jdk-sandbox: src/java.base/share/classes/sun/security/ssl/SSLSocketImpl.java@2b4ae319412b (annotated)

2 90ce3da70b43 Initial load duke parents: diff changeset	1	/*
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	2	* Copyright (c) 1996, 2018, Oracle and/or its affiliates. All rights reserved.
2 90ce3da70b43 Initial load duke parents: diff changeset	3	* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
90ce3da70b43 Initial load duke parents: diff changeset	4	*
90ce3da70b43 Initial load duke parents: diff changeset	5	* This code is free software; you can redistribute it and/or modify it
90ce3da70b43 Initial load duke parents: diff changeset	6	* under the terms of the GNU General Public License version 2 only, as
5506 202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 5195 diff changeset	7	* published by the Free Software Foundation. Oracle designates this
2 90ce3da70b43 Initial load duke parents: diff changeset	8	* particular file as subject to the "Classpath" exception as provided
5506 202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 5195 diff changeset	9	* by Oracle in the LICENSE file that accompanied this code.
2 90ce3da70b43 Initial load duke parents: diff changeset	10	*
90ce3da70b43 Initial load duke parents: diff changeset	11	* This code is distributed in the hope that it will be useful, but WITHOUT
90ce3da70b43 Initial load duke parents: diff changeset	12	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
90ce3da70b43 Initial load duke parents: diff changeset	13	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
90ce3da70b43 Initial load duke parents: diff changeset	14	* version 2 for more details (a copy is included in the LICENSE file that
90ce3da70b43 Initial load duke parents: diff changeset	15	* accompanied this code).
90ce3da70b43 Initial load duke parents: diff changeset	16	*
90ce3da70b43 Initial load duke parents: diff changeset	17	* You should have received a copy of the GNU General Public License version
90ce3da70b43 Initial load duke parents: diff changeset	18	* 2 along with this work; if not, write to the Free Software Foundation,
90ce3da70b43 Initial load duke parents: diff changeset	19	* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
90ce3da70b43 Initial load duke parents: diff changeset	20	*
5506 202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 5195 diff changeset	21	* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 5195 diff changeset	22	* or visit www.oracle.com if you need additional information or have any
202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 5195 diff changeset	23	* questions.
2 90ce3da70b43 Initial load duke parents: diff changeset	24	*/
90ce3da70b43 Initial load duke parents: diff changeset	25
90ce3da70b43 Initial load duke parents: diff changeset	26	package sun.security.ssl;
90ce3da70b43 Initial load duke parents: diff changeset	27
56712 bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	28	import java.io.EOFException;
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	29	import java.io.IOException;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	30	import java.io.InputStream;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	31	import java.io.InterruptedIOException;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	32	import java.io.OutputStream;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	33	import java.net.InetAddress;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	34	import java.net.InetSocketAddress;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	35	import java.net.Socket;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	36	import java.net.SocketAddress;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	37	import java.net.SocketException;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	38	import java.net.UnknownHostException;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	39	import java.nio.ByteBuffer;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	40	import java.util.List;
42706 796cf076d69b 8170282: Enable ALPN parameters to be supplied during the TLS handshake vinnie parents: 38865 diff changeset	41	import java.util.function.BiFunction;
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	42	import javax.net.ssl.HandshakeCompletedListener;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	43	import javax.net.ssl.SSLException;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	44	import javax.net.ssl.SSLHandshakeException;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	45	import javax.net.ssl.SSLParameters;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	46	import javax.net.ssl.SSLProtocolException;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	47	import javax.net.ssl.SSLServerSocket;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	48	import javax.net.ssl.SSLSession;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	49	import javax.net.ssl.SSLSocket;
32834 e1dca5fe4de3 8137056: Move SharedSecrets and interface friends out of sun.misc chegar parents: 32649 diff changeset	50	import jdk.internal.misc.JavaNetInetAddressAccess;
e1dca5fe4de3 8137056: Move SharedSecrets and interface friends out of sun.misc chegar parents: 32649 diff changeset	51	import jdk.internal.misc.SharedSecrets;
31687 d6eb4f028c60 8067694: Improved certification checking xuelei parents: 30904 diff changeset	52
2 90ce3da70b43 Initial load duke parents: diff changeset	53	/**
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	54	* Implementation of an SSL socket.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	55	* <P>
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	56	* This is a normal connection type socket, implementing SSL over some lower
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	57	* level socket, such as TCP. Because it is layered over some lower level
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	58	* socket, it MUST override all default socket methods.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	59	* <P>
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	60	* This API offers a non-traditional option for establishing SSL
2 90ce3da70b43 Initial load duke parents: diff changeset	61	* connections. You may first establish the connection directly, then pass
90ce3da70b43 Initial load duke parents: diff changeset	62	* that connection to the SSL socket constructor with a flag saying which
90ce3da70b43 Initial load duke parents: diff changeset	63	* role should be taken in the handshake protocol. (The two ends of the
90ce3da70b43 Initial load duke parents: diff changeset	64	* connection must not choose the same role!) This allows setup of SSL
90ce3da70b43 Initial load duke parents: diff changeset	65	* proxying or tunneling, and also allows the kind of "role reversal"
90ce3da70b43 Initial load duke parents: diff changeset	66	* that is required for most FTP data transfers.
90ce3da70b43 Initial load duke parents: diff changeset	67	*
90ce3da70b43 Initial load duke parents: diff changeset	68	* @see javax.net.ssl.SSLSocket
90ce3da70b43 Initial load duke parents: diff changeset	69	* @see SSLServerSocket
90ce3da70b43 Initial load duke parents: diff changeset	70	*
90ce3da70b43 Initial load duke parents: diff changeset	71	* @author David Brownell
90ce3da70b43 Initial load duke parents: diff changeset	72	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	73	public final class SSLSocketImpl
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	74	extends BaseSSLSocketImpl implements SSLTransport {
2 90ce3da70b43 Initial load duke parents: diff changeset	75
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	76	final SSLContextImpl sslContext;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	77	final TransportContext conContext;
34380 2b2609379881 8144093: JEP 244/8051498 - TLS Application-Layer Protocol Negotiation Extension vinnie parents: 32834 diff changeset	78
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	79	private final AppInputStream appInput = new AppInputStream();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	80	private final AppOutputStream appOutput = new AppOutputStream();
2 90ce3da70b43 Initial load duke parents: diff changeset	81
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	82	private String peerHost;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	83	private boolean autoClose;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	84	private boolean isConnected = false;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	85	private boolean tlsIsClosed = false;
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 29923 diff changeset	86
31687 d6eb4f028c60 8067694: Improved certification checking xuelei parents: 30904 diff changeset	87	/*
d6eb4f028c60 8067694: Improved certification checking xuelei parents: 30904 diff changeset	88	* Is the local name service trustworthy?
d6eb4f028c60 8067694: Improved certification checking xuelei parents: 30904 diff changeset	89	*
d6eb4f028c60 8067694: Improved certification checking xuelei parents: 30904 diff changeset	90	* If the local name service is not trustworthy, reverse host name
d6eb4f028c60 8067694: Improved certification checking xuelei parents: 30904 diff changeset	91	* resolution should not be performed for endpoint identification.
d6eb4f028c60 8067694: Improved certification checking xuelei parents: 30904 diff changeset	92	*/
56718 da9979451b7a Code clean up for CipherSuite, etc xuelei parents: 56712 diff changeset	93	private static final boolean trustNameService =
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	94	Utilities.getBooleanProperty("jdk.tls.trustNameService", false);
31687 d6eb4f028c60 8067694: Improved certification checking xuelei parents: 30904 diff changeset	95
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	96	/**
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	97	* Package-private constructor used to instantiate an unconnected
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	98	* socket.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	99	*
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	100	* This instance is meant to set handshake state to use "client mode".
