equal
deleted
inserted
replaced
343 mesg.print(System.out); |
343 mesg.print(System.out); |
344 } |
344 } |
345 |
345 |
346 // check if the server selected protocol version is OK for us |
346 // check if the server selected protocol version is OK for us |
347 ProtocolVersion mesgVersion = mesg.protocolVersion; |
347 ProtocolVersion mesgVersion = mesg.protocolVersion; |
348 if (enabledProtocols.contains(mesgVersion) == false) { |
348 if (!isNegotiable(mesgVersion)) { |
349 throw new SSLHandshakeException |
349 throw new SSLHandshakeException( |
350 ("Server chose unsupported or disabled protocol: " + mesgVersion); |
350 "Server chose unsupported or disabled protocol: " + |
|
351 mesgVersion); |
351 } |
352 } |
352 |
353 |
353 // Set protocolVersion and propagate to SSLSocket and the |
354 // Set protocolVersion and propagate to SSLSocket and the |
354 // Handshake streams |
355 // Handshake streams |
355 setVersion(mesgVersion); |
356 setVersion(mesgVersion); |
1020 HandshakeMessage getKickstartMessage() throws SSLException { |
1021 HandshakeMessage getKickstartMessage() throws SSLException { |
1021 // session ID of the ClientHello message |
1022 // session ID of the ClientHello message |
1022 SessionId sessionId = SSLSessionImpl.nullSession.getSessionId(); |
1023 SessionId sessionId = SSLSessionImpl.nullSession.getSessionId(); |
1023 |
1024 |
1024 // a list of cipher suites sent by the client |
1025 // a list of cipher suites sent by the client |
1025 CipherSuiteList cipherSuites = enabledCipherSuites; |
1026 CipherSuiteList cipherSuites = getActiveCipherSuites(); |
1026 |
1027 |
1027 // set the max protocol version this client is supporting. |
1028 // set the max protocol version this client is supporting. |
1028 maxProtocolVersion = protocolVersion; |
1029 maxProtocolVersion = protocolVersion; |
1029 |
1030 |
1030 // |
1031 // |
1055 System.out.println("%% can't resume, unavailable cipher"); |
1056 System.out.println("%% can't resume, unavailable cipher"); |
1056 } |
1057 } |
1057 session = null; |
1058 session = null; |
1058 } |
1059 } |
1059 |
1060 |
1060 if ((session != null) && |
1061 if ((session != null) && !isNegotiable(sessionVersion)) { |
1061 (enabledProtocols.contains(sessionVersion) == false)) { |
|
1062 if (debug != null && Debug.isOn("session")) { |
1062 if (debug != null && Debug.isOn("session")) { |
1063 System.out.println("%% can't resume, protocol disabled"); |
1063 System.out.println("%% can't resume, protocol disabled"); |
1064 } |
1064 } |
1065 session = null; |
1065 session = null; |
1066 } |
1066 } |
1086 * Force use of the previous session ciphersuite, and |
1086 * Force use of the previous session ciphersuite, and |
1087 * add the SCSV if enabled. |
1087 * add the SCSV if enabled. |
1088 */ |
1088 */ |
1089 if (!enableNewSession) { |
1089 if (!enableNewSession) { |
1090 if (session == null) { |
1090 if (session == null) { |
1091 throw new SSLException( |
1091 throw new SSLHandshakeException( |
1092 "Can't reuse existing SSL client session"); |
1092 "Can't reuse existing SSL client session"); |
1093 } |
1093 } |
1094 |
1094 |
1095 Collection<CipherSuite> cipherList = |
1095 Collection<CipherSuite> cipherList = |
1096 new ArrayList<CipherSuite>(2); |
1096 new ArrayList<CipherSuite>(2); |
1103 cipherSuites = new CipherSuiteList(cipherList); |
1103 cipherSuites = new CipherSuiteList(cipherList); |
1104 } |
1104 } |
1105 } |
1105 } |
1106 |
1106 |
1107 if (session == null && !enableNewSession) { |
1107 if (session == null && !enableNewSession) { |
1108 throw new SSLException("No existing session to resume"); |
1108 throw new SSLHandshakeException("No existing session to resume"); |
1109 } |
1109 } |
1110 |
1110 |
1111 // exclude SCSV for secure renegotiation |
1111 // exclude SCSV for secure renegotiation |
1112 if (secureRenegotiation && cipherSuites.contains(CipherSuite.C_SCSV)) { |
1112 if (secureRenegotiation && cipherSuites.contains(CipherSuite.C_SCSV)) { |
1113 Collection<CipherSuite> cipherList = |
1113 Collection<CipherSuite> cipherList = |
1129 break; |
1129 break; |
1130 } |
1130 } |
1131 } |
1131 } |
1132 |
1132 |
1133 if (!negotiable) { |
1133 if (!negotiable) { |
1134 throw new SSLException("No negotiable cipher suite"); |
1134 throw new SSLHandshakeException("No negotiable cipher suite"); |
1135 } |
1135 } |
1136 |
1136 |
1137 // create the ClientHello message |
1137 // create the ClientHello message |
1138 ClientHello clientHelloMessage = new ClientHello( |
1138 ClientHello clientHelloMessage = new ClientHello( |
1139 sslContext.getSecureRandom(), maxProtocolVersion, |
1139 sslContext.getSecureRandom(), maxProtocolVersion, |