< prev index next >
src/java.base/share/classes/sun/security/ssl/TransportContext.java
Print this page
rev 52896 : 8229733: TLS message handling improvements
Summary: Includes changes to TransportContext from JDK-8211018
Reviewed-by: andrew
rev 52904 : 8234408: Improve TLS session handling
Reviewed-by: ascarpino, jjiang, ahgross, ssahoo, mullan, andrew
@@ -129,11 +129,11 @@
this.sslConfig.maximumPacketSize = outputRecord.getMaxPacketSize();
}
this.isUnsureMode = isUnsureMode;
// initial security parameters
- this.conSession = SSLSessionImpl.nullSession;
+ this.conSession = new SSLSessionImpl();
this.protocolVersion = this.sslConfig.maximumProtocolVersion;
this.clientVerifyData = emptyByteArray;
this.serverVerifyData = emptyByteArray;
this.acc = AccessController.getContext();
@@ -157,18 +157,24 @@
byte type = HandshakeContext.getHandshakeType(this,
plaintext);
if (handshakeContext == null) {
if (type == SSLHandshake.KEY_UPDATE.id ||
type == SSLHandshake.NEW_SESSION_TICKET.id) {
- if (isNegotiated &&
- protocolVersion.useTLS13PlusSpec()) {
- handshakeContext = new PostHandshakeContext(this);
- } else {
+ if (!isNegotiated) {
+ throw fatal(Alert.UNEXPECTED_MESSAGE,
+ "Unexpected unnegotiated post-handshake" +
+ " message: " +
+ SSLHandshake.nameOf(type));
+ }
+
+ if (!PostHandshakeContext.isConsumable(this, type)) {
throw fatal(Alert.UNEXPECTED_MESSAGE,
"Unexpected post-handshake message: " +
SSLHandshake.nameOf(type));
}
+
+ handshakeContext = new PostHandshakeContext(this);
} else {
handshakeContext = sslConfig.isClientMode ?
new ClientHandshakeContext(sslContext, this) :
new ServerHandshakeContext(sslContext, this);
outputRecord.initHandshaker();
< prev index next >