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	101	*/
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	102	SSLSocketImpl(SSLContextImpl sslContext) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	103	super();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	104	this.sslContext = sslContext;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	105	HandshakeHash handshakeHash = new HandshakeHash();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	106	this.conContext = new TransportContext(sslContext, this,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	107	new SSLSocketInputRecord(handshakeHash),
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	108	new SSLSocketOutputRecord(handshakeHash), true);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	109	}
2 90ce3da70b43 Initial load duke parents: diff changeset	110
90ce3da70b43 Initial load duke parents: diff changeset	111	/**
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	112	* Package-private constructor used to instantiate a server socket.
2 90ce3da70b43 Initial load duke parents: diff changeset	113	*
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	114	* This instance is meant to set handshake state to use "server mode".
2 90ce3da70b43 Initial load duke parents: diff changeset	115	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	116	SSLSocketImpl(SSLContextImpl sslContext, SSLConfiguration sslConfig) {
2 90ce3da70b43 Initial load duke parents: diff changeset	117	super();
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	118	this.sslContext = sslContext;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	119	HandshakeHash handshakeHash = new HandshakeHash();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	120	this.conContext = new TransportContext(sslContext, this, sslConfig,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	121	new SSLSocketInputRecord(handshakeHash),
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	122	new SSLSocketOutputRecord(handshakeHash));
2 90ce3da70b43 Initial load duke parents: diff changeset	123	}
90ce3da70b43 Initial load duke parents: diff changeset	124
90ce3da70b43 Initial load duke parents: diff changeset	125	/**
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	126	* Constructs an SSL connection to a named host at a specified
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	127	* port, using the authentication context provided.
2 90ce3da70b43 Initial load duke parents: diff changeset	128	*
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	129	* This endpoint acts as the client, and may rejoin an existing SSL session
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	130	* if appropriate.
2 90ce3da70b43 Initial load duke parents: diff changeset	131	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	132	SSLSocketImpl(SSLContextImpl sslContext, String peerHost,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	133	int peerPort) throws IOException, UnknownHostException {
2 90ce3da70b43 Initial load duke parents: diff changeset	134	super();
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	135	this.sslContext = sslContext;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	136	HandshakeHash handshakeHash = new HandshakeHash();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	137	this.conContext = new TransportContext(sslContext, this,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	138	new SSLSocketInputRecord(handshakeHash),
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	139	new SSLSocketOutputRecord(handshakeHash), true);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	140	this.peerHost = peerHost;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	141	SocketAddress socketAddress =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	142	peerHost != null ? new InetSocketAddress(peerHost, peerPort) :
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	143	new InetSocketAddress(InetAddress.getByName(null), peerPort);
2 90ce3da70b43 Initial load duke parents: diff changeset	144	connect(socketAddress, 0);
90ce3da70b43 Initial load duke parents: diff changeset	145	}
90ce3da70b43 Initial load duke parents: diff changeset	146
90ce3da70b43 Initial load duke parents: diff changeset	147	/**
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	148	* Constructs an SSL connection to a server at a specified
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	149	* address, and TCP port, using the authentication context
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	150	* provided.
2 90ce3da70b43 Initial load duke parents: diff changeset	151	*
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	152	* This endpoint acts as the client, and may rejoin an existing SSL
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	153	* session if appropriate.
2 90ce3da70b43 Initial load duke parents: diff changeset	154	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	155	SSLSocketImpl(SSLContextImpl sslContext,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	156	InetAddress address, int peerPort) throws IOException {
2 90ce3da70b43 Initial load duke parents: diff changeset	157	super();
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	158	this.sslContext = sslContext;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	159	HandshakeHash handshakeHash = new HandshakeHash();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	160	this.conContext = new TransportContext(sslContext, this,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	161	new SSLSocketInputRecord(handshakeHash),
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	162	new SSLSocketOutputRecord(handshakeHash), true);
2 90ce3da70b43 Initial load duke parents: diff changeset	163
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	164	SocketAddress socketAddress = new InetSocketAddress(address, peerPort);
2 90ce3da70b43 Initial load duke parents: diff changeset	165	connect(socketAddress, 0);
90ce3da70b43 Initial load duke parents: diff changeset	166	}
90ce3da70b43 Initial load duke parents: diff changeset	167
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	168	/**
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	169	* Constructs an SSL connection to a named host at a specified
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	170	* port, using the authentication context provided.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	171	*
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	172	* This endpoint acts as the client, and may rejoin an existing SSL
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	173	* session if appropriate.
2 90ce3da70b43 Initial load duke parents: diff changeset	174	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	175	SSLSocketImpl(SSLContextImpl sslContext,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	176	String peerHost, int peerPort, InetAddress localAddr,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	177	int localPort) throws IOException, UnknownHostException {
2 90ce3da70b43 Initial load duke parents: diff changeset	178	super();
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	179	this.sslContext = sslContext;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	180	HandshakeHash handshakeHash = new HandshakeHash();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	181	this.conContext = new TransportContext(sslContext, this,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	182	new SSLSocketInputRecord(handshakeHash),
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	183	new SSLSocketOutputRecord(handshakeHash), true);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	184	this.peerHost = peerHost;
2 90ce3da70b43 Initial load duke parents: diff changeset	185
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	186	bind(new InetSocketAddress(localAddr, localPort));
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	187	SocketAddress socketAddress =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	188	peerHost != null ? new InetSocketAddress(peerHost, peerPort) :
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	189	new InetSocketAddress(InetAddress.getByName(null), peerPort);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	190	connect(socketAddress, 0);
2 90ce3da70b43 Initial load duke parents: diff changeset	191	}
90ce3da70b43 Initial load duke parents: diff changeset	192
90ce3da70b43 Initial load duke parents: diff changeset	193	/**
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	194	* Constructs an SSL connection to a server at a specified
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	195	* address, and TCP port, using the authentication context
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	196	* provided.
2 90ce3da70b43 Initial load duke parents: diff changeset	197	*
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	198	* This endpoint acts as the client, and may rejoin an existing SSL
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	199	* session if appropriate.
2 90ce3da70b43 Initial load duke parents: diff changeset	200	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	201	SSLSocketImpl(SSLContextImpl sslContext,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	202	InetAddress peerAddr, int peerPort,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	203	InetAddress localAddr, int localPort) throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	204	super();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	205	this.sslContext = sslContext;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	206	HandshakeHash handshakeHash = new HandshakeHash();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	207	this.conContext = new TransportContext(sslContext, this,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	208	new SSLSocketInputRecord(handshakeHash),
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	209	new SSLSocketOutputRecord(handshakeHash), true);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	210
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	211	bind(new InetSocketAddress(localAddr, localPort));
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	212	SocketAddress socketAddress = new InetSocketAddress(peerAddr, peerPort);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	213	connect(socketAddress, 0);
2 90ce3da70b43 Initial load duke parents: diff changeset	214	}
90ce3da70b43 Initial load duke parents: diff changeset	215
90ce3da70b43 Initial load duke parents: diff changeset	216	/**
14194 971f46db533d 7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server xuelei parents: 13815 diff changeset	217	* Creates a server mode {@link Socket} layered over an
971f46db533d 7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server xuelei parents: 13815 diff changeset	218	* existing connected socket, and is able to read data which has
971f46db533d 7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server xuelei parents: 13815 diff changeset	219	* already been consumed/removed from the {@link Socket}'s
971f46db533d 7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server xuelei parents: 13815 diff changeset	220	* underlying {@link InputStream}.
