< prev index next >

src/java.base/share/classes/sun/security/ssl/TransportContext.java

Print this page 
rev 52896 : 8229733: TLS message handling improvements
Summary: Includes changes to TransportContext from JDK-8211018
Reviewed-by: andrew
rev 52904 : 8234408: Improve TLS session handling
Reviewed-by: ascarpino, jjiang, ahgross, ssahoo, mullan, andrew


 114             SSLConfiguration sslConfig,
 115             InputRecord inputRecord, OutputRecord outputRecord) {
 116         this(sslContext, transport, (SSLConfiguration)sslConfig.clone(),
 117                 inputRecord, outputRecord, false);
 118     }
 119 
 120     private TransportContext(SSLContextImpl sslContext, SSLTransport transport,
 121             SSLConfiguration sslConfig, InputRecord inputRecord,
 122             OutputRecord outputRecord, boolean isUnsureMode) {
 123         this.transport = transport;
 124         this.sslContext = sslContext;
 125         this.inputRecord = inputRecord;
 126         this.outputRecord = outputRecord;
 127         this.sslConfig = sslConfig;
 128         if (this.sslConfig.maximumPacketSize == 0) {
 129             this.sslConfig.maximumPacketSize = outputRecord.getMaxPacketSize();
 130         }
 131         this.isUnsureMode = isUnsureMode;
 132 
 133         // initial security parameters
 134         this.conSession = SSLSessionImpl.nullSession;
 135         this.protocolVersion = this.sslConfig.maximumProtocolVersion;
 136         this.clientVerifyData = emptyByteArray;
 137         this.serverVerifyData = emptyByteArray;
 138 
 139         this.acc = AccessController.getContext();
 140         this.consumers = new HashMap<>();
 141     }
 142 
 143     // Dispatch plaintext to a specific consumer.
 144     void dispatch(Plaintext plaintext) throws IOException {
 145         if (plaintext == null) {
 146             return;
 147         }
 148 
 149         ContentType ct = ContentType.valueOf(plaintext.contentType);
 150         if (ct == null) {
 151             throw fatal(Alert.UNEXPECTED_MESSAGE,
 152                 "Unknown content type: " + plaintext.contentType);
 153         }
 154 
 155         switch (ct) {
 156             case HANDSHAKE:
 157                 byte type = HandshakeContext.getHandshakeType(this,
 158                         plaintext);
 159                 if (handshakeContext == null) {
 160                     if (type == SSLHandshake.KEY_UPDATE.id ||
 161                             type == SSLHandshake.NEW_SESSION_TICKET.id) {
 162                         if (isNegotiated &&
 163                                 protocolVersion.useTLS13PlusSpec()) {
 164                             handshakeContext = new PostHandshakeContext(this);
 165                         } else {




 166                             throw fatal(Alert.UNEXPECTED_MESSAGE,
 167                                     "Unexpected post-handshake message: " +
 168                                     SSLHandshake.nameOf(type));
 169                         }


 170                     } else {
 171                         handshakeContext = sslConfig.isClientMode ?
 172                                 new ClientHandshakeContext(sslContext, this) :
 173                                 new ServerHandshakeContext(sslContext, this);
 174                         outputRecord.initHandshaker();
 175                     }
 176                 }
 177                 handshakeContext.dispatch(type, plaintext);
 178                 break;
 179             case ALERT:
 180                 Alert.alertConsumer.consume(this, plaintext.fragment);
 181                 break;
 182             default:
 183                 SSLConsumer consumer = consumers.get(plaintext.contentType);
 184                 if (consumer != null) {
 185                     consumer.consume(this, plaintext.fragment);
 186                 } else {
 187                     throw fatal(Alert.UNEXPECTED_MESSAGE,
 188                         "Unexpected content: " + plaintext.contentType);
 189                 }




 114             SSLConfiguration sslConfig,
 115             InputRecord inputRecord, OutputRecord outputRecord) {
 116         this(sslContext, transport, (SSLConfiguration)sslConfig.clone(),
 117                 inputRecord, outputRecord, false);
 118     }
 119 
 120     private TransportContext(SSLContextImpl sslContext, SSLTransport transport,
 121             SSLConfiguration sslConfig, InputRecord inputRecord,
 122             OutputRecord outputRecord, boolean isUnsureMode) {
 123         this.transport = transport;
 124         this.sslContext = sslContext;
 125         this.inputRecord = inputRecord;
 126         this.outputRecord = outputRecord;
 127         this.sslConfig = sslConfig;
 128         if (this.sslConfig.maximumPacketSize == 0) {
 129             this.sslConfig.maximumPacketSize = outputRecord.getMaxPacketSize();
 130         }
 131         this.isUnsureMode = isUnsureMode;
 132 
 133         // initial security parameters
 134         this.conSession = new SSLSessionImpl();
 135         this.protocolVersion = this.sslConfig.maximumProtocolVersion;
 136         this.clientVerifyData = emptyByteArray;
 137         this.serverVerifyData = emptyByteArray;
 138 
 139         this.acc = AccessController.getContext();
 140         this.consumers = new HashMap<>();
 141     }
 142 
 143     // Dispatch plaintext to a specific consumer.
 144     void dispatch(Plaintext plaintext) throws IOException {
 145         if (plaintext == null) {
 146             return;
 147         }
 148 
 149         ContentType ct = ContentType.valueOf(plaintext.contentType);
 150         if (ct == null) {
 151             throw fatal(Alert.UNEXPECTED_MESSAGE,
 152                 "Unknown content type: " + plaintext.contentType);
 153         }
 154 
 155         switch (ct) {
 156             case HANDSHAKE:
 157                 byte type = HandshakeContext.getHandshakeType(this,
 158                         plaintext);
 159                 if (handshakeContext == null) {
 160                     if (type == SSLHandshake.KEY_UPDATE.id ||
 161                             type == SSLHandshake.NEW_SESSION_TICKET.id) {
 162                         if (!isNegotiated) {
 163                             throw fatal(Alert.UNEXPECTED_MESSAGE,
 164                                     "Unexpected unnegotiated post-handshake" +
 165                                             " message: " +
 166                                             SSLHandshake.nameOf(type));
 167                         }
 168 
 169                         if (!PostHandshakeContext.isConsumable(this, type)) {
 170                             throw fatal(Alert.UNEXPECTED_MESSAGE,
 171                                     "Unexpected post-handshake message: " +
 172                                     SSLHandshake.nameOf(type));
 173                         }
 174 
 175                         handshakeContext = new PostHandshakeContext(this);
 176                     } else {
 177                         handshakeContext = sslConfig.isClientMode ?
 178                                 new ClientHandshakeContext(sslContext, this) :
 179                                 new ServerHandshakeContext(sslContext, this);
 180                         outputRecord.initHandshaker();
 181                     }
 182                 }
 183                 handshakeContext.dispatch(type, plaintext);
 184                 break;
 185             case ALERT:
 186                 Alert.alertConsumer.consume(this, plaintext.fragment);
 187                 break;
 188             default:
 189                 SSLConsumer consumer = consumers.get(plaintext.contentType);
 190                 if (consumer != null) {
 191                     consumer.consume(this, plaintext.fragment);
 192                 } else {
 193                     throw fatal(Alert.UNEXPECTED_MESSAGE,
 194                         "Unexpected content: " + plaintext.contentType);
 195                 }
< prev index next >