.putIfAbsent(
+                    SSLHandshake.NEW_SESSION_TICKET.id,
+                    SSLHandshake.NEW_SESSION_TICKET);
+        } else {
+            handshakeConsumers.putIfAbsent(
+                    SSLHandshake.KEY_UPDATE.id,
+                    SSLHandshake.KEY_UPDATE);
+        }
+
         handshakeFinished = true;
     }
 
     @Override
     void kickstart() throws IOException {

@@ -80,6 +87,23 @@
             throw conContext.fatal(Alert.DECODE_ERROR,
                     "Illegal handshake message: " +
                     SSLHandshake.nameOf(handshakeType), be);
         }
     }
+
+    static boolean isConsumable(TransportContext context, byte handshakeType) {
+        if (handshakeType == SSLHandshake.KEY_UPDATE.id) {
+            // The KeyUpdate handshake message does not apply to TLS 1.2 and
+            // previous protocols.
+            return context.protocolVersion.useTLS13PlusSpec();
+        }
+
+        if (handshakeType == SSLHandshake.NEW_SESSION_TICKET.id) {
+            // The new session ticket handshake message could be consumer in
+            // client side only.
+            return context.sslConfig.isClientMode;
+        }
+
+        // No more post-handshake message supported currently.
+        return false;
+    }
 }

< prev index next >