971f46db533d 7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server xuelei parents: 13815 diff changeset	221	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	222	SSLSocketImpl(SSLContextImpl sslContext, Socket sock,
14194 971f46db533d 7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server xuelei parents: 13815 diff changeset	223	InputStream consumed, boolean autoClose) throws IOException {
971f46db533d 7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server xuelei parents: 13815 diff changeset	224	super(sock, consumed);
971f46db533d 7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server xuelei parents: 13815 diff changeset	225	// We always layer over a connected socket
971f46db533d 7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server xuelei parents: 13815 diff changeset	226	if (!sock.isConnected()) {
971f46db533d 7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server xuelei parents: 13815 diff changeset	227	throw new SocketException("Underlying socket is not connected");
971f46db533d 7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server xuelei parents: 13815 diff changeset	228	}
971f46db533d 7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server xuelei parents: 13815 diff changeset	229
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	230	this.sslContext = sslContext;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	231	HandshakeHash handshakeHash = new HandshakeHash();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	232	this.conContext = new TransportContext(sslContext, this,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	233	new SSLSocketInputRecord(handshakeHash),
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	234	new SSLSocketOutputRecord(handshakeHash), false);
14194 971f46db533d 7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server xuelei parents: 13815 diff changeset	235	this.autoClose = autoClose;
971f46db533d 7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server xuelei parents: 13815 diff changeset	236	doneConnect();
971f46db533d 7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server xuelei parents: 13815 diff changeset	237	}
971f46db533d 7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server xuelei parents: 13815 diff changeset	238
971f46db533d 7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server xuelei parents: 13815 diff changeset	239	/**
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	240	* Layer SSL traffic over an existing connection, rather than
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	241	* creating a new connection.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	242	*
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	243	* The existing connection may be used only for SSL traffic (using this
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	244	* SSLSocket) until the SSLSocket.close() call returns. However, if a
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	245	* protocol error is detected, that existing connection is automatically
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	246	* closed.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	247	* <p>
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	248	* This particular constructor always uses the socket in the
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	249	* role of an SSL client. It may be useful in cases which start
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	250	* using SSL after some initial data transfers, for example in some
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	251	* SSL tunneling applications or as part of some kinds of application
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	252	* protocols which negotiate use of a SSL based security.
2 90ce3da70b43 Initial load duke parents: diff changeset	253	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	254	SSLSocketImpl(SSLContextImpl sslContext, Socket sock,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	255	String peerHost, int port, boolean autoClose) throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	256	super(sock);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	257	// We always layer over a connected socket
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	258	if (!sock.isConnected()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	259	throw new SocketException("Underlying socket is not connected");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	260	}
2 90ce3da70b43 Initial load duke parents: diff changeset	261
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	262	this.sslContext = sslContext;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	263	HandshakeHash handshakeHash = new HandshakeHash();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	264	this.conContext = new TransportContext(sslContext, this,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	265	new SSLSocketInputRecord(handshakeHash),
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	266	new SSLSocketOutputRecord(handshakeHash), true);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	267	this.peerHost = peerHost;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	268	this.autoClose = autoClose;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	269	doneConnect();
2 90ce3da70b43 Initial load duke parents: diff changeset	270	}
90ce3da70b43 Initial load duke parents: diff changeset	271
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	272	@Override
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	273	public void connect(SocketAddress endpoint,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	274	int timeout) throws IOException {
2 90ce3da70b43 Initial load duke parents: diff changeset	275
14194 971f46db533d 7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server xuelei parents: 13815 diff changeset	276	if (isLayered()) {
2 90ce3da70b43 Initial load duke parents: diff changeset	277	throw new SocketException("Already connected");
90ce3da70b43 Initial load duke parents: diff changeset	278	}
90ce3da70b43 Initial load duke parents: diff changeset	279
90ce3da70b43 Initial load duke parents: diff changeset	280	if (!(endpoint instanceof InetSocketAddress)) {
90ce3da70b43 Initial load duke parents: diff changeset	281	throw new SocketException(
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	282	"Cannot handle non-Inet socket addresses.");
2 90ce3da70b43 Initial load duke parents: diff changeset	283	}
90ce3da70b43 Initial load duke parents: diff changeset	284
90ce3da70b43 Initial load duke parents: diff changeset	285	super.connect(endpoint, timeout);
90ce3da70b43 Initial load duke parents: diff changeset	286	doneConnect();
90ce3da70b43 Initial load duke parents: diff changeset	287	}
90ce3da70b43 Initial load duke parents: diff changeset	288
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	289	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	290	public String[] getSupportedCipherSuites() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	291	return CipherSuite.namesOf(sslContext.getSupportedCipherSuites());
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	292	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	293
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	294	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	295	public synchronized String[] getEnabledCipherSuites() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	296	return CipherSuite.namesOf(conContext.sslConfig.enabledCipherSuites);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	297	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	298
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	299	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	300	public synchronized void setEnabledCipherSuites(String[] suites) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	301	conContext.sslConfig.enabledCipherSuites =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	302	CipherSuite.validValuesOf(suites);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	303	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	304
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	305	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	306	public String[] getSupportedProtocols() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	307	return ProtocolVersion.toStringArray(
56611 f8f7e604e1f8 added jdk.tls.server.protocols ascarpino parents: 56594 diff changeset	308	sslContext.getSupportedProtocolVersions());
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	309	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	310
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	311	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	312	public synchronized String[] getEnabledProtocols() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	313	return ProtocolVersion.toStringArray(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	314	conContext.sslConfig.enabledProtocols);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	315	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	316
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	317	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	318	public synchronized void setEnabledProtocols(String[] protocols) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	319	if (protocols == null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	320	throw new IllegalArgumentException("Protocols cannot be null");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	321	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	322
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	323	conContext.sslConfig.enabledProtocols =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	324	ProtocolVersion.namesOf(protocols);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	325	}
2 90ce3da70b43 Initial load duke parents: diff changeset	326
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	327	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	328	public synchronized SSLSession getSession() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	329	try {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	330	// start handshaking, if failed, the connection will be closed.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	331	ensureNegotiated();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	332	} catch (IOException ioe) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	333	if (SSLLogger.isOn && SSLLogger.isOn("handshake")) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	334	SSLLogger.severe("handshake failed", ioe);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	335	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	336
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	337	return SSLSessionImpl.nullSession;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	338	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	339
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	340	return conContext.conSession;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	341	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	342
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	343	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	344	public synchronized SSLSession getHandshakeSession() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	345	if (conContext.handshakeContext != null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	346	return conContext.handshakeContext.handshakeSession;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	347	}
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 29923 diff changeset	348
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	349	return null;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	350	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	351
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	352	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	353	public synchronized void addHandshakeCompletedListener(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	354	HandshakeCompletedListener listener) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	355	if (listener == null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	356	throw new IllegalArgumentException("listener is null");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	357	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	358
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	359	conContext.sslConfig.addHandshakeCompletedListener(listener);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	360	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	361
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	362	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	363	public synchronized void removeHandshakeCompletedListener(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	364	HandshakeCompletedListener listener) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	365	if (listener == null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	366	throw new IllegalArgumentException("listener is null");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	367	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	368
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	369	conContext.sslConfig.removeHandshakeCompletedListener(listener);
2 90ce3da70b43 Initial load duke parents: diff changeset	370	}
90ce3da70b43 Initial load duke parents: diff changeset	371
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	372	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	373	public synchronized void startHandshake() throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	374	checkWrite();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	375	try {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	376	conContext.kickstart();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	377
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	378	// All initial handshaking goes through this operation until we
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	379	// have a valid SSL connection.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	380	//
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	381	// Handle handshake messages only, need no application data.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	382	if (!conContext.isNegotiated) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	383	readRecord();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	384	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	385	} catch (IOException ioe) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	386	conContext.fatal(Alert.HANDSHAKE_FAILURE,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	387	"Couldn't kickstart handshaking", ioe);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	388	} catch (Exception oe) { // including RuntimeException
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	389	handleException(oe);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	390	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	391	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	392
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	393	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	394	public synchronized void setUseClientMode(boolean mode) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	395	conContext.setUseClientMode(mode);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	396	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	397
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	398	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	399	public synchronized boolean getUseClientMode() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	400	return conContext.sslConfig.isClientMode;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	401	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	402
