--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/java.base/share/classes/sun/security/ssl/HelloRequest.java Mon Jun 25 13:41:39 2018 -0700
@@ -0,0 +1,217 @@
+/*
+ * Copyright (c) 2015, 2018, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation. Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package sun.security.ssl;
+
+import java.io.IOException;
+import java.nio.ByteBuffer;
+import sun.security.ssl.SSLHandshake.HandshakeMessage;
+
+/**
+ * Pack of the HelloRequest handshake message.
+ */
+final class HelloRequest {
+ static final SSLProducer kickstartProducer =
+ new HelloRequestKickstartProducer();
+
+ static final SSLConsumer handshakeConsumer =
+ new HelloRequestConsumer();
+ static final HandshakeProducer handshakeProducer =
+ new HelloRequestProducer();
+
+ /**
+ * The HelloRequest handshake message.
+ *
+ * [RFC 5246] The HelloRequest message MAY be sent by the server at any
+ * time. HelloRequest is a simple notification that the client should
+ * begin the negotiation process anew.
+ *
+ * struct { } HelloRequest;
+ */
+ static final class HelloRequestMessage extends HandshakeMessage {
+ HelloRequestMessage(HandshakeContext handshakeContext) {
+ super(handshakeContext);
+ }
+
+ HelloRequestMessage(HandshakeContext handshakeContext,
+ ByteBuffer m) throws IOException {
+ super(handshakeContext);
+ if (m.hasRemaining()) {
+ handshakeContext.conContext.fatal(Alert.ILLEGAL_PARAMETER,
+ "Error parsing HelloRequest message: not empty");
+ }
+ }
+
+ @Override
+ public SSLHandshake handshakeType() {
+ return SSLHandshake.HELLO_REQUEST;
+ }
+
+ @Override
+ public int messageLength() {
+ return 0;
+ }
+
+ @Override
+ public void send(HandshakeOutStream s) throws IOException {
+ // empty, nothing to send
+ }
+
+ @Override
+ public String toString() {
+ return "<empty>";
+ }
+ }
+
+ /**
+ * The "HelloRequest" handshake message kick start producer.
+ */
+ private static final
+ class HelloRequestKickstartProducer implements SSLProducer {
+ // Prevent instantiation of this class.
+ private HelloRequestKickstartProducer() {
+ // blank
+ }
+
+ @Override
+ public byte[] produce(ConnectionContext context) throws IOException {
+ // The producing happens in server side only.
+ ServerHandshakeContext shc = (ServerHandshakeContext)context;
+
+ HelloRequestMessage hrm = new HelloRequestMessage(shc);
+ if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
+ SSLLogger.fine("Produced HelloRequest handshake message", hrm);
+ }
+
+ // Output the handshake message.
+ hrm.write(shc.handshakeOutput);
+ shc.handshakeOutput.flush();
+
+ // update the context
+
+ // What's the expected response?
+ shc.handshakeConsumers.put(
+ SSLHandshake.CLIENT_HELLO.id, SSLHandshake.CLIENT_HELLO);
+
+ // The handshake message has been delivered.
+ return null;
+ }
+ }
+
+ /**
+ * The "HelloRequest" handshake message producer.
+ */
+ private static final class HelloRequestProducer
+ implements HandshakeProducer {
+ // Prevent instantiation of this class.
+ private HelloRequestProducer() {
+ // blank
+ }
+
+ @Override
+ public byte[] produce(ConnectionContext context,
+ HandshakeMessage message) throws IOException {
+ // The producing happens in server side only.
+ ServerHandshakeContext shc = (ServerHandshakeContext)context;
+
+ HelloRequestMessage hrm = new HelloRequestMessage(shc);
+ if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
+ SSLLogger.fine("Produced HelloRequest handshake message", hrm);
+ }
+
+ // Output the handshake message.
+ hrm.write(shc.handshakeOutput);
+ shc.handshakeOutput.flush();
+
+ // update the context
+
+ // What's the expected response?
+ shc.handshakeConsumers.put(
+ SSLHandshake.CLIENT_HELLO.id, SSLHandshake.CLIENT_HELLO);
+
+ // The handshake message has been delivered.
+ return null;
+ }
+ }
+
+ /**
+ * The "HelloRequest" handshake message consumer.
+ */
+ private static final class HelloRequestConsumer
+ implements SSLConsumer {
+
+ // Prevent instantiation of this class.
+ private HelloRequestConsumer() {
+ // blank
+ }
+
+ @Override
+ public void consume(ConnectionContext context,
+ ByteBuffer message) throws IOException {
+ // The consuming happens in client side only.
+ ClientHandshakeContext chc = (ClientHandshakeContext)context;
+
+ // For TLS 1.2 and prior versions, the HelloRequest message MAY
+ // be sent by the server at any time. Please don't clean up this
+ // handshake consumer.
+ HelloRequestMessage hrm = new HelloRequestMessage(chc, message);
+ if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
+ SSLLogger.fine(
+ "Consuming HelloRequest handshake message", hrm);
+ }
+
+ if (!chc.kickstartMessageDelivered) {
+ if (!chc.conContext.secureRenegotiation &&
+ !HandshakeContext.allowUnsafeRenegotiation) {
+ chc.conContext.fatal(Alert.HANDSHAKE_FAILURE,
+ "Unsafe renegotiation is not allowed");
+ }
+
+ if (!chc.conContext.secureRenegotiation) {
+ if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
+ SSLLogger.warning(
+ "Continue with insecure renegotiation");
+ }
+ }
+
+ // update the responders
+ chc.handshakeProducers.put(
+ SSLHandshake.CLIENT_HELLO.id,
+ SSLHandshake.CLIENT_HELLO);
+
+ //
+ // produce response handshake message
+ //
+ SSLHandshake.CLIENT_HELLO.produce(context, hrm);
+ } else {
+ if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
+ SSLLogger.fine(
+ "Ingore HelloRequest, handshaking is in progress");
+ }
+ }
+ }
+ }
+}
+