--- a/src/java.base/share/classes/sun/security/ssl/CertificateRequest.java Tue Apr 23 08:34:51 2019 +0800
+++ b/src/java.base/share/classes/sun/security/ssl/CertificateRequest.java Thu May 02 17:43:26 2019 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2015, 2019, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -330,6 +330,15 @@
// clean up this consumer
chc.handshakeConsumers.remove(SSLHandshake.CERTIFICATE_REQUEST.id);
+ SSLConsumer certStatCons = chc.handshakeConsumers.remove(
+ SSLHandshake.CERTIFICATE_STATUS.id);
+ if (certStatCons != null) {
+ // Stapling was active but no certificate status message
+ // was sent. We need to run the absence handler which will
+ // check the certificate chain.
+ CertificateStatus.handshakeAbsence.absent(context, null);
+ }
+
T10CertificateRequestMessage crm =
new T10CertificateRequestMessage(chc, message);
if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
@@ -647,6 +656,15 @@
// clean up this consumer
chc.handshakeConsumers.remove(SSLHandshake.CERTIFICATE_REQUEST.id);
+ SSLConsumer certStatCons = chc.handshakeConsumers.remove(
+ SSLHandshake.CERTIFICATE_STATUS.id);
+ if (certStatCons != null) {
+ // Stapling was active but no certificate status message
+ // was sent. We need to run the absence handler which will
+ // check the certificate chain.
+ CertificateStatus.handshakeAbsence.absent(context, null);
+ }
+
T12CertificateRequestMessage crm =
new T12CertificateRequestMessage(chc, message);
if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {