--- a/src/java.base/share/classes/sun/security/ssl/HelloCookieManager.java Thu Jun 07 23:35:22 2018 +0000
+++ b/src/java.base/share/classes/sun/security/ssl/HelloCookieManager.java Fri Jun 08 11:10:40 2018 +0800
@@ -34,87 +34,87 @@
/**
* (D)TLS handshake cookie manager
*/
-class HelloCookieManager {
- final SecureRandom secureRandom;
+abstract class HelloCookieManager {
+
+ static class Builder {
+
+ final SecureRandom secureRandom;
+
+ private volatile D10HelloCookieManager d10HelloCookieManager;
+ private volatile D13HelloCookieManager d13HelloCookieManager;
+ private volatile T13HelloCookieManager t13HelloCookieManager;
- private volatile D10HelloCookieManager d10HelloCookieManager;
- private volatile D13HelloCookieManager d13HelloCookieManager;
- private volatile T13HelloCookieManager t13HelloCookieManager;
+ Builder(SecureRandom secureRandom) {
+ this.secureRandom = secureRandom;
+ }
- HelloCookieManager(SecureRandom secureRandom) {
- this.secureRandom = secureRandom;
- }
+ HelloCookieManager valueOf(ProtocolVersion protocolVersion) {
+ if (protocolVersion.isDTLS) {
+ if (protocolVersion.useTLS13PlusSpec()) {
+ if (d13HelloCookieManager != null) {
+ return d13HelloCookieManager;
+ }
- HelloCookieManager valueOf(ProtocolVersion protