jdk-sandbox: src/java.base/share/classes/sun/security/ssl/SSLSocketImpl.java@bad9f4c7eeec (annotated)

2 90ce3da70b43 Initial load duke parents: diff changeset	1	/*
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	2	* Copyright (c) 1996, 2018, Oracle and/or its affiliates. All rights reserved.
2 90ce3da70b43 Initial load duke parents: diff changeset	3	* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
90ce3da70b43 Initial load duke parents: diff changeset	4	*
90ce3da70b43 Initial load duke parents: diff changeset	5	* This code is free software; you can redistribute it and/or modify it
90ce3da70b43 Initial load duke parents: diff changeset	6	* under the terms of the GNU General Public License version 2 only, as
5506 202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 5195 diff changeset	7	* published by the Free Software Foundation. Oracle designates this
2 90ce3da70b43 Initial load duke parents: diff changeset	8	* particular file as subject to the "Classpath" exception as provided
5506 202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 5195 diff changeset	9	* by Oracle in the LICENSE file that accompanied this code.
2 90ce3da70b43 Initial load duke parents: diff changeset	10	*
90ce3da70b43 Initial load duke parents: diff changeset	11	* This code is distributed in the hope that it will be useful, but WITHOUT
90ce3da70b43 Initial load duke parents: diff changeset	12	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
90ce3da70b43 Initial load duke parents: diff changeset	13	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
90ce3da70b43 Initial load duke parents: diff changeset	14	* version 2 for more details (a copy is included in the LICENSE file that
90ce3da70b43 Initial load duke parents: diff changeset	15	* accompanied this code).
90ce3da70b43 Initial load duke parents: diff changeset	16	*
90ce3da70b43 Initial load duke parents: diff changeset	17	* You should have received a copy of the GNU General Public License version
90ce3da70b43 Initial load duke parents: diff changeset	18	* 2 along with this work; if not, write to the Free Software Foundation,
90ce3da70b43 Initial load duke parents: diff changeset	19	* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
90ce3da70b43 Initial load duke parents: diff changeset	20	*
5506 202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 5195 diff changeset	21	* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 5195 diff changeset	22	* or visit www.oracle.com if you need additional information or have any
202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 5195 diff changeset	23	* questions.
2 90ce3da70b43 Initial load duke parents: diff changeset	24	*/
90ce3da70b43 Initial load duke parents: diff changeset	25
90ce3da70b43 Initial load duke parents: diff changeset	26	package sun.security.ssl;
90ce3da70b43 Initial load duke parents: diff changeset	27
56712 bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	28	import java.io.EOFException;
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	29	import java.io.IOException;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	30	import java.io.InputStream;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	31	import java.io.InterruptedIOException;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	32	import java.io.OutputStream;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	33	import java.net.InetAddress;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	34	import java.net.InetSocketAddress;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	35	import java.net.Socket;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	36	import java.net.SocketAddress;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	37	import java.net.SocketException;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	38	import java.net.UnknownHostException;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	39	import java.nio.ByteBuffer;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	40	import java.util.List;
42706 796cf076d69b 8170282: Enable ALPN parameters to be supplied during the TLS handshake vinnie parents: 38865 diff changeset	41	import java.util.function.BiFunction;
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	42	import javax.net.ssl.HandshakeCompletedListener;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	43	import javax.net.ssl.SSLException;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	44	import javax.net.ssl.SSLHandshakeException;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	45	import javax.net.ssl.SSLParameters;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	46	import javax.net.ssl.SSLProtocolException;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	47	import javax.net.ssl.SSLServerSocket;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	48	import javax.net.ssl.SSLSession;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	49	import javax.net.ssl.SSLSocket;
32834 e1dca5fe4de3 8137056: Move SharedSecrets and interface friends out of sun.misc chegar parents: 32649 diff changeset	50	import jdk.internal.misc.JavaNetInetAddressAccess;
e1dca5fe4de3 8137056: Move SharedSecrets and interface friends out of sun.misc chegar parents: 32649 diff changeset	51	import jdk.internal.misc.SharedSecrets;
31687 d6eb4f028c60 8067694: Improved certification checking xuelei parents: 30904 diff changeset	52
2 90ce3da70b43 Initial load duke parents: diff changeset	53	/**
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	54	* Implementation of an SSL socket.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	55	* <P>
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	56	* This is a normal connection type socket, implementing SSL over some lower
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	57	* level socket, such as TCP. Because it is layered over some lower level
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	58	* socket, it MUST override all default socket methods.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	59	* <P>
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	60	* This API offers a non-traditional option for establishing SSL
2 90ce3da70b43 Initial load duke parents: diff changeset	61	* connections. You may first establish the connection directly, then pass
90ce3da70b43 Initial load duke parents: diff changeset	62	* that connection to the SSL socket constructor with a flag saying which
90ce3da70b43 Initial load duke parents: diff changeset	63	* role should be taken in the handshake protocol. (The two ends of the
90ce3da70b43 Initial load duke parents: diff changeset	64	* connection must not choose the same role!) This allows setup of SSL
90ce3da70b43 Initial load duke parents: diff changeset	65	* proxying or tunneling, and also allows the kind of "role reversal"
90ce3da70b43 Initial load duke parents: diff changeset	66	* that is required for most FTP data transfers.
90ce3da70b43 Initial load duke parents: diff changeset	67	*
90ce3da70b43 Initial load duke parents: diff changeset	68	* @see javax.net.ssl.SSLSocket
90ce3da70b43 Initial load duke parents: diff changeset	69	* @see SSLServerSocket
90ce3da70b43 Initial load duke parents: diff changeset	70	*
90ce3da70b43 Initial load duke parents: diff changeset	71	* @author David Brownell
90ce3da70b43 Initial load duke parents: diff changeset	72	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	73	public final class SSLSocketImpl
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	74	extends BaseSSLSocketImpl implements SSLTransport {
2 90ce3da70b43 Initial load duke parents: diff changeset	75
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	76	final SSLContextImpl sslContext;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	77	final TransportContext conContext;
34380 2b2609379881 8144093: JEP 244/8051498 - TLS Application-Layer Protocol Negotiation Extension vinnie parents: 32834 diff changeset	78
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	79	private final AppInputStream appInput = new AppInputStream();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	80	private final AppOutputStream appOutput = new AppOutputStream();
2 90ce3da70b43 Initial load duke parents: diff changeset	81
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	82	private String peerHost;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	83	private boolean autoClose;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	84	private boolean isConnected = false;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	85	private boolean tlsIsClosed = false;
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 29923 diff changeset	86
31687 d6eb4f028c60 8067694: Improved certification checking xuelei parents: 30904 diff changeset	87	/*
d6eb4f028c60 8067694: Improved certification checking xuelei parents: 30904 diff changeset	88	* Is the local name service trustworthy?
d6eb4f028c60 8067694: Improved certification checking xuelei parents: 30904 diff changeset	89	*
d6eb4f028c60 8067694: Improved certification checking xuelei parents: 30904 diff changeset	90	* If the local name service is not trustworthy, reverse host name
d6eb4f028c60 8067694: Improved certification checking xuelei parents: 30904 diff changeset	91	* resolution should not be performed for endpoint identification.
d6eb4f028c60 8067694: Improved certification checking xuelei parents: 30904 diff changeset	92	*/
d6eb4f028c60 8067694: Improved certification checking xuelei parents: 30904 diff changeset	93	static final boolean trustNameService =
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	94	Utilities.getBooleanProperty("jdk.tls.trustNameService", false);
31687 d6eb4f028c60 8067694: Improved certification checking xuelei parents: 30904 diff changeset	95
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	96	/**
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	97	* Package-private constructor used to instantiate an unconnected
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	98	* socket.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	99	*
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	100	* This instance is meant to set handshake state to use "client mode".