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	403	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	404	public synchronized void setNeedClientAuth(boolean need) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	405	conContext.sslConfig.clientAuthType =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	406	(need ? ClientAuthType.CLIENT_AUTH_REQUIRED :
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	407	ClientAuthType.CLIENT_AUTH_NONE);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	408	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	409
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	410	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	411	public synchronized boolean getNeedClientAuth() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	412	return (conContext.sslConfig.clientAuthType ==
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	413	ClientAuthType.CLIENT_AUTH_REQUIRED);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	414	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	415
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	416	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	417	public synchronized void setWantClientAuth(boolean want) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	418	conContext.sslConfig.clientAuthType =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	419	(want ? ClientAuthType.CLIENT_AUTH_REQUESTED :
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	420	ClientAuthType.CLIENT_AUTH_NONE);
2 90ce3da70b43 Initial load duke parents: diff changeset	421	}
90ce3da70b43 Initial load duke parents: diff changeset	422
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	423	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	424	public synchronized boolean getWantClientAuth() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	425	return (conContext.sslConfig.clientAuthType ==
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	426	ClientAuthType.CLIENT_AUTH_REQUESTED);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	427	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	428
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	429	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	430	public synchronized void setEnableSessionCreation(boolean flag) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	431	conContext.sslConfig.enableSessionCreation = flag;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	432	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	433
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	434	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	435	public synchronized boolean getEnableSessionCreation() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	436	return conContext.sslConfig.enableSessionCreation;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	437	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	438
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	439	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	440	public synchronized boolean isClosed() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	441	return tlsIsClosed && conContext.isClosed();
2 90ce3da70b43 Initial load duke parents: diff changeset	442	}
90ce3da70b43 Initial load duke parents: diff changeset	443
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	444	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	445	public synchronized void close() throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	446	try {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	447	conContext.close();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	448	} catch (IOException ioe) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	449	// ignore the exception
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	450	if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	451	SSLLogger.warning("connection context closure failed", ioe);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	452	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	453	} finally {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	454	tlsIsClosed = true;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	455	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	456	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	457
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	458	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	459	public synchronized InputStream getInputStream() throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	460	if (isClosed() \|\| conContext.isInboundDone()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	461	throw new SocketException("Socket or inbound is closed");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	462	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	463
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	464	if (!isConnected) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	465	throw new SocketException("Socket is not connected");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	466	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	467
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	468	return appInput;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	469	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	470
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	471	private synchronized void ensureNegotiated() throws IOException {
56594 99e0f3f3f0e4 close issues introduced in TLS 1.3 implementation xuelei parents: 56571 diff changeset	472	if (conContext.isNegotiated \|\|
99e0f3f3f0e4 close issues introduced in TLS 1.3 implementation xuelei parents: 56571 diff changeset	473	conContext.isClosed() \|\| conContext.isBroken) {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	474	return;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	475	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	476
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	477	startHandshake();
2 90ce3da70b43 Initial load duke parents: diff changeset	478	}
90ce3da70b43 Initial load duke parents: diff changeset	479
56718 da9979451b7a Code clean up for CipherSuite, etc xuelei parents: 56712 diff changeset	480	/**
da9979451b7a Code clean up for CipherSuite, etc xuelei parents: 56712 diff changeset	481	* InputStream for application data as returned by
da9979451b7a Code clean up for CipherSuite, etc xuelei parents: 56712 diff changeset	482	* SSLSocket.getInputStream().
da9979451b7a Code clean up for CipherSuite, etc xuelei parents: 56712 diff changeset	483	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	484	private class AppInputStream extends InputStream {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	485	// One element array used to implement the single byte read() method
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	486	private final byte[] oneByte = new byte[1];
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	487
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	488	// the temporary buffer used to read network
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	489	private ByteBuffer buffer;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	490
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	491	// Is application data available in the stream?
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	492	private boolean appDataIsAvailable;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	493
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	494	AppInputStream() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	495	this.appDataIsAvailable = false;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	496	this.buffer = ByteBuffer.allocate(4096);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	497	}
2 90ce3da70b43 Initial load duke parents: diff changeset	498
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	499	/**
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	500	* Return the minimum number of bytes that can be read
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	501	* without blocking.
2 90ce3da70b43 Initial load duke parents: diff changeset	502	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	503	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	504	public int available() throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	505	// Currently not synchronized.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	506	if ((!appDataIsAvailable) \|\| checkEOF()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	507	return 0;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	508	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	509
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	510	return buffer.remaining();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	511	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	512
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	513	/**
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	514	* Read a single byte, returning -1 on non-fault EOF status.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	515	*/
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	516	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	517	public synchronized int read() throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	518	int n = read(oneByte, 0, 1);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	519	if (n <= 0) { // EOF
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	520	return -1;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	521	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	522
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	523	return oneByte[0] & 0xFF;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	524	}
2 90ce3da70b43 Initial load duke parents: diff changeset	525
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	526	/**
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	527	* Reads up to {@code len} bytes of data from the input stream
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	528	* into an array of bytes.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	529	*
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	530	* An attempt is made to read as many as {@code len} bytes, but a
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	531	* smaller number may be read. The number of bytes actually read
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	532	* is returned as an integer.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	533	*
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	534	* If the layer above needs more data, it asks for more, so we
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	535	* are responsible only for blocking to fill at most one buffer,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	536	* and returning "-1" on non-fault EOF status.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	537	*/
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	538	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	539	public synchronized int read(byte[] b, int off, int len)
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	540	throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	541	if (b == null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	542	throw new NullPointerException("the target buffer is null");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	543	} else if (off < 0 \|\| len < 0 \|\| len > b.length - off) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	544	throw new IndexOutOfBoundsException(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	545	"buffer length: " + b.length + ", offset; " + off +
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	546	", bytes to read:" + len);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	547	} else if (len == 0) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	548	return 0;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	549	}
2 90ce3da70b43 Initial load duke parents: diff changeset	550
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	551	if (checkEOF()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	552	return -1;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	553	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	554
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	555	// start handshaking if the connection has not been negotiated.
56594 99e0f3f3f0e4 close issues introduced in TLS 1.3 implementation xuelei parents: 56571 diff changeset	556	if (!conContext.isNegotiated &&
99e0f3f3f0e4 close issues introduced in TLS 1.3 implementation xuelei parents: 56571 diff changeset	557	!conContext.isClosed() && !conContext.isBroken) {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	558	ensureNegotiated();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	559	}
2 90ce3da70b43 Initial load duke parents: diff changeset	560
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	561	// Read the available bytes at first.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	562	int remains = available();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	563	if (remains > 0) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	564	int howmany = Math.min(remains, len);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	565	buffer.get(b, off, howmany);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	566
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	567	return howmany;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	568	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	569
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	570	appDataIsAvailable = false;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	571	int volume = 0;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	572	try {
56718 da9979451b7a Code clean up for CipherSuite, etc xuelei parents: 56712 diff changeset	573	/*
da9979451b7a Code clean up for CipherSuite, etc xuelei parents: 56712 diff changeset	574	* Read data if needed ... notice that the connection
da9979451b7a Code clean up for CipherSuite, etc xuelei parents: 56712 diff changeset	575	* guarantees that handshake, alert, and change cipher spec
da9979451b7a Code clean up for CipherSuite, etc xuelei parents: 56712 diff changeset	576	* data streams are handled as they arrive, so we never
da9979451b7a Code clean up for CipherSuite, etc xuelei parents: 56712 diff changeset	577	* see them here.
da9979451b7a Code clean up for CipherSuite, etc xuelei parents: 56712 diff changeset	578	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	579	while (volume == 0) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	580	// Clear the buffer for a new record reading.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	581	buffer.clear();
2 90ce3da70b43 Initial load duke parents: diff changeset	582
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	583	// grow the buffer if needed
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	584	int inLen = conContext.inputRecord.bytesInCompletePacket();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	585	if (inLen < 0) { // EOF
56712 bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	586	handleEOF(null);
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	587
56739 ae0cd8b2e2c2 Clean up CipherSuite xuelei parents: 56718 diff changeset	588	// if no exception thrown
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	589	return -1;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	590	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	591
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	592	// Is this packet bigger than SSL/TLS normally allows?
