27 |
27 |
28 import java.io.IOException; |
28 import java.io.IOException; |
29 import java.security.AlgorithmConstraints; |
29 import java.security.AlgorithmConstraints; |
30 import java.security.AccessController; |
30 import java.security.AccessController; |
31 import sun.security.util.LegacyAlgorithmConstraints; |
31 import sun.security.util.LegacyAlgorithmConstraints; |
32 import sun.security.action.GetPropertyAction; |
|
33 import sun.security.action.GetLongAction; |
32 import sun.security.action.GetLongAction; |
34 |
33 |
35 class ServerHandshakeContext extends HandshakeContext { |
34 class ServerHandshakeContext extends HandshakeContext { |
36 // To prevent the TLS renegotiation issues, by setting system property |
35 // To prevent the TLS renegotiation issues, by setting system property |
37 // "jdk.tls.rejectClientInitiatedRenegotiation" to true, applications in |
36 // "jdk.tls.rejectClientInitiatedRenegotiation" to true, applications in |
38 // server side can disable all client initiated SSL renegotiations |
37 // server side can disable all client initiated SSL renegotiation |
39 // regardless of the support of TLS protocols. |
38 // regardless of the support of TLS protocols. |
40 // |
39 // |
41 // By default, allow client initiated renegotiations. |
40 // By default, allow client initiated renegotiation. |
42 static final boolean rejectClientInitiatedRenego = |
41 static final boolean rejectClientInitiatedRenego = |
43 Utilities.getBooleanProperty( |
42 Utilities.getBooleanProperty( |
44 "jdk.tls.rejectClientInitiatedRenegotiation", false); |
43 "jdk.tls.rejectClientInitiatedRenegotiation", false); |
45 |
44 |
46 // legacy algorithm constraints |
45 // legacy algorithm constraints |