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	101	*/
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	102	SSLSocketImpl(SSLContextImpl sslContext) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	103	super();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	104	this.sslContext = sslContext;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	105	HandshakeHash handshakeHash = new HandshakeHash();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	106	this.conContext = new TransportContext(sslContext, this,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	107	new SSLSocketInputRecord(handshakeHash),
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	108	new SSLSocketOutputRecord(handshakeHash), true);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	109	}
2 90ce3da70b43 Initial load duke parents: diff changeset	110
90ce3da70b43 Initial load duke parents: diff changeset	111	/**
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	112	* Package-private constructor used to instantiate a server socket.
2 90ce3da70b43 Initial load duke parents: diff changeset	113	*
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	114	* This instance is meant to set handshake state to use "server mode".
2 90ce3da70b43 Initial load duke parents: diff changeset	115	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	116	SSLSocketImpl(SSLContextImpl sslContext, SSLConfiguration sslConfig) {
2 90ce3da70b43 Initial load duke parents: diff changeset	117	super();
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	118	this.sslContext = sslContext;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	119	HandshakeHash handshakeHash = new HandshakeHash();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	120	this.conContext = new TransportContext(sslContext, this, sslConfig,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	121	new SSLSocketInputRecord(handshakeHash),
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	122	new SSLSocketOutputRecord(handshakeHash));
2 90ce3da70b43 Initial load duke parents: diff changeset	123	}
90ce3da70b43 Initial load duke parents: diff changeset	124
90ce3da70b43 Initial load duke parents: diff changeset	125	/**
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	126	* Constructs an SSL connection to a named host at a specified
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	127	* port, using the authentication context provided.
2 90ce3da70b43 Initial load duke parents: diff changeset	128	*
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	129	* This endpoint acts as the client, and may rejoin an existing SSL session
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	130	* if appropriate.
2 90ce3da70b43 Initial load duke parents: diff changeset	131	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	132	SSLSocketImpl(SSLContextImpl sslContext, String peerHost,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	133	int peerPort) throws IOException, UnknownHostException {
2 90ce3da70b43 Initial load duke parents: diff changeset	134	super();
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	135	this.sslContext = sslContext;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	136	HandshakeHash handshakeHash = new HandshakeHash();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	137	this.conContext = new TransportContext(sslContext, this,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	138	new SSLSocketInputRecord(handshakeHash),
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	139	new SSLSocketOutputRecord(handshakeHash), true);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	140	this.peerHost = peerHost;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	141	SocketAddress socketAddress =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	142	peerHost != null ? new InetSocketAddress(peerHost, peerPort) :
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	143	new InetSocketAddress(InetAddress.getByName(null), peerPort);
2 90ce3da70b43 Initial load duke parents: diff changeset	144	connect(socketAddress, 0);
90ce3da70b43 Initial load duke parents: diff changeset	145	}
90ce3da70b43 Initial load duke parents: diff changeset	146
90ce3da70b43 Initial load duke parents: diff changeset	147	/**
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	148	* Constructs an SSL connection to a server at a specified
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	149	* address, and TCP port, using the authentication context
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	150	* provided.
2 90ce3da70b43 Initial load duke parents: diff changeset	151	*
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	152	* This endpoint acts as the client, and may rejoin an existing SSL
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	153	* session if appropriate.
2 90ce3da70b43 Initial load duke parents: diff changeset	154	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	155	SSLSocketImpl(SSLContextImpl sslContext,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	156	InetAddress address, int peerPort) throws IOException {
2 90ce3da70b43 Initial load duke parents: diff changeset	157	super();
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	158	this.sslContext = sslContext;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	159	HandshakeHash handshakeHash = new HandshakeHash();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	160	this.conContext = new TransportContext(sslContext, this,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	161	new SSLSocketInputRecord(handshakeHash),
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	162	new SSLSocketOutputRecord(handshakeHash), true);
2 90ce3da70b43 Initial load duke parents: diff changeset	163
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	164	SocketAddress socketAddress = new InetSocketAddress(address, peerPort);
2 90ce3da70b43 Initial load duke parents: diff changeset	165	connect(socketAddress, 0);
90ce3da70b43 Initial load duke parents: diff changeset	166	}
90ce3da70b43 Initial load duke parents: diff changeset	167
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	168	/**
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	169	* Constructs an SSL connection to a named host at a specified
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	170	* port, using the authentication context provided.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	171	*
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	172	* This endpoint acts as the client, and may rejoin an existing SSL
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	173	* session if appropriate.
2 90ce3da70b43 Initial load duke parents: diff changeset	174	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	175	SSLSocketImpl(SSLContextImpl sslContext,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	176	String peerHost, int peerPort, InetAddress localAddr,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	177	int localPort) throws IOException, UnknownHostException {
2 90ce3da70b43 Initial load duke parents: diff changeset	178	super();
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	179	this.sslContext = sslContext;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	180	HandshakeHash handshakeHash = new HandshakeHash();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	181	this.conContext = new TransportContext(sslContext, this,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	182	new SSLSocketInputRecord(handshakeHash),
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	183	new SSLSocketOutputRecord(handshakeHash), true);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	184	this.peerHost = peerHost;
2 90ce3da70b43 Initial load duke parents: diff changeset	185
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	186	bind(new InetSocketAddress(localAddr, localPort));
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	187	SocketAddress socketAddress =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	188	peerHost != null ? new InetSocketAddress(peerHost, peerPort) :
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	189	new InetSocketAddress(InetAddress.getByName(null), peerPort);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	190	connect(socketAddress, 0);
2 90ce3da70b43 Initial load duke parents: diff changeset	191	}
90ce3da70b43 Initial load duke parents: diff changeset	192
90ce3da70b43 Initial load duke parents: diff changeset	193	/**
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	194	* Constructs an SSL connection to a server at a specified
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	195	* address, and TCP port, using the authentication context
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	196	* provided.
2 90ce3da70b43 Initial load duke parents: diff changeset	197	*
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	198	* This endpoint acts as the client, and may rejoin an existing SSL
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	199	* session if appropriate.
2 90ce3da70b43 Initial load duke parents: diff changeset	200	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	201	SSLSocketImpl(SSLContextImpl sslContext,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	202	InetAddress peerAddr, int peerPort,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	203	InetAddress localAddr, int localPort) throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	204	super();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	205	this.sslContext = sslContext;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	206	HandshakeHash handshakeHash = new HandshakeHash();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	207	this.conContext = new TransportContext(sslContext, this,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	208	new SSLSocketInputRecord(handshakeHash),
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	209	new SSLSocketOutputRecord(handshakeHash), true);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	210
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	211	bind(new InetSocketAddress(localAddr, localPort));
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	212	SocketAddress socketAddress = new InetSocketAddress(peerAddr, peerPort);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	213	connect(socketAddress, 0);
2 90ce3da70b43 Initial load duke parents: diff changeset	214	}
90ce3da70b43 Initial load duke parents: diff changeset	215
90ce3da70b43 Initial load duke parents: diff changeset	216	/**
14194 971f46db533d 7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server xuelei parents: 13815 diff changeset	217	* Creates a server mode {@link Socket} layered over an
971f46db533d 7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server xuelei parents: 13815 diff changeset	218	* existing connected socket, and is able to read data which has
971f46db533d 7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server xuelei parents: 13815 diff changeset	219	* already been consumed/removed from the {@link Socket}'s
971f46db533d 7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server xuelei parents: 13815 diff changeset	220	* underlying {@link InputStream}.