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	593	if (inLen > SSLRecord.maxLargeRecordSize) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	594	throw new SSLProtocolException(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	595	"Illegal packet size: " + inLen);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	596	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	597
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	598	if (inLen > buffer.remaining()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	599	buffer = ByteBuffer.allocate(inLen);
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 29923 diff changeset	600	}
2 90ce3da70b43 Initial load duke parents: diff changeset	601
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	602	volume = readRecord(buffer);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	603	buffer.flip();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	604	if (volume < 0) { // EOF
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	605	// treat like receiving a close_notify warning message.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	606	conContext.isInputCloseNotified = true;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	607	conContext.closeInbound();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	608	return -1;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	609	} else if (volume > 0) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	610	appDataIsAvailable = true;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	611	break;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	612	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	613	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	614
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	615	// file the destination buffer
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	616	int howmany = Math.min(len, volume);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	617	buffer.get(b, off, howmany);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	618	return howmany;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	619	} catch (Exception e) { // including RuntimeException
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	620	// shutdown and rethrow (wrapped) exception as appropriate
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	621	handleException(e);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	622
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	623	// dummy for compiler
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	624	return -1;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	625	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	626	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	627
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	628	/**
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	629	* Skip n bytes.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	630	*
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	631	* This implementation is somewhat less efficient than possible, but
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	632	* not badly so (redundant copy). We reuse the read() code to keep
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	633	* things simpler. Note that SKIP_ARRAY is static and may garbled by
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	634	* concurrent use, but we are not interested in the data anyway.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	635	*/
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	636	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	637	public synchronized long skip(long n) throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	638	// dummy array used to implement skip()
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	639	byte[] skipArray = new byte[256];
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	640
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	641	long skipped = 0;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	642	while (n > 0) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	643	int len = (int)Math.min(n, skipArray.length);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	644	int r = read(skipArray, 0, len);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	645	if (r <= 0) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	646	break;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	647	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	648	n -= r;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	649	skipped += r;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	650	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	651
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	652	return skipped;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	653	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	654
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	655	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	656	public void close() throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	657	if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	658	SSLLogger.finest("Closing input stream");
2 90ce3da70b43 Initial load duke parents: diff changeset	659	}
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	660
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	661	conContext.closeInbound();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	662	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	663	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	664
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	665	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	666	public synchronized OutputStream getOutputStream() throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	667	if (isClosed() \|\| conContext.isOutboundDone()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	668	throw new SocketException("Socket or outbound is closed");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	669	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	670
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	671	if (!isConnected) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	672	throw new SocketException("Socket is not connected");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	673	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	674
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	675	return appOutput;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	676	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	677
56718 da9979451b7a Code clean up for CipherSuite, etc xuelei parents: 56712 diff changeset	678
da9979451b7a Code clean up for CipherSuite, etc xuelei parents: 56712 diff changeset	679	/**
da9979451b7a Code clean up for CipherSuite, etc xuelei parents: 56712 diff changeset	680	* OutputStream for application data as returned by
da9979451b7a Code clean up for CipherSuite, etc xuelei parents: 56712 diff changeset	681	* SSLSocket.getOutputStream().
da9979451b7a Code clean up for CipherSuite, etc xuelei parents: 56712 diff changeset	682	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	683	private class AppOutputStream extends OutputStream {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	684	// One element array used to implement the write(byte) method
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	685	private final byte[] oneByte = new byte[1];
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	686
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	687	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	688	public void write(int i) throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	689	oneByte[0] = (byte)i;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	690	write(oneByte, 0, 1);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	691	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	692
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	693	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	694	public synchronized void write(byte[] b,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	695	int off, int len) throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	696	if (b == null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	697	throw new NullPointerException("the source buffer is null");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	698	} else if (off < 0 \|\| len < 0 \|\| len > b.length - off) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	699	throw new IndexOutOfBoundsException(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	700	"buffer length: " + b.length + ", offset; " + off +
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	701	", bytes to read:" + len);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	702	} else if (len == 0) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	703	return;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	704	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	705
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	706	// start handshaking if the connection has not been negotiated.
56594 99e0f3f3f0e4 close issues introduced in TLS 1.3 implementation xuelei parents: 56571 diff changeset	707	if (!conContext.isNegotiated &&
99e0f3f3f0e4 close issues introduced in TLS 1.3 implementation xuelei parents: 56571 diff changeset	708	!conContext.isClosed() && !conContext.isBroken) {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	709	ensureNegotiated();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	710	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	711
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	712	// check if the Socket is invalid (error or closed)
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	713	checkWrite();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	714
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	715	// Delegate the writing to the underlying socket.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	716	try {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	717	writeRecord(b, off, len);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	718	checkWrite();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	719	} catch (IOException ioe) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	720	// shutdown and rethrow (wrapped) exception as appropriate
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	721	handleException(ioe);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	722	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	723	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	724
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	725	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	726	public void close() throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	727	if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	728	SSLLogger.finest("Closing output stream");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	729	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	730
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	731	conContext.closeOutbound();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	732	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	733	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	734
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	735	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	736	public synchronized SSLParameters getSSLParameters() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	737	return conContext.sslConfig.getSSLParameters();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	738	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	739
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	740	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	741	public synchronized void setSSLParameters(SSLParameters params) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	742	conContext.sslConfig.setSSLParameters(params);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	743
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	744	if (conContext.sslConfig.maximumPacketSize != 0) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	745	conContext.outputRecord.changePacketSize(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	746	conContext.sslConfig.maximumPacketSize);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	747	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	748	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	749
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	750	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	751	public synchronized String getApplicationProtocol() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	752	return conContext.applicationProtocol;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	753	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	754
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	755	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	756	public synchronized String getHandshakeApplicationProtocol() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	757	if (conContext.handshakeContext != null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	758	return conContext.handshakeContext.applicationProtocol;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	759	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	760
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	761	return null;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	762	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	763
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	764	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	765	public synchronized void setHandshakeApplicationProtocolSelector(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	766	BiFunction<SSLSocket, List<String>, String> selector) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	767	conContext.sslConfig.socketAPSelector = selector;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	768	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	769
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	770	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	771	public synchronized BiFunction<SSLSocket, List<String>, String>
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	772	getHandshakeApplicationProtocolSelector() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	773	return conContext.sslConfig.socketAPSelector;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	774	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	775
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	776	private synchronized void writeRecord(byte[] source,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	777	int offset, int length) throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	778	if (conContext.isOutboundDone()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	779	throw new SocketException("Socket or outbound closed");
2 90ce3da70b43 Initial load duke parents: diff changeset	780	}
90ce3da70b43 Initial load duke parents: diff changeset	781
90ce3da70b43 Initial load duke parents: diff changeset	782	//
90ce3da70b43 Initial load duke parents: diff changeset	783	// Don't bother to really write empty records. We went this
90ce3da70b43 Initial load duke parents: diff changeset	784	// far to drive the handshake machinery, for correctness; not
90ce3da70b43 Initial load duke parents: diff changeset	785	// writing empty records improves performance by cutting CPU
90ce3da70b43 Initial load duke parents: diff changeset	786	// time and network resource usage. However, some protocol
90ce3da70b43 Initial load duke parents: diff changeset	787	// implementations are fragile and don't like to see empty
90ce3da70b43 Initial load duke parents: diff changeset	788	// records, so this also increases robustness.
