Mercurial Mercurial > jdk-sandbox / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
src/java.base/share/classes/sun/security/ssl/CertificateMessage.java
branchJDK-8145252-TLS13-branch
changeset 56559 a423173d0578
parent 56542 56aaa6cb3693
child 56603 f103e0c2be1e 
--- a/src/java.base/share/classes/sun/security/ssl/CertificateMessage.java	Tue May 15 14:54:04 2018 -0400
+++ b/src/java.base/share/classes/sun/security/ssl/CertificateMessage.java	Tue May 15 13:01:37 2018 -0700
@@ -436,7 +436,8 @@
             // DO NOT need to check allowUnsafeServerCertChange here. We only
             // reserve server certificates when allowUnsafeServerCertChange is
             // flase.
-            if (chc.reservedServerCerts != null) {
+            if (chc.reservedServerCerts != null &&
+                    !chc.handshakeSession.useExtendedMasterSecret) {
                 // It is not necessary to check the certificate update if
                 // endpoint identification is enabled.
                 String identityAlg = chc.sslConfig.identificationProtocol;
jdk-sandbox