971f46db533d 7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server xuelei parents: 13815 diff changeset	221	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	222	SSLSocketImpl(SSLContextImpl sslContext, Socket sock,
14194 971f46db533d 7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server xuelei parents: 13815 diff changeset	223	InputStream consumed, boolean autoClose) throws IOException {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	224
14194 971f46db533d 7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server xuelei parents: 13815 diff changeset	225	super(sock, consumed);
971f46db533d 7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server xuelei parents: 13815 diff changeset	226	// We always layer over a connected socket
971f46db533d 7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server xuelei parents: 13815 diff changeset	227	if (!sock.isConnected()) {
971f46db533d 7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server xuelei parents: 13815 diff changeset	228	throw new SocketException("Underlying socket is not connected");
971f46db533d 7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server xuelei parents: 13815 diff changeset	229	}
971f46db533d 7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server xuelei parents: 13815 diff changeset	230
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	231	this.sslContext = sslContext;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	232	HandshakeHash handshakeHash = new HandshakeHash();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	233	this.conContext = new TransportContext(sslContext, this,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	234	new SSLSocketInputRecord(handshakeHash),
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	235	new SSLSocketOutputRecord(handshakeHash), false);
14194 971f46db533d 7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server xuelei parents: 13815 diff changeset	236	this.autoClose = autoClose;
971f46db533d 7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server xuelei parents: 13815 diff changeset	237	doneConnect();
971f46db533d 7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server xuelei parents: 13815 diff changeset	238	}
971f46db533d 7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server xuelei parents: 13815 diff changeset	239
971f46db533d 7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server xuelei parents: 13815 diff changeset	240	/**
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	241	* Layer SSL traffic over an existing connection, rather than
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	242	* creating a new connection.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	243	*
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	244	* The existing connection may be used only for SSL traffic (using this
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	245	* SSLSocket) until the SSLSocket.close() call returns. However, if a
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	246	* protocol error is detected, that existing connection is automatically
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	247	* closed.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	248	* <p>
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	249	* This particular constructor always uses the socket in the
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	250	* role of an SSL client. It may be useful in cases which start
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	251	* using SSL after some initial data transfers, for example in some
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	252	* SSL tunneling applications or as part of some kinds of application
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	253	* protocols which negotiate use of a SSL based security.
2 90ce3da70b43 Initial load duke parents: diff changeset	254	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	255	SSLSocketImpl(SSLContextImpl sslContext, Socket sock,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	256	String peerHost, int port, boolean autoClose) throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	257	super(sock);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	258	// We always layer over a connected socket
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	259	if (!sock.isConnected()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	260	throw new SocketException("Underlying socket is not connected");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	261	}
2 90ce3da70b43 Initial load duke parents: diff changeset	262
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	263	this.sslContext = sslContext;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	264	HandshakeHash handshakeHash = new HandshakeHash();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	265	this.conContext = new TransportContext(sslContext, this,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	266	new SSLSocketInputRecord(handshakeHash),
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	267	new SSLSocketOutputRecord(handshakeHash), true);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	268	this.peerHost = peerHost;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	269	this.autoClose = autoClose;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	270	doneConnect();
2 90ce3da70b43 Initial load duke parents: diff changeset	271	}
90ce3da70b43 Initial load duke parents: diff changeset	272
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	273	@Override
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	274	public void connect(SocketAddress endpoint,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	275	int timeout) throws IOException {
2 90ce3da70b43 Initial load duke parents: diff changeset	276
14194 971f46db533d 7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server xuelei parents: 13815 diff changeset	277	if (isLayered()) {
2 90ce3da70b43 Initial load duke parents: diff changeset	278	throw new SocketException("Already connected");
90ce3da70b43 Initial load duke parents: diff changeset	279	}
90ce3da70b43 Initial load duke parents: diff changeset	280
90ce3da70b43 Initial load duke parents: diff changeset	281	if (!(endpoint instanceof InetSocketAddress)) {
90ce3da70b43 Initial load duke parents: diff changeset	282	throw new SocketException(
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	283	"Cannot handle non-Inet socket addresses.");
2 90ce3da70b43 Initial load duke parents: diff changeset	284	}
90ce3da70b43 Initial load duke parents: diff changeset	285
90ce3da70b43 Initial load duke parents: diff changeset	286	super.connect(endpoint, timeout);
90ce3da70b43 Initial load duke parents: diff changeset	287	doneConnect();
90ce3da70b43 Initial load duke parents: diff changeset	288	}
90ce3da70b43 Initial load duke parents: diff changeset	289
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	290	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	291	public String[] getSupportedCipherSuites() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	292	return CipherSuite.namesOf(sslContext.getSupportedCipherSuites());
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	293	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	294
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	295	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	296	public synchronized String[] getEnabledCipherSuites() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	297	return CipherSuite.namesOf(conContext.sslConfig.enabledCipherSuites);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	298	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	299
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	300	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	301	public synchronized void setEnabledCipherSuites(String[] suites) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	302	if (suites == null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	303	throw new IllegalArgumentException("CipherSuites cannot be null");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	304	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	305
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	306	conContext.sslConfig.enabledCipherSuites =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	307	CipherSuite.validValuesOf(suites);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	308	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	309
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	310	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	311	public String[] getSupportedProtocols() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	312	return ProtocolVersion.toStringArray(
56611 f8f7e604e1f8 added jdk.tls.server.protocols ascarpino parents: 56594 diff changeset	313	sslContext.getSupportedProtocolVersions());
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	314	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	315
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	316	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	317	public synchronized String[] getEnabledProtocols() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	318	return ProtocolVersion.toStringArray(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	319	conContext.sslConfig.enabledProtocols);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	320	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	321
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	322	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	323	public synchronized void setEnabledProtocols(String[] protocols) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	324	if (protocols == null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	325	throw new IllegalArgumentException("Protocols cannot be null");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	326	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	327
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	328	conContext.sslConfig.enabledProtocols =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	329	ProtocolVersion.namesOf(protocols);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	330	}
2 90ce3da70b43 Initial load duke parents: diff changeset	331
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	332	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	333	public synchronized SSLSession getSession() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	334	try {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	335	// start handshaking, if failed, the connection will be closed.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	336	ensureNegotiated();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	337	} catch (IOException ioe) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	338	if (SSLLogger.isOn && SSLLogger.isOn("handshake")) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	339	SSLLogger.severe("handshake failed", ioe);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	340	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	341
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	342	return SSLSessionImpl.nullSession;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	343	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	344
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	345	return conContext.conSession;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	346	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	347
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	348	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	349	public synchronized SSLSession getHandshakeSession() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	350	if (conContext.handshakeContext != null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	351	return conContext.handshakeContext.handshakeSession;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	352	}
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 29923 diff changeset	353
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	354	return null;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	355	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	356
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	357	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	358	public synchronized void addHandshakeCompletedListener(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	359	HandshakeCompletedListener listener) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	360	if (listener == null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	361	throw new IllegalArgumentException("listener is null");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	362	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	363
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	364	conContext.sslConfig.addHandshakeCompletedListener(listener);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	365	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	366
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	367	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	368	public synchronized void removeHandshakeCompletedListener(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	369	HandshakeCompletedListener listener) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	370	if (listener == null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	371	throw new IllegalArgumentException("listener is null");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	372	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	373
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	374	conContext.sslConfig.removeHandshakeCompletedListener(listener);
2 90ce3da70b43 Initial load duke parents: diff changeset	375	}
90ce3da70b43 Initial load duke parents: diff changeset	376
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	377	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	378	public synchronized void startHandshake() throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	379	checkWrite();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	380	try {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	381	conContext.kickstart();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	382
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	383	// All initial handshaking goes through this operation until we
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	384	// have a valid SSL connection.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	385	//
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	386	// Handle handshake messages only, need no application data.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	387	if (!conContext.isNegotiated) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	388	readRecord();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	389	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	390	} catch (IOException ioe) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	391	conContext.fatal(Alert.HANDSHAKE_FAILURE,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	392	"Couldn't kickstart handshaking", ioe);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	393	} catch (Exception oe) { // including RuntimeException