90ce3da70b43 Initial load duke parents: diff changeset	789	//
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 29923 diff changeset	790	if (length > 0) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 29923 diff changeset	791	try {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	792	conContext.outputRecord.deliver(source, offset, length);
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 29923 diff changeset	793	} catch (SSLHandshakeException she) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 29923 diff changeset	794	// may be record sequence number overflow
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	795	conContext.fatal(Alert.HANDSHAKE_FAILURE, she);
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 29923 diff changeset	796	} catch (IOException e) {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	797	conContext.fatal(Alert.UNEXPECTED_MESSAGE, e);
34528 279258fb670b 8141651: Deadlock in sun.security.ssl.SSLSocketImpl xuelei parents: 34380 diff changeset	798	}
2 90ce3da70b43 Initial load duke parents: diff changeset	799	}
7039 6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: 6856 diff changeset	800
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	801	// Is the sequence number is nearly overflow?
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	802	if (conContext.outputRecord.seqNumIsHuge()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	803	tryKeyUpdate();
10915 1e20964cebf3 7064341: jsse/runtime security problem xuelei parents: 9514 diff changeset	804	}
1e20964cebf3 7064341: jsse/runtime security problem xuelei parents: 9514 diff changeset	805	}
2 90ce3da70b43 Initial load duke parents: diff changeset	806
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	807	private synchronized int readRecord() throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	808	while (!conContext.isInboundDone()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	809	try {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	810	Plaintext plainText = decode(null);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	811	if ((plainText.contentType == ContentType.HANDSHAKE.id) &&
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	812	conContext.isNegotiated) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	813	return 0;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	814	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	815	} catch (SSLException ssle) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	816	throw ssle;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	817	} catch (IOException ioe) {
56712 bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	818	if (!(ioe instanceof SSLException)) {
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	819	throw new SSLException("readRecord", ioe);
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	820	} else {
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	821	throw ioe;
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	822	}
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	823	}
2 90ce3da70b43 Initial load duke parents: diff changeset	824	}
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 29923 diff changeset	825
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	826	return -1;
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 29923 diff changeset	827	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 29923 diff changeset	828
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	829	private synchronized int readRecord(ByteBuffer buffer) throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	830	while (!conContext.isInboundDone()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	831	/*
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	832	* clean the buffer and check if it is too small, e.g. because
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	833	* the AppInputStream did not have the chance to see the
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	834	* current packet length but rather something like that of the
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	835	* handshake before. In that case we return 0 at this point to
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	836	* give the caller the chance to adjust the buffer.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	837	*/
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	838	buffer.clear();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	839	int inLen = conContext.inputRecord.bytesInCompletePacket();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	840	if (inLen < 0) { // EOF
56712 bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	841	handleEOF(null);
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	842
56739 ae0cd8b2e2c2 Clean up CipherSuite xuelei parents: 56718 diff changeset	843	// if no exception thrown
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	844	return -1;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	845	}
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 29923 diff changeset	846
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	847	if (buffer.remaining() < inLen) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	848	return 0;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	849	}
7039 6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: 6856 diff changeset	850
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	851	try {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	852	Plaintext plainText = decode(buffer);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	853	if (plainText.contentType == ContentType.APPLICATION_DATA.id) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	854	return buffer.position();
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 29923 diff changeset	855	}
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	856	} catch (SSLException ssle) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	857	throw ssle;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	858	} catch (IOException ioe) {
56712 bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	859	if (!(ioe instanceof SSLException)) {
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	860	throw new SSLException("readRecord", ioe);
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	861	} else {
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	862	throw ioe;
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	863	}
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	864	}
7039 6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: 6856 diff changeset	865	}
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: 6856 diff changeset	866
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	867	//
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	868	// couldn't read, due to some kind of error
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	869	//
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	870	return -1;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	871	}
7039 6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: 6856 diff changeset	872
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	873	private Plaintext decode(ByteBuffer destination) throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	874	Plaintext plainText;
56712 bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	875	try {
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	876	if (destination == null) {
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	877	plainText = SSLTransport.decode(conContext,
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	878	null, 0, 0, null, 0, 0);
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	879	} else {
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	880	plainText = SSLTransport.decode(conContext,
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	881	null, 0, 0, new ByteBuffer[]{destination}, 0, 1);
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	882	}
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	883	} catch (EOFException eofe) {
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	884	// EOFException is special as it is related to close_notify.
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	885	plainText = handleEOF(eofe);
7039 6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: 6856 diff changeset	886	}
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 29923 diff changeset	887
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	888	// Is the sequence number is nearly overflow?
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	889	if (plainText != Plaintext.PLAINTEXT_NULL &&
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	890	conContext.inputRecord.seqNumIsHuge()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	891	tryKeyUpdate();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	892	}
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 29923 diff changeset	893
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	894	return plainText;
2 90ce3da70b43 Initial load duke parents: diff changeset	895	}
90ce3da70b43 Initial load duke parents: diff changeset	896
90ce3da70b43 Initial load duke parents: diff changeset	897	/**
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	898	* Try renegotiation or key update for sequence number wrap.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	899	*
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	900	* Note that in order to maintain the handshake status properly, we check
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	901	* the sequence number after the last record reading/writing process. As
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	902	* we request renegotiation or close the connection for wrapped sequence
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	903	* number when there is enough sequence number space left to handle a few
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	904	* more records, so the sequence number of the last record cannot be
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	905	* wrapped.
2 90ce3da70b43 Initial load duke parents: diff changeset	906	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	907	private void tryKeyUpdate() throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	908	// Don't bother to kickstart the renegotiation or key update when the
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	909	// local is asking for it.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	910	if ((conContext.handshakeContext == null) &&
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	911	!conContext.isClosed() && !conContext.isBroken) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	912	if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	913	SSLLogger.finest("key update to wrap sequence number");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	914	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	915	conContext.keyUpdate();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	916	}
2 90ce3da70b43 Initial load duke parents: diff changeset	917	}
90ce3da70b43 Initial load duke parents: diff changeset	918
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	919	private void closeSocket(boolean selfInitiated) throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	920	if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	921	SSLLogger.fine("close the ssl connection " +
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	922	(selfInitiated ? "(initiative)" : "(passive)"));
2 90ce3da70b43 Initial load duke parents: diff changeset	923	}
90ce3da70b43 Initial load duke parents: diff changeset	924
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	925	if (autoClose \|\| !isLayered()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	926	super.close();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	927	} else if (selfInitiated) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	928	// wait for close_notify alert to clear input stream.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	929	waitForClose();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	930	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	931	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	932
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	933	/**
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	934	* Wait for close_notify alert for a graceful closure.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	935	*
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	936	* [RFC 5246] If the application protocol using TLS provides that any
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	937	* data may be carried over the underlying transport after the TLS
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	938	* connection is closed, the TLS implementation must receive the responding
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	939	* close_notify alert before indicating to the application layer that
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	940	* the TLS connection has ended. If the application protocol will not
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	941	* transfer any additional data, but will only close the underlying
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	942	* transport connection, then the implementation MAY choose to close the
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	943	* transport without waiting for the responding close_notify.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	944	*/
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	945	private void waitForClose() throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	946	if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	947	SSLLogger.fine("wait for close_notify or alert");
2 90ce3da70b43 Initial load duke parents: diff changeset	948	}
34380 2b2609379881 8144093: JEP 244/8051498 - TLS Application-Layer Protocol Negotiation Extension vinnie parents: 32834 diff changeset	949
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	950	while (!conContext.isInboundDone()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	951	try {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	952	Plaintext plainText = decode(null);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	953	// discard and continue
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	954	if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	955	SSLLogger.finest(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	956	"discard plaintext while waiting for close", plainText);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	957	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	958	} catch (Exception e) { // including RuntimeException
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	959	handleException(e);
2 90ce3da70b43 Initial load duke parents: diff changeset	960	}
90ce3da70b43 Initial load duke parents: diff changeset	961	}
90ce3da70b43 Initial load duke parents: diff changeset	962	}
90ce3da70b43 Initial load duke parents: diff changeset	963
90ce3da70b43 Initial load duke parents: diff changeset	964	/**
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	965	* Initialize the handshaker and socket streams.
