# HG changeset patch # User xuelei # Date 1528866910 25200 # Node ID 2b4ae319412b24c4e6c69eaa574c0dfa87d74669 # Parent ae0cd8b2e2c22c8678346786ec5cc344bb02ab8a Enable RSASSA-PSS for TLS 1.2, and socket close checking diff -r ae0cd8b2e2c2 -r 2b4ae319412b src/java.base/share/classes/sun/security/ssl/SSLEngineImpl.java --- a/src/java.base/share/classes/sun/security/ssl/SSLEngineImpl.java Mon Jun 11 20:45:47 2018 -0700 +++ b/src/java.base/share/classes/sun/security/ssl/SSLEngineImpl.java Tue Jun 12 22:15:10 2018 -0700 @@ -113,8 +113,7 @@ @Override public synchronized SSLEngineResult wrap(ByteBuffer[] appData, int offset, int length, ByteBuffer netData) throws SSLException { - return wrap( - appData, offset, length, new ByteBuffer[]{ netData }, 0, 1); + return wrap(appData, offset, length, new ByteBuffer[]{ netData }, 0, 1); } // @Override diff -r ae0cd8b2e2c2 -r 2b4ae319412b src/java.base/share/classes/sun/security/ssl/SSLSocketImpl.java --- a/src/java.base/share/classes/sun/security/ssl/SSLSocketImpl.java Mon Jun 11 20:45:47 2018 -0700 +++ b/src/java.base/share/classes/sun/security/ssl/SSLSocketImpl.java Tue Jun 12 22:15:10 2018 -0700 @@ -1048,7 +1048,6 @@ */ synchronized boolean checkEOF() throws IOException { if (conContext.isClosed()) { - // throw new SocketException("Socket is closed"); return true; } else if (conContext.isInputCloseNotified || conContext.isBroken) { if (conContext.closeReason == null) { @@ -1067,7 +1066,7 @@ * Check if we can write data to this socket. */ synchronized void checkWrite() throws IOException { - if (checkEOF() || conContext.isOutboundDone()) { + if (checkEOF() || conContext.isOutboundClosed()) { // we are at EOF, write must throw Exception throw new SocketException("Connection closed"); } diff -r ae0cd8b2e2c2 -r 2b4ae319412b src/java.base/share/classes/sun/security/ssl/SignatureScheme.java --- a/src/java.base/share/classes/sun/security/ssl/SignatureScheme.java Mon Jun 11 20:45:47 2018 -0700 +++ b/src/java.base/share/classes/sun/security/ssl/SignatureScheme.java Tue Jun 12 22:15:10 2018 -0700 @@ -76,15 +76,15 @@ RSA_PSS_RSAE_SHA256 (0x0804, "rsa_pss_rsae_sha256", "RSASSA-PSS", "RSA", SigAlgParamSpec.RSA_PSS_SHA256, 528, - ProtocolVersion.PROTOCOLS_OF_13), + ProtocolVersion.PROTOCOLS_TO_13), RSA_PSS_RSAE_SHA384 (0x0805, "rsa_pss_rsae_sha384", "RSASSA-PSS", "RSA", SigAlgParamSpec.RSA_PSS_SHA384, 784, - ProtocolVersion.PROTOCOLS_OF_13), + ProtocolVersion.PROTOCOLS_TO_13), RSA_PSS_RSAE_SHA512 (0x0806, "rsa_pss_rsae_sha512", "RSASSA-PSS", "RSA", SigAlgParamSpec.RSA_PSS_SHA512, 1040, - ProtocolVersion.PROTOCOLS_OF_13), + ProtocolVersion.PROTOCOLS_TO_13), // RSASSA-PSS algorithms with public key OID RSASSA-PSS // @@ -93,15 +93,15 @@ RSA_PSS_PSS_SHA256 (0x0809, "rsa_pss_pss_sha256", "RSASSA-PSS", "RSASSA-PSS", SigAlgParamSpec.RSA_PSS_SHA256, 528, - ProtocolVersion.PROTOCOLS_OF_13), + ProtocolVersion.PROTOCOLS_TO_13), RSA_PSS_PSS_SHA384 (0x080A, "rsa_pss_pss_sha384", "RSASSA-PSS", "RSASSA-PSS", SigAlgParamSpec.RSA_PSS_SHA384, 784, - ProtocolVersion.PROTOCOLS_OF_13), + ProtocolVersion.PROTOCOLS_TO_13), RSA_PSS_PSS_SHA512 (0x080B, "rsa_pss_pss_sha512", "RSASSA-PSS", "RSASSA-PSS", SigAlgParamSpec.RSA_PSS_SHA512, 1040, - ProtocolVersion.PROTOCOLS_OF_13), + ProtocolVersion.PROTOCOLS_TO_13), // RSASSA-PKCS1-v1_5 algorithms RSA_PKCS1_SHA256 (0x0401, "rsa_pkcs1_sha256", "SHA256withRSA", diff -r ae0cd8b2e2c2 -r 2b4ae319412b src/java.base/share/classes/sun/security/ssl/TransportContext.java --- a/src/java.base/share/classes/sun/security/ssl/TransportContext.java Mon Jun 11 20:45:47 2018 -0700 +++ b/src/java.base/share/classes/sun/security/ssl/TransportContext.java Tue Jun 12 22:15:10 2018 -0700 @@ -425,16 +425,23 @@ isUnsureMode = false; } + // The OutputRecord is closed and not buffered output record. boolean isOutboundDone() { return outputRecord.isClosed() && outputRecord.isEmpty(); } + // The OutputRecord is closed, but buffered output record may be still + // waiting for delivery to the underlying connection. + boolean isOutboundClosed() { + return outputRecord.isClosed(); + } + boolean isInboundDone() { return inputRecord.isClosed(); } boolean isClosed() { - return isOutboundDone() && isInboundDone(); + return isOutboundClosed() && isInboundDone(); } @Override diff -r ae0cd8b2e2c2 -r 2b4ae319412b test/jdk/sun/security/ssl/AppOutputStream/NoExceptionOnClose.java --- a/test/jdk/sun/security/ssl/AppOutputStream/NoExceptionOnClose.java Mon Jun 11 20:45:47 2018 -0700 +++ b/test/jdk/sun/security/ssl/AppOutputStream/NoExceptionOnClose.java Tue Jun 12 22:15:10 2018 -0700 @@ -21,14 +21,16 @@ * questions. */ +// +// SunJSSE does not support dynamic system properties, no way to re-use +// system properties in samevm/agentvm mode. +// + /* * @test 1.3 01/03/08 * @bug 4378397 * @summary JSSE socket output stream doesn't throw after socket is closed * @run main/othervm NoExceptionOnClose - * - * SunJSSE does not support dynamic system properties, no way to re-use - * system properties in samevm/agentvm mode. * @author Jaya Hangal */ @@ -152,7 +154,7 @@ try { sslOS.write(22); sslOS.flush(); - } catch (SSLException socketClosed) { + } catch (SSLException | SocketException socketClosed) { System.out.println("Received \"" + socketClosed.getMessage() + "\" exception as expected"); isSocketClosedThrown = true;