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	394	handleException(oe);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	395	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	396	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	397
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	398	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	399	public synchronized void setUseClientMode(boolean mode) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	400	conContext.setUseClientMode(mode);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	401	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	402
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	403	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	404	public synchronized boolean getUseClientMode() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	405	return conContext.sslConfig.isClientMode;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	406	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	407
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	408	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	409	public synchronized void setNeedClientAuth(boolean need) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	410	conContext.sslConfig.clientAuthType =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	411	(need ? ClientAuthType.CLIENT_AUTH_REQUIRED :
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	412	ClientAuthType.CLIENT_AUTH_NONE);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	413	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	414
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	415	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	416	public synchronized boolean getNeedClientAuth() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	417	return (conContext.sslConfig.clientAuthType ==
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	418	ClientAuthType.CLIENT_AUTH_REQUIRED);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	419	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	420
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	421	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	422	public synchronized void setWantClientAuth(boolean want) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	423	conContext.sslConfig.clientAuthType =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	424	(want ? ClientAuthType.CLIENT_AUTH_REQUESTED :
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	425	ClientAuthType.CLIENT_AUTH_NONE);
2 90ce3da70b43 Initial load duke parents: diff changeset	426	}
90ce3da70b43 Initial load duke parents: diff changeset	427
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	428	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	429	public synchronized boolean getWantClientAuth() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	430	return (conContext.sslConfig.clientAuthType ==
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	431	ClientAuthType.CLIENT_AUTH_REQUESTED);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	432	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	433
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	434	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	435	public synchronized void setEnableSessionCreation(boolean flag) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	436	conContext.sslConfig.enableSessionCreation = flag;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	437	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	438
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	439	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	440	public synchronized boolean getEnableSessionCreation() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	441	return conContext.sslConfig.enableSessionCreation;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	442	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	443
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	444	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	445	public synchronized boolean isClosed() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	446	return tlsIsClosed && conContext.isClosed();
2 90ce3da70b43 Initial load duke parents: diff changeset	447	}
90ce3da70b43 Initial load duke parents: diff changeset	448
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	449	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	450	public synchronized void close() throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	451	try {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	452	conContext.close();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	453	} catch (IOException ioe) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	454	// ignore the exception
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	455	if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	456	SSLLogger.warning("connection context closure failed", ioe);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	457	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	458	} finally {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	459	tlsIsClosed = true;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	460	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	461	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	462
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	463	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	464	public synchronized InputStream getInputStream() throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	465	if (isClosed() \|\| conContext.isInboundDone()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	466	throw new SocketException("Socket or inbound is closed");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	467	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	468
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	469	if (!isConnected) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	470	throw new SocketException("Socket is not connected");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	471	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	472
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	473	return appInput;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	474	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	475
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	476	private synchronized void ensureNegotiated() throws IOException {
56594 99e0f3f3f0e4 close issues introduced in TLS 1.3 implementation xuelei parents: 56571 diff changeset	477	if (conContext.isNegotiated \|\|
99e0f3f3f0e4 close issues introduced in TLS 1.3 implementation xuelei parents: 56571 diff changeset	478	conContext.isClosed() \|\| conContext.isBroken) {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	479	return;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	480	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	481
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	482	startHandshake();
2 90ce3da70b43 Initial load duke parents: diff changeset	483	}
90ce3da70b43 Initial load duke parents: diff changeset	484
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	485	private class AppInputStream extends InputStream {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	486	// One element array used to implement the single byte read() method
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	487	private final byte[] oneByte = new byte[1];
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	488
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	489	// the temporary buffer used to read network
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	490	private ByteBuffer buffer;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	491
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	492	// Is application data available in the stream?
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	493	private boolean appDataIsAvailable;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	494
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	495	AppInputStream() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	496	this.appDataIsAvailable = false;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	497	this.buffer = ByteBuffer.allocate(4096);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	498	}
2 90ce3da70b43 Initial load duke parents: diff changeset	499
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	500	/**
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	501	* Return the minimum number of bytes that can be read
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	502	* without blocking.
2 90ce3da70b43 Initial load duke parents: diff changeset	503	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	504	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	505	public int available() throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	506	// Currently not synchronized.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	507	if ((!appDataIsAvailable) \|\| checkEOF()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	508	return 0;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	509	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	510
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	511	return buffer.remaining();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	512	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	513
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	514	/**
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	515	* Read a single byte, returning -1 on non-fault EOF status.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	516	*/
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	517	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	518	public synchronized int read() throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	519	int n = read(oneByte, 0, 1);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	520	if (n <= 0) { // EOF
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	521	return -1;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	522	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	523
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	524	return oneByte[0] & 0xFF;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	525	}
2 90ce3da70b43 Initial load duke parents: diff changeset	526
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	527	/**
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	528	* Reads up to {@code len} bytes of data from the input stream
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	529	* into an array of bytes.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	530	*
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	531	* An attempt is made to read as many as {@code len} bytes, but a
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	532	* smaller number may be read. The number of bytes actually read
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	533	* is returned as an integer.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	534	*
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	535	* If the layer above needs more data, it asks for more, so we
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	536	* are responsible only for blocking to fill at most one buffer,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	537	* and returning "-1" on non-fault EOF status.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	538	*/
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	539	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	540	public synchronized int read(byte[] b, int off, int len)
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	541	throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	542	if (b == null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	543	throw new NullPointerException("the target buffer is null");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	544	} else if (off < 0 \|\| len < 0 \|\| len > b.length - off) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	545	throw new IndexOutOfBoundsException(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	546	"buffer length: " + b.length + ", offset; " + off +
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	547	", bytes to read:" + len);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	548	} else if (len == 0) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	549	return 0;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	550	}
2 90ce3da70b43 Initial load duke parents: diff changeset	551
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	552	if (checkEOF()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	553	return -1;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	554	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	555
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	556	// start handshaking if the connection has not been negotiated.
56594 99e0f3f3f0e4 close issues introduced in TLS 1.3 implementation xuelei parents: 56571 diff changeset	557	if (!conContext.isNegotiated &&
99e0f3f3f0e4 close issues introduced in TLS 1.3 implementation xuelei parents: 56571 diff changeset	558	!conContext.isClosed() && !conContext.isBroken) {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	559	ensureNegotiated();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	560	}
2 90ce3da70b43 Initial load duke parents: diff changeset	561
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	562	// Read the available bytes at first.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	563	int remains = available();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	564	if (remains > 0) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	565	int howmany = Math.min(remains, len);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	566	buffer.get(b, off, howmany);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	567
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	568	return howmany;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	569	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	570
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	571	appDataIsAvailable = false;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	572	int volume = 0;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	573	try {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	574	while (volume == 0) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	575	// Clear the buffer for a new record reading.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	576	buffer.clear();
2 90ce3da70b43 Initial load duke parents: diff changeset	577
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	578	// grow the buffer if needed
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	579	int inLen = conContext.inputRecord.bytesInCompletePacket();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	580	if (inLen < 0) { // EOF
56712 bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	581	handleEOF(null);
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	582
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	583	// if no exceptio thrown
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	584	return -1;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	585	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	586
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	587	// Is this packet bigger than SSL/TLS normally allows?