2 90ce3da70b43 Initial load duke parents: diff changeset	966	*
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	967	* Called by connect, the layered constructor, and SSLServerSocket.
2 90ce3da70b43 Initial load duke parents: diff changeset	968	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	969	synchronized void doneConnect() throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	970	// In server mode, it is not necessary to set host and serverNames.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	971	// Otherwise, would require a reverse DNS lookup to get the hostname.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	972	if ((peerHost == null) \|\| (peerHost.length() == 0)) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	973	boolean useNameService =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	974	trustNameService && conContext.sslConfig.isClientMode;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	975	useImplicitHost(useNameService);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	976	} else {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	977	conContext.sslConfig.serverNames =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	978	Utilities.addToSNIServerNameList(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	979	conContext.sslConfig.serverNames, peerHost);
2 90ce3da70b43 Initial load duke parents: diff changeset	980	}
90ce3da70b43 Initial load duke parents: diff changeset	981
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	982	InputStream sockInput = super.getInputStream();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	983	conContext.inputRecord.setReceiverStream(sockInput);
2 90ce3da70b43 Initial load duke parents: diff changeset	984
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	985	OutputStream sockOutput = super.getOutputStream();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	986	conContext.inputRecord.setDeliverStream(sockOutput);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	987	conContext.outputRecord.setDeliverStream(sockOutput);
2 90ce3da70b43 Initial load duke parents: diff changeset	988
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	989	this.isConnected = true;
2 90ce3da70b43 Initial load duke parents: diff changeset	990	}
90ce3da70b43 Initial load duke parents: diff changeset	991
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	992	private void useImplicitHost(boolean useNameService) {
37601 6517589dcc94 8144566: Custom HostnameVerifier disables SNI extension xuelei parents: 36641 diff changeset	993	// Note: If the local name service is not trustworthy, reverse
6517589dcc94 8144566: Custom HostnameVerifier disables SNI extension xuelei parents: 36641 diff changeset	994	// host name resolution should not be performed for endpoint
6517589dcc94 8144566: Custom HostnameVerifier disables SNI extension xuelei parents: 36641 diff changeset	995	// identification. Use the application original specified
6517589dcc94 8144566: Custom HostnameVerifier disables SNI extension xuelei parents: 36641 diff changeset	996	// hostname or IP address instead.
6517589dcc94 8144566: Custom HostnameVerifier disables SNI extension xuelei parents: 36641 diff changeset	997
6517589dcc94 8144566: Custom HostnameVerifier disables SNI extension xuelei parents: 36641 diff changeset	998	// Get the original hostname via jdk.internal.misc.SharedSecrets
6517589dcc94 8144566: Custom HostnameVerifier disables SNI extension xuelei parents: 36641 diff changeset	999	InetAddress inetAddress = getInetAddress();
6517589dcc94 8144566: Custom HostnameVerifier disables SNI extension xuelei parents: 36641 diff changeset	1000	if (inetAddress == null) { // not connected
6517589dcc94 8144566: Custom HostnameVerifier disables SNI extension xuelei parents: 36641 diff changeset	1001	return;
31687 d6eb4f028c60 8067694: Improved certification checking xuelei parents: 30904 diff changeset	1002	}
d6eb4f028c60 8067694: Improved certification checking xuelei parents: 30904 diff changeset	1003
37601 6517589dcc94 8144566: Custom HostnameVerifier disables SNI extension xuelei parents: 36641 diff changeset	1004	JavaNetInetAddressAccess jna =
6517589dcc94 8144566: Custom HostnameVerifier disables SNI extension xuelei parents: 36641 diff changeset	1005	SharedSecrets.getJavaNetInetAddressAccess();
6517589dcc94 8144566: Custom HostnameVerifier disables SNI extension xuelei parents: 36641 diff changeset	1006	String originalHostname = jna.getOriginalHostName(inetAddress);
6517589dcc94 8144566: Custom HostnameVerifier disables SNI extension xuelei parents: 36641 diff changeset	1007	if ((originalHostname != null) &&
6517589dcc94 8144566: Custom HostnameVerifier disables SNI extension xuelei parents: 36641 diff changeset	1008	(originalHostname.length() != 0)) {
6517589dcc94 8144566: Custom HostnameVerifier disables SNI extension xuelei parents: 36641 diff changeset	1009
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1010	this.peerHost = originalHostname;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1011	if (conContext.sslConfig.serverNames.isEmpty() &&
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1012	!conContext.sslConfig.noSniExtension) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1013	conContext.sslConfig.serverNames =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1014	Utilities.addToSNIServerNameList(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1015	conContext.sslConfig.serverNames, peerHost);
37601 6517589dcc94 8144566: Custom HostnameVerifier disables SNI extension xuelei parents: 36641 diff changeset	1016	}
6517589dcc94 8144566: Custom HostnameVerifier disables SNI extension xuelei parents: 36641 diff changeset	1017
6517589dcc94 8144566: Custom HostnameVerifier disables SNI extension xuelei parents: 36641 diff changeset	1018	return;
6517589dcc94 8144566: Custom HostnameVerifier disables SNI extension xuelei parents: 36641 diff changeset	1019	}
6517589dcc94 8144566: Custom HostnameVerifier disables SNI extension xuelei parents: 36641 diff changeset	1020
6517589dcc94 8144566: Custom HostnameVerifier disables SNI extension xuelei parents: 36641 diff changeset	1021	// No explicitly specified hostname, no server name indication.
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1022	if (!useNameService) {
37601 6517589dcc94 8144566: Custom HostnameVerifier disables SNI extension xuelei parents: 36641 diff changeset	1023	// The local name service is not trustworthy, use IP address.
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1024	this.peerHost = inetAddress.getHostAddress();
37601 6517589dcc94 8144566: Custom HostnameVerifier disables SNI extension xuelei parents: 36641 diff changeset	1025	} else {
6517589dcc94 8144566: Custom HostnameVerifier disables SNI extension xuelei parents: 36641 diff changeset	1026	// Use the underlying reverse host name resolution service.
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1027	this.peerHost = getInetAddress().getHostName();
37601 6517589dcc94 8144566: Custom HostnameVerifier disables SNI extension xuelei parents: 36641 diff changeset	1028	}
31687 d6eb4f028c60 8067694: Improved certification checking xuelei parents: 30904 diff changeset	1029	}
d6eb4f028c60 8067694: Improved certification checking xuelei parents: 30904 diff changeset	1030
5162 0dbedf4fdb8c 6614957: HttpsURLConnection not using the set SSLSocketFactory for creating all its Sockets chegar parents: 2068 diff changeset	1031	// ONLY used by HttpsClient to setup the URI specified hostname
14194 971f46db533d 7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server xuelei parents: 13815 diff changeset	1032	//
971f46db533d 7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server xuelei parents: 13815 diff changeset	1033	// Please NOTE that this method MUST be called before calling to
971f46db533d 7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server xuelei parents: 13815 diff changeset	1034	// SSLSocket.setSSLParameters(). Otherwise, the {@code host} parameter
971f46db533d 7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server xuelei parents: 13815 diff changeset	1035	// may override SNIHostName in the customized server name indication.
