107 private PrivateKey localPrivateKey; |
107 private PrivateKey localPrivateKey; |
108 private String[] localSupportedSignAlgs; |
108 private String[] localSupportedSignAlgs; |
109 private String[] peerSupportedSignAlgs; |
109 private String[] peerSupportedSignAlgs; |
110 private List<SNIServerName> requestedServerNames; |
110 private List<SNIServerName> requestedServerNames; |
111 |
111 |
|
112 private int negotiatedMaxFragLen; |
|
113 private int maximumPacketSize; |
112 |
114 |
113 // Principals for non-certificate based cipher suites |
115 // Principals for non-certificate based cipher suites |
114 private Principal peerPrincipal; |
116 private Principal peerPrincipal; |
115 private Principal localPrincipal; |
117 private Principal localPrincipal; |
116 |
118 |
783 * Gets the current size of the largest SSL/TLS packet that is expected |
786 * Gets the current size of the largest SSL/TLS packet that is expected |
784 * when using this session. |
787 * when using this session. |
785 */ |
788 */ |
786 @Override |
789 @Override |
787 public synchronized int getPacketBufferSize() { |
790 public synchronized int getPacketBufferSize() { |
788 return acceptLargeFragments ? |
791 // Use the bigger packet size calculated from maximumPacketSize |
789 Record.maxLargeRecordSize : Record.maxRecordSize; |
792 // and negotiatedMaxFragLen. |
|
793 int packetSize = 0; |
|
794 if (negotiatedMaxFragLen > 0) { |
|
795 packetSize = cipherSuite.calculatePacketSize( |
|
796 negotiatedMaxFragLen, protocolVersion, |
|
797 protocolVersion.isDTLSProtocol()); |
|
798 } |
|
799 |
|
800 if (maximumPacketSize > 0) { |
|
801 return (maximumPacketSize > packetSize) ? |
|
802 maximumPacketSize : packetSize; |
|
803 } |
|
804 |
|
805 if (packetSize != 0) { |
|
806 return packetSize; |
|
807 } |
|
808 |
|
809 if (protocolVersion.isDTLSProtocol()) { |
|
810 return DTLSRecord.maxRecordSize; |
|
811 } else { |
|
812 return acceptLargeFragments ? |
|
813 SSLRecord.maxLargeRecordSize : SSLRecord.maxRecordSize; |
|
814 } |
790 } |
815 } |
791 |
816 |
792 /** |
817 /** |
793 * Gets the current size of the largest application data that is |
818 * Gets the current size of the largest application data that is |
794 * expected when using this session. |
819 * expected when using this session. |
795 */ |
820 */ |
796 @Override |
821 @Override |
797 public synchronized int getApplicationBufferSize() { |
822 public synchronized int getApplicationBufferSize() { |
798 return getPacketBufferSize() - Record.headerSize; |
823 // Use the bigger fragment size calculated from maximumPacketSize |
|
824 // and negotiatedMaxFragLen. |
|
825 int fragmentSize = 0; |
|
826 if (maximumPacketSize > 0) { |
|
827 fragmentSize = cipherSuite.calculateFragSize( |
|
828 maximumPacketSize, protocolVersion, |
|
829 protocolVersion.isDTLSProtocol()); |
|
830 } |
|
831 |
|
832 if (negotiatedMaxFragLen > 0) { |
|
833 return (negotiatedMaxFragLen > fragmentSize) ? |
|
834 negotiatedMaxFragLen : fragmentSize; |
|
835 } |
|
836 |
|
837 if (fragmentSize != 0) { |
|
838 return fragmentSize; |
|
839 } |
|
840 |
|
841 if (protocolVersion.isDTLSProtocol()) { |
|
842 return Record.maxDataSize; |
|
843 } else { |
|
844 int maxPacketSize = acceptLargeFragments ? |
|
845 SSLRecord.maxLargeRecordSize : SSLRecord.maxRecordSize; |
|
846 return (maxPacketSize - SSLRecord.headerSize); |
|
847 } |
|
848 } |
|
849 |
|
850 /** |
|
851 * Sets the negotiated maximum fragment length, as specified by the |
|
852 * max_fragment_length ClientHello extension in RFC 6066. |
|
853 * |
|
854 * @param negotiatedMaxFragLen |
|
855 * the negotiated maximum fragment length, or {@code -1} if |
|
856 * no such length has been negotiated. |
|
857 */ |
|
858 synchronized void setNegotiatedMaxFragSize( |
|
859 int negotiatedMaxFragLen) { |
|
860 |
|
861 this.negotiatedMaxFragLen = negotiatedMaxFragLen; |
|
862 } |
|
863 |
|
864 /** |
|
865 * Get the negotiated maximum fragment length, as specified by the |
|
866 * max_fragment_length ClientHello extension in RFC 6066. |
|
867 * |
|
868 * @return the negotiated maximum fragment length, or {@code -1} if |
|
869 * no such length has been negotiated. |
|
870 */ |
|
871 synchronized int getNegotiatedMaxFragSize() { |
|
872 return negotiatedMaxFragLen; |
|
873 } |
|
874 |
|
875 synchronized void setMaximumPacketSize(int maximumPacketSize) { |
|
876 this.maximumPacketSize = maximumPacketSize; |
|
877 } |
|
878 |
|
879 synchronized int getMaximumPacketSize() { |
|
880 return maximumPacketSize; |
799 } |
881 } |
800 |
882 |
801 /** |
883 /** |
802 * Gets an array of supported signature algorithms that the local side is |
884 * Gets an array of supported signature algorithms that the local side is |
803 * willing to verify. |
885 * willing to verify. |