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	588	if (inLen > SSLRecord.maxLargeRecordSize) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	589	throw new SSLProtocolException(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	590	"Illegal packet size: " + inLen);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	591	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	592
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	593	if (inLen > buffer.remaining()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	594	buffer = ByteBuffer.allocate(inLen);
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 29923 diff changeset	595	}
2 90ce3da70b43 Initial load duke parents: diff changeset	596
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	597	volume = readRecord(buffer);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	598	buffer.flip();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	599	if (volume < 0) { // EOF
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	600	// treat like receiving a close_notify warning message.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	601	conContext.isInputCloseNotified = true;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	602	conContext.closeInbound();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	603	return -1;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	604	} else if (volume > 0) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	605	appDataIsAvailable = true;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	606	break;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	607	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	608	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	609
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	610	// file the destination buffer
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	611	int howmany = Math.min(len, volume);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	612	buffer.get(b, off, howmany);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	613	return howmany;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	614	} catch (Exception e) { // including RuntimeException
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	615	// shutdown and rethrow (wrapped) exception as appropriate
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	616	handleException(e);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	617
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	618	// dummy for compiler
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	619	return -1;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	620	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	621	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	622
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	623	/**
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	624	* Skip n bytes.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	625	*
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	626	* This implementation is somewhat less efficient than possible, but
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	627	* not badly so (redundant copy). We reuse the read() code to keep
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	628	* things simpler. Note that SKIP_ARRAY is static and may garbled by
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	629	* concurrent use, but we are not interested in the data anyway.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	630	*/
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	631	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	632	public synchronized long skip(long n) throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	633	// dummy array used to implement skip()
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	634	byte[] skipArray = new byte[256];
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	635
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	636	long skipped = 0;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	637	while (n > 0) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	638	int len = (int)Math.min(n, skipArray.length);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	639	int r = read(skipArray, 0, len);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	640	if (r <= 0) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	641	break;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	642	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	643	n -= r;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	644	skipped += r;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	645	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	646
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	647	return skipped;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	648	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	649
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	650	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	651	public void close() throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	652	if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	653	SSLLogger.finest("Closing input stream");
2 90ce3da70b43 Initial load duke parents: diff changeset	654	}
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	655
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	656	conContext.closeInbound();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	657	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	658	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	659
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	660	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	661	public synchronized OutputStream getOutputStream() throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	662	if (isClosed() \|\| conContext.isOutboundDone()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	663	throw new SocketException("Socket or outbound is closed");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	664	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	665
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	666	if (!isConnected) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	667	throw new SocketException("Socket is not connected");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	668	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	669
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	670	return appOutput;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	671	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	672
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	673	private class AppOutputStream extends OutputStream {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	674	// One element array used to implement the write(byte) method
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	675	private final byte[] oneByte = new byte[1];
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	676
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	677	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	678	public void write(int i) throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	679	oneByte[0] = (byte)i;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	680	write(oneByte, 0, 1);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	681	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	682
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	683	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	684	public synchronized void write(byte[] b,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	685	int off, int len) throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	686	if (b == null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	687	throw new NullPointerException("the source buffer is null");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	688	} else if (off < 0 \|\| len < 0 \|\| len > b.length - off) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	689	throw new IndexOutOfBoundsException(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	690	"buffer length: " + b.length + ", offset; " + off +
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	691	", bytes to read:" + len);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	692	} else if (len == 0) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	693	return;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	694	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	695
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	696	// start handshaking if the connection has not been negotiated.
56594 99e0f3f3f0e4 close issues introduced in TLS 1.3 implementation xuelei parents: 56571 diff changeset	697	if (!conContext.isNegotiated &&
99e0f3f3f0e4 close issues introduced in TLS 1.3 implementation xuelei parents: 56571 diff changeset	698	!conContext.isClosed() && !conContext.isBroken) {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	699	ensureNegotiated();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	700	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	701
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	702	// check if the Socket is invalid (error or closed)
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	703	checkWrite();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	704
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	705	// Delegate the writing to the underlying socket.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	706	try {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	707	writeRecord(b, off, len);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	708	checkWrite();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	709	} catch (IOException ioe) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	710	// shutdown and rethrow (wrapped) exception as appropriate
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	711	handleException(ioe);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	712	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	713	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	714
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	715	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	716	public void close() throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	717	if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	718	SSLLogger.finest("Closing output stream");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	719	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	720
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	721	conContext.closeOutbound();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	722	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	723	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	724
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	725	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	726	public synchronized SSLParameters getSSLParameters() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	727	return conContext.sslConfig.getSSLParameters();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	728	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	729
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	730	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	731	public synchronized void setSSLParameters(SSLParameters params) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	732	conContext.sslConfig.setSSLParameters(params);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	733
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	734	if (conContext.sslConfig.maximumPacketSize != 0) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	735	conContext.outputRecord.changePacketSize(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	736	conContext.sslConfig.maximumPacketSize);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	737	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	738	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	739
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	740	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	741	public synchronized String getApplicationProtocol() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	742	return conContext.applicationProtocol;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	743	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	744
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	745	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	746	public synchronized String getHandshakeApplicationProtocol() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	747	if (conContext.handshakeContext != null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	748	return conContext.handshakeContext.applicationProtocol;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	749	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	750
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	751	return null;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	752	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	753
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	754	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	755	public synchronized void setHandshakeApplicationProtocolSelector(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	756	BiFunction<SSLSocket, List<String>, String> selector) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	757	conContext.sslConfig.socketAPSelector = selector;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	758	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	759
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	760	@Override
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	761	public synchronized BiFunction<SSLSocket, List<String>, String>
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	762	getHandshakeApplicationProtocolSelector() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	763	return conContext.sslConfig.socketAPSelector;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	764	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	765
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	766	private synchronized void writeRecord(byte[] source,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	767	int offset, int length) throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	768	if (conContext.isOutboundDone()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	769	throw new SocketException("Socket or outbound closed");
2 90ce3da70b43 Initial load duke parents: diff changeset	770	}
90ce3da70b43 Initial load duke parents: diff changeset	771
90ce3da70b43 Initial load duke parents: diff changeset	772	//
90ce3da70b43 Initial load duke parents: diff changeset	773	// Don't bother to really write empty records. We went this
90ce3da70b43 Initial load duke parents: diff changeset	774	// far to drive the handshake machinery, for correctness; not
90ce3da70b43 Initial load duke parents: diff changeset	775	// writing empty records improves performance by cutting CPU
90ce3da70b43 Initial load duke parents: diff changeset	776	// time and network resource usage. However, some protocol
90ce3da70b43 Initial load duke parents: diff changeset	777	// implementations are fragile and don't like to see empty
90ce3da70b43 Initial load duke parents: diff changeset	778	// records, so this also increases robustness.
90ce3da70b43 Initial load duke parents: diff changeset	779	//
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 29923 diff changeset	780	if (length > 0) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 29923 diff changeset	781	try {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	782	conContext.outputRecord.deliver(source, offset, length);
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 29923 diff changeset	783	} catch (SSLHandshakeException she) {
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 29923 diff changeset	784	// may be record sequence number overflow
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	785	conContext.fatal(Alert.HANDSHAKE_FAILURE, she);
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 29923 diff changeset	786	} catch (IOException e) {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	787	conContext.fatal(Alert.UNEXPECTED_MESSAGE, e);
34528 279258fb670b 8141651: Deadlock in sun.security.ssl.SSLSocketImpl xuelei parents: 34380 diff changeset	788	}
2 90ce3da70b43 Initial load duke parents: diff changeset	789	}
7039 6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: 6856 diff changeset	790
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	791	// Is the sequence number is nearly overflow?