32649 2ee9017c7597 8136583: Core libraries should use blessed modifier order martin parents: 31918 diff changeset	1036	public synchronized void setHost(String host) {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1037	this.peerHost = host;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1038	this.conContext.sslConfig.serverNames =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1039	Utilities.addToSNIServerNameList(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1040	conContext.sslConfig.serverNames, host);
2 90ce3da70b43 Initial load duke parents: diff changeset	1041	}
90ce3da70b43 Initial load duke parents: diff changeset	1042
90ce3da70b43 Initial load duke parents: diff changeset	1043	/**
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1044	* Return whether we have reached end-of-file.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1045	*
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1046	* If the socket is not connected, has been shutdown because of an error
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1047	* or has been closed, throw an Exception.
2 90ce3da70b43 Initial load duke parents: diff changeset	1048	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1049	synchronized boolean checkEOF() throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1050	if (conContext.isClosed()) {
56571 9dfdc35eb270 TLS 1.3, update on SSLSocketImpl.checkEOF() xuelei parents: 56542 diff changeset	1051	return true;
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1052	} else if (conContext.isInputCloseNotified \|\| conContext.isBroken) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1053	if (conContext.closeReason == null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1054	return true;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1055	} else {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1056	throw new SSLException(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1057	"Connection has been shutdown: " + conContext.closeReason,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1058	conContext.closeReason);
2 90ce3da70b43 Initial load duke parents: diff changeset	1059	}
90ce3da70b43 Initial load duke parents: diff changeset	1060	}
90ce3da70b43 Initial load duke parents: diff changeset	1061
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1062	return false;
7043 5e2d1edeb2c7 6916074: Add support for TLS 1.2 xuelei parents: 7039 diff changeset	1063	}
5e2d1edeb2c7 6916074: Add support for TLS 1.2 xuelei parents: 7039 diff changeset	1064
2 90ce3da70b43 Initial load duke parents: diff changeset	1065	/**
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1066	* Check if we can write data to this socket.
2 90ce3da70b43 Initial load duke parents: diff changeset	1067	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1068	synchronized void checkWrite() throws IOException {
56750 2b4ae319412b Enable RSASSA-PSS for TLS 1.2, and socket close checking xuelei parents: 56739 diff changeset	1069	if (checkEOF() \|\| conContext.isOutboundClosed()) {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1070	// we are at EOF, write must throw Exception
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1071	throw new SocketException("Connection closed");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1072	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1073	if (!isConnected) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1074	throw new SocketException("Socket is not connected");
2 90ce3da70b43 Initial load duke parents: diff changeset	1075	}
90ce3da70b43 Initial load duke parents: diff changeset	1076	}
90ce3da70b43 Initial load duke parents: diff changeset	1077
90ce3da70b43 Initial load duke parents: diff changeset	1078	/**
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1079	* Handle an exception.
2 90ce3da70b43 Initial load duke parents: diff changeset	1080	*
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1081	* This method is called by top level exception handlers (in read(),
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1082	* write()) to make sure we always shutdown the connection correctly
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1083	* and do not pass runtime exception to the application.
2 90ce3da70b43 Initial load duke parents: diff changeset	1084	*
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1085	* This method never returns normally, it always throws an IOException.
2 90ce3da70b43 Initial load duke parents: diff changeset	1086	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1087	private void handleException(Exception cause) throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1088	if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1089	SSLLogger.warning("handling exception", cause);
2 90ce3da70b43 Initial load duke parents: diff changeset	1090	}
90ce3da70b43 Initial load duke parents: diff changeset	1091
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1092	// Don't close the Socket in case of timeouts or interrupts.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1093	if (cause instanceof InterruptedIOException) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1094	throw (IOException)cause;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1095	}
2 90ce3da70b43 Initial load duke parents: diff changeset	1096
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1097	// need to perform error shutdown
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1098	boolean isSSLException = (cause instanceof SSLException);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1099	Alert alert;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1100	if (isSSLException) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1101	if (cause instanceof SSLHandshakeException) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1102	alert = Alert.HANDSHAKE_FAILURE;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1103	} else {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1104	alert = Alert.UNEXPECTED_MESSAGE;
2 90ce3da70b43 Initial load duke parents: diff changeset	1105	}
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1106	} else {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1107	if (cause instanceof IOException) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1108	alert = Alert.UNEXPECTED_MESSAGE;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1109	} else {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1110	// RuntimeException
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1111	alert = Alert.INTERNAL_ERROR;
2 90ce3da70b43 Initial load duke parents: diff changeset	1112	}
90ce3da70b43 Initial load duke parents: diff changeset	1113	}
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1114	conContext.fatal(alert, cause);
2 90ce3da70b43 Initial load duke parents: diff changeset	1115	}
90ce3da70b43 Initial load duke parents: diff changeset	1116
56712 bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	1117	private Plaintext handleEOF(EOFException eofe) throws IOException {
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	1118	if (requireCloseNotify \|\| conContext.handshakeContext != null) {
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	1119	SSLException ssle;
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	1120	if (conContext.handshakeContext != null) {
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	1121	ssle = new SSLHandshakeException(
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	1122	"Remote host terminated the handshake");
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	1123	} else {
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	1124	ssle = new SSLProtocolException(
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	1125	"Remote host terminated the connection");
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	1126	}
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	1127
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	1128	if (eofe != null) {
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	1129	ssle.initCause(eofe);
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	1130	}
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	1131	throw ssle;
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	1132	} else {
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	1133	// treat as if we had received a close_notify
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	1134	conContext.isInputCloseNotified = true;
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	1135	conContext.transport.shutdown();
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	1136
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	1137	return Plaintext.PLAINTEXT_NULL;
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	1138	}
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	1139	}
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	1140
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	1141
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	1142	@Override
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1143	public String getPeerHost() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1144	return peerHost;
2 90ce3da70b43 Initial load duke parents: diff changeset	1145	}
90ce3da70b43 Initial load duke parents: diff changeset	1146
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	1147	@Override
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1148	public int getPeerPort() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1149	return getPort();
2 90ce3da70b43 Initial load duke parents: diff changeset	1150	}
90ce3da70b43 Initial load duke parents: diff changeset	1151
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	1152	@Override
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1153	public boolean useDelegatedTask() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1154	return false;
2 90ce3da70b43 Initial load duke parents: diff changeset	1155	}
90ce3da70b43 Initial load duke parents: diff changeset	1156
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	1157	@Override
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1158	public void shutdown() throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1159	if (!isClosed()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1160	if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1161	SSLLogger.fine("close the underlying socket");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1162	}
2 90ce3da70b43 Initial load duke parents: diff changeset	1163
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1164	try {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1165	if (conContext.isInputCloseNotified) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1166	// Close the connection, no wait for more peer response.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1167	closeSocket(false);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1168	} else {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1169	// Close the connection, may wait for peer close_notify.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1170	closeSocket(true);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1171	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1172	} finally {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1173	tlsIsClosed = true;
14194 971f46db533d 7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server xuelei parents: 13815 diff changeset	1174	}
7043 5e2d1edeb2c7 6916074: Add support for TLS 1.2 xuelei parents: 7039 diff changeset	1175	}
2 90ce3da70b43 Initial load duke parents: diff changeset	1176	}
90ce3da70b43 Initial load duke parents: diff changeset	1177	}

author	xuelei
	Tue, 12 Jun 2018 22:15:10 -0700
branch	JDK-8145252-TLS13-branch
changeset 56750	2b4ae319412b
parent 56739	ae0cd8b2e2c2
permissions	-rw-r--r--