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	792	if (conContext.outputRecord.seqNumIsHuge()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	793	tryKeyUpdate();
10915 1e20964cebf3 7064341: jsse/runtime security problem xuelei parents: 9514 diff changeset	794	}
1e20964cebf3 7064341: jsse/runtime security problem xuelei parents: 9514 diff changeset	795	}
2 90ce3da70b43 Initial load duke parents: diff changeset	796
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	797	private synchronized int readRecord() throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	798	while (!conContext.isInboundDone()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	799	try {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	800	Plaintext plainText = decode(null);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	801	if ((plainText.contentType == ContentType.HANDSHAKE.id) &&
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	802	conContext.isNegotiated) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	803	return 0;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	804	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	805	} catch (SSLException ssle) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	806	throw ssle;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	807	} catch (IOException ioe) {
56712 bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	808	if (!(ioe instanceof SSLException)) {
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	809	throw new SSLException("readRecord", ioe);
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	810	} else {
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	811	throw ioe;
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	812	}
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	813	}
2 90ce3da70b43 Initial load duke parents: diff changeset	814	}
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 29923 diff changeset	815
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	816	return -1;
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 29923 diff changeset	817	}
ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 29923 diff changeset	818
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	819	private synchronized int readRecord(ByteBuffer buffer) throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	820	while (!conContext.isInboundDone()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	821	/*
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	822	* clean the buffer and check if it is too small, e.g. because
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	823	* the AppInputStream did not have the chance to see the
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	824	* current packet length but rather something like that of the
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	825	* handshake before. In that case we return 0 at this point to
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	826	* give the caller the chance to adjust the buffer.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	827	*/
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	828	buffer.clear();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	829	int inLen = conContext.inputRecord.bytesInCompletePacket();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	830	if (inLen < 0) { // EOF
56712 bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	831	handleEOF(null);
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	832
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	833	// if no exceptio thrown
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	834	return -1;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	835	}
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 29923 diff changeset	836
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	837	if (buffer.remaining() < inLen) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	838	return 0;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	839	}
7039 6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: 6856 diff changeset	840
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	841	try {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	842	Plaintext plainText = decode(buffer);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	843	if (plainText.contentType == ContentType.APPLICATION_DATA.id) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	844	return buffer.position();
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 29923 diff changeset	845	}
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	846	} catch (SSLException ssle) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	847	throw ssle;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	848	} catch (IOException ioe) {
56712 bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	849	if (!(ioe instanceof SSLException)) {
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	850	throw new SSLException("readRecord", ioe);
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	851	} else {
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	852	throw ioe;
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	853	}
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	854	}
7039 6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: 6856 diff changeset	855	}
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: 6856 diff changeset	856
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	857	//
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	858	// couldn't read, due to some kind of error
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	859	//
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	860	return -1;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	861	}
7039 6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: 6856 diff changeset	862
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	863	private Plaintext decode(ByteBuffer destination) throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	864	Plaintext plainText;
56712 bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	865	try {
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	866	if (destination == null) {
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	867	plainText = SSLTransport.decode(conContext,
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	868	null, 0, 0, null, 0, 0);
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	869	} else {
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	870	plainText = SSLTransport.decode(conContext,
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	871	null, 0, 0, new ByteBuffer[]{destination}, 0, 1);
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	872	}
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	873	} catch (EOFException eofe) {
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	874	// EOFException is special as it is related to close_notify.
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	875	plainText = handleEOF(eofe);
7039 6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: 6856 diff changeset	876	}
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 29923 diff changeset	877
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	878	// Is the sequence number is nearly overflow?
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	879	if (plainText != Plaintext.PLAINTEXT_NULL &&
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	880	conContext.inputRecord.seqNumIsHuge()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	881	tryKeyUpdate();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	882	}
30904 ec0224270f90 8043758: Datagram Transport Layer Security (DTLS) xuelei parents: 29923 diff changeset	883
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	884	return plainText;
2 90ce3da70b43 Initial load duke parents: diff changeset	885	}
90ce3da70b43 Initial load duke parents: diff changeset	886
90ce3da70b43 Initial load duke parents: diff changeset	887	/**
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	888	* Try renegotiation or key update for sequence number wrap.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	889	*
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	890	* Note that in order to maintain the handshake status properly, we check
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	891	* the sequence number after the last record reading/writing process. As
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	892	* we request renegotiation or close the connection for wrapped sequence
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	893	* number when there is enough sequence number space left to handle a few
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	894	* more records, so the sequence number of the last record cannot be
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	895	* wrapped.
2 90ce3da70b43 Initial load duke parents: diff changeset	896	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	897	private void tryKeyUpdate() throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	898	// Don't bother to kickstart the renegotiation or key update when the
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	899	// local is asking for it.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	900	if ((conContext.handshakeContext == null) &&
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	901	!conContext.isClosed() && !conContext.isBroken) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	902	if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	903	SSLLogger.finest("key update to wrap sequence number");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	904	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	905	conContext.keyUpdate();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	906	}
2 90ce3da70b43 Initial load duke parents: diff changeset	907	}
90ce3da70b43 Initial load duke parents: diff changeset	908
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	909	private void closeSocket(boolean selfInitiated) throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	910	if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	911	SSLLogger.fine("close the ssl connection " +
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	912	(selfInitiated ? "(initiative)" : "(passive)"));
2 90ce3da70b43 Initial load duke parents: diff changeset	913	}
90ce3da70b43 Initial load duke parents: diff changeset	914
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	915	if (autoClose \|\| !isLayered()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	916	super.close();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	917	} else if (selfInitiated) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	918	// wait for close_notify alert to clear input stream.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	919	waitForClose();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	920	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	921	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	922
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	923	/**
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	924	* Wait for close_notify alert for a graceful closure.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	925	*
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	926	* [RFC 5246] If the application protocol using TLS provides that any
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	927	* data may be carried over the underlying transport after the TLS
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	928	* connection is closed, the TLS implementation must receive the responding
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	929	* close_notify alert before indicating to the application layer that
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	930	* the TLS connection has ended. If the application protocol will not
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	931	* transfer any additional data, but will only close the underlying
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	932	* transport connection, then the implementation MAY choose to close the
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	933	* transport without waiting for the responding close_notify.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	934	*/
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	935	private void waitForClose() throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	936	if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	937	SSLLogger.fine("wait for close_notify or alert");
2 90ce3da70b43 Initial load duke parents: diff changeset	938	}
34380 2b2609379881 8144093: JEP 244/8051498 - TLS Application-Layer Protocol Negotiation Extension vinnie parents: 32834 diff changeset	939
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	940	while (!conContext.isInboundDone()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	941	try {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	942	Plaintext plainText = decode(null);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	943	// discard and continue
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	944	if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	945	SSLLogger.finest(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	946	"discard plaintext while waiting for close", plainText);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	947	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	948	} catch (Exception e) { // including RuntimeException
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	949	handleException(e);
2 90ce3da70b43 Initial load duke parents: diff changeset	950	}
90ce3da70b43 Initial load duke parents: diff changeset	951	}
90ce3da70b43 Initial load duke parents: diff changeset	952	}
90ce3da70b43 Initial load duke parents: diff changeset	953
90ce3da70b43 Initial load duke parents: diff changeset	954	/**
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	955	* Initialize the handshaker and socket streams.
2 90ce3da70b43 Initial load duke parents: diff changeset	956	*
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	957	* Called by connect, the layered constructor, and SSLServerSocket.
2 90ce3da70b43 Initial load duke parents: diff changeset	958	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	959	synchronized void doneConnect() throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	960	// In server mode, it is not necessary to set host and serverNames.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	961	// Otherwise, would require a reverse DNS lookup to get the hostname.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	962	if ((peerHost == null) \|\| (peerHost.length() == 0)) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	963	boolean useNameService =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	964	trustNameService && conContext.sslConfig.isClientMode;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	965	useImplicitHost(useNameService);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	966	} else {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	967	conContext.sslConfig.serverNames =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	968	Utilities.addToSNIServerNameList(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	969	conContext.sslConfig.serverNames, peerHost);
2 90ce3da70b43 Initial load duke parents: diff changeset	970	}
90ce3da70b43 Initial load duke parents: diff changeset	971
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	972	InputStream sockInput = super.getInputStream();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	973	conContext.inputRecord.setReceiverStream(sockInput);
2 90ce3da70b43 Initial load duke parents: diff changeset	974
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	975	OutputStream sockOutput = super.getOutputStream();
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	976	conContext.inputRecord.setDeliverStream(sockOutput);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	977	conContext.outputRecord.setDeliverStream(sockOutput);
2 90ce3da70b43 Initial load duke parents: diff changeset	978
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	979	this.isConnected = true;
2 90ce3da70b43 Initial load duke parents: diff changeset	980	}
90ce3da70b43 Initial load duke parents: diff changeset	981
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	982	private void useImplicitHost(boolean useNameService) {
37601 6517589dcc94 8144566: Custom HostnameVerifier disables SNI extension xuelei parents: 36641 diff changeset	983	// Note: If the local name service is not trustworthy, reverse
6517589dcc94 8144566: Custom HostnameVerifier disables SNI extension xuelei parents: 36641 diff changeset	984	// host name resolution should not be performed for endpoint
6517589dcc94 8144566: Custom HostnameVerifier disables SNI extension xuelei parents: 36641 diff changeset	985	// identification. Use the application original specified
6517589dcc94 8144566: Custom HostnameVerifier disables SNI extension xuelei parents: 36641 diff changeset	986	// hostname or IP address instead.
6517589dcc94 8144566: Custom HostnameVerifier disables SNI extension xuelei parents: 36641 diff changeset	987
6517589dcc94 8144566: Custom HostnameVerifier disables SNI extension xuelei parents: 36641 diff changeset	988	// Get the original hostname via jdk.internal.misc.SharedSecrets
6517589dcc94 8144566: Custom HostnameVerifier disables SNI extension xuelei parents: 36641 diff changeset	989	InetAddress inetAddress = getInetAddress();
6517589dcc94 8144566: Custom HostnameVerifier disables SNI extension xuelei parents: 36641 diff changeset	990	if (inetAddress == null) { // not connected
6517589dcc94 8144566: Custom HostnameVerifier disables SNI extension xuelei parents: 36641 diff changeset	991	return;
31687 d6eb4f028c60 8067694: Improved certification checking xuelei parents: 30904 diff changeset	992	}
d6eb4f028c60 8067694: Improved certification checking xuelei parents: 30904 diff changeset	993
37601 6517589dcc94 8144566: Custom HostnameVerifier disables SNI extension xuelei parents: 36641 diff changeset	994	JavaNetInetAddressAccess jna =
6517589dcc94 8144566: Custom HostnameVerifier disables SNI extension xuelei parents: 36641 diff changeset	995	SharedSecrets.getJavaNetInetAddressAccess();
6517589dcc94 8144566: Custom HostnameVerifier disables SNI extension xuelei parents: 36641 diff changeset	996	String originalHostname = jna.getOriginalHostName(inetAddress);
6517589dcc94 8144566: Custom HostnameVerifier disables SNI extension xuelei parents: 36641 diff changeset	997	if ((originalHostname != null) &&
6517589dcc94 8144566: Custom HostnameVerifier disables SNI extension xuelei parents: 36641 diff changeset	998	(originalHostname.length() != 0)) {
6517589dcc94 8144566: Custom HostnameVerifier disables SNI extension xuelei parents: 36641 diff changeset	999
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1000	this.peerHost = originalHostname;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1001	if (conContext.sslConfig.serverNames.isEmpty() &&
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1002	!conContext.sslConfig.noSniExtension) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1003	conContext.sslConfig.serverNames =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1004	Utilities.addToSNIServerNameList(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1005	conContext.sslConfig.serverNames, peerHost);
37601 6517589dcc94 8144566: Custom HostnameVerifier disables SNI extension xuelei parents: 36641 diff changeset	1006	}
6517589dcc94 8144566: Custom HostnameVerifier disables SNI extension xuelei parents: 36641 diff changeset	1007
6517589dcc94 8144566: Custom HostnameVerifier disables SNI extension xuelei parents: 36641 diff changeset	1008	return;
6517589dcc94 8144566: Custom HostnameVerifier disables SNI extension xuelei parents: 36641 diff changeset	1009	}
6517589dcc94 8144566: Custom HostnameVerifier disables SNI extension xuelei parents: 36641 diff changeset	1010
6517589dcc94 8144566: Custom HostnameVerifier disables SNI extension xuelei parents: 36641 diff changeset	1011	// No explicitly specified hostname, no server name indication.
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1012	if (!useNameService) {
37601 6517589dcc94 8144566: Custom HostnameVerifier disables SNI extension xuelei parents: 36641 diff changeset	1013	// The local name service is not trustworthy, use IP address.
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1014	this.peerHost = inetAddress.getHostAddress();
37601 6517589dcc94 8144566: Custom HostnameVerifier disables SNI extension xuelei parents: 36641 diff changeset	1015	} else {
6517589dcc94 8144566: Custom HostnameVerifier disables SNI extension xuelei parents: 36641 diff changeset	1016	// Use the underlying reverse host name resolution service.
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1017	this.peerHost = getInetAddress().getHostName();
37601 6517589dcc94 8144566: Custom HostnameVerifier disables SNI extension xuelei parents: 36641 diff changeset	1018	}
31687 d6eb4f028c60 8067694: Improved certification checking xuelei parents: 30904 diff changeset	1019	}
d6eb4f028c60 8067694: Improved certification checking xuelei parents: 30904 diff changeset	1020
5162 0dbedf4fdb8c 6614957: HttpsURLConnection not using the set SSLSocketFactory for creating all its Sockets chegar parents: 2068 diff changeset	1021	// ONLY used by HttpsClient to setup the URI specified hostname
14194 971f46db533d 7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server xuelei parents: 13815 diff changeset	1022	//
971f46db533d 7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server xuelei parents: 13815 diff changeset	1023	// Please NOTE that this method MUST be called before calling to
971f46db533d 7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server xuelei parents: 13815 diff changeset	1024	// SSLSocket.setSSLParameters(). Otherwise, the {@code host} parameter
971f46db533d 7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server xuelei parents: 13815 diff changeset	1025	// may override SNIHostName in the customized server name indication.
32649 2ee9017c7597 8136583: Core libraries should use blessed modifier order martin parents: 31918 diff changeset	1026	public synchronized void setHost(String host) {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1027	this.peerHost = host;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1028	this.conContext.sslConfig.serverNames =
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1029	Utilities.addToSNIServerNameList(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1030	conContext.sslConfig.serverNames, host);
2 90ce3da70b43 Initial load duke parents: diff changeset	1031	}
90ce3da70b43 Initial load duke parents: diff changeset	1032
90ce3da70b43 Initial load duke parents: diff changeset	1033	/**
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1034	* Return whether we have reached end-of-file.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1035	*
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1036	* If the socket is not connected, has been shutdown because of an error
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1037	* or has been closed, throw an Exception.
2 90ce3da70b43 Initial load duke parents: diff changeset	1038	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1039	synchronized boolean checkEOF() throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1040	if (conContext.isClosed()) {
56571 9dfdc35eb270 TLS 1.3, update on SSLSocketImpl.checkEOF() xuelei parents: 56542 diff changeset	1041	// throw new SocketException("Socket is closed");
9dfdc35eb270 TLS 1.3, update on SSLSocketImpl.checkEOF() xuelei parents: 56542 diff changeset	1042	return true;
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1043	} else if (conContext.isInputCloseNotified \|\| conContext.isBroken) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1044	if (conContext.closeReason == null) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1045	return true;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1046	} else {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1047	throw new SSLException(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1048	"Connection has been shutdown: " + conContext.closeReason,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1049	conContext.closeReason);
2 90ce3da70b43 Initial load duke parents: diff changeset	1050	}
90ce3da70b43 Initial load duke parents: diff changeset	1051	}
90ce3da70b43 Initial load duke parents: diff changeset	1052
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1053	return false;
7043 5e2d1edeb2c7 6916074: Add support for TLS 1.2 xuelei parents: 7039 diff changeset	1054	}
5e2d1edeb2c7 6916074: Add support for TLS 1.2 xuelei parents: 7039 diff changeset	1055
2 90ce3da70b43 Initial load duke parents: diff changeset	1056	/**
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1057	* Check if we can write data to this socket.
2 90ce3da70b43 Initial load duke parents: diff changeset	1058	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1059	synchronized void checkWrite() throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1060	if (checkEOF() \|\| conContext.isOutboundDone()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1061	// we are at EOF, write must throw Exception
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1062	throw new SocketException("Connection closed");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1063	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1064	if (!isConnected) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1065	throw new SocketException("Socket is not connected");
2 90ce3da70b43 Initial load duke parents: diff changeset	1066	}
90ce3da70b43 Initial load duke parents: diff changeset	1067	}
90ce3da70b43 Initial load duke parents: diff changeset	1068
90ce3da70b43 Initial load duke parents: diff changeset	1069	/**
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1070	* Handle an exception.
2 90ce3da70b43 Initial load duke parents: diff changeset	1071	*
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1072	* This method is called by top level exception handlers (in read(),
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1073	* write()) to make sure we always shutdown the connection correctly
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1074	* and do not pass runtime exception to the application.
2 90ce3da70b43 Initial load duke parents: diff changeset	1075	*
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1076	* This method never returns normally, it always throws an IOException.
2 90ce3da70b43 Initial load duke parents: diff changeset	1077	*/
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1078	private void handleException(Exception cause) throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1079	if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1080	SSLLogger.warning("handling exception", cause);
2 90ce3da70b43 Initial load duke parents: diff changeset	1081	}
90ce3da70b43 Initial load duke parents: diff changeset	1082
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1083	// Don't close the Socket in case of timeouts or interrupts.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1084	if (cause instanceof InterruptedIOException) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1085	throw (IOException)cause;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1086	}
2 90ce3da70b43 Initial load duke parents: diff changeset	1087
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1088	// need to perform error shutdown
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1089	boolean isSSLException = (cause instanceof SSLException);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1090	Alert alert;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1091	if (isSSLException) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1092	if (cause instanceof SSLHandshakeException) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1093	alert = Alert.HANDSHAKE_FAILURE;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1094	} else {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1095	alert = Alert.UNEXPECTED_MESSAGE;
2 90ce3da70b43 Initial load duke parents: diff changeset	1096	}
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1097	} else {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1098	if (cause instanceof IOException) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1099	alert = Alert.UNEXPECTED_MESSAGE;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1100	} else {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1101	// RuntimeException
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1102	alert = Alert.INTERNAL_ERROR;
2 90ce3da70b43 Initial load duke parents: diff changeset	1103	}
90ce3da70b43 Initial load duke parents: diff changeset	1104	}
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1105	conContext.fatal(alert, cause);
2 90ce3da70b43 Initial load duke parents: diff changeset	1106	}
90ce3da70b43 Initial load duke parents: diff changeset	1107
56712 bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	1108	private Plaintext handleEOF(EOFException eofe) throws IOException {
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	1109	if (requireCloseNotify \|\| conContext.handshakeContext != null) {
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	1110	SSLException ssle;
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	1111	if (conContext.handshakeContext != null) {
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	1112	ssle = new SSLHandshakeException(
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	1113	"Remote host terminated the handshake");
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	1114	} else {
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	1115	ssle = new SSLProtocolException(
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	1116	"Remote host terminated the connection");
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	1117	}
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	1118
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	1119	if (eofe != null) {
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	1120	ssle.initCause(eofe);
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	1121	}
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	1122	throw ssle;
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	1123	} else {
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	1124	// treat as if we had received a close_notify
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	1125	conContext.isInputCloseNotified = true;
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	1126	conContext.transport.shutdown();
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	1127
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	1128	return Plaintext.PLAINTEXT_NULL;
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	1129	}
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	1130	}
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	1131
bad9f4c7eeec handle EOFException for SSLSocket xuelei parents: 56611 diff changeset	1132
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	1133	@Override
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1134	public String getPeerHost() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1135	return peerHost;
2 90ce3da70b43 Initial load duke parents: diff changeset	1136	}
90ce3da70b43 Initial load duke parents: diff changeset	1137
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	1138	@Override
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1139	public int getPeerPort() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1140	return getPort();
2 90ce3da70b43 Initial load duke parents: diff changeset	1141	}
90ce3da70b43 Initial load duke parents: diff changeset	1142
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	1143	@Override
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1144	public boolean useDelegatedTask() {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1145	return false;
2 90ce3da70b43 Initial load duke parents: diff changeset	1146	}
90ce3da70b43 Initial load duke parents: diff changeset	1147
14664 e71aa0962e70 8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl xuelei parents: 14194 diff changeset	1148	@Override
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1149	public void shutdown() throws IOException {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1150	if (!isClosed()) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1151	if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1152	SSLLogger.fine("close the underlying socket");
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1153	}
2 90ce3da70b43 Initial load duke parents: diff changeset	1154
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1155	try {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1156	if (conContext.isInputCloseNotified) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1157	// Close the connection, no wait for more peer response.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1158	closeSocket(false);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1159	} else {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1160	// Close the connection, may wait for peer close_notify.
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1161	closeSocket(true);
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1162	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1163	} finally {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47271 diff changeset	1164	tlsIsClosed = true;
14194 971f46db533d 7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server xuelei parents: 13815 diff changeset	1165	}
7043 5e2d1edeb2c7 6916074: Add support for TLS 1.2 xuelei parents: 7039 diff changeset	1166	}
2 90ce3da70b43 Initial load duke parents: diff changeset	1167	}
90ce3da70b43 Initial load duke parents: diff changeset	1168	}

author	xuelei
	Fri, 08 Jun 2018 19:43:11 -0700
branch	JDK-8145252-TLS13-branch
changeset 56712	bad9f4c7eeec
parent 56611	f8f7e604e1f8
child 56718	da9979451b7a
permissions	-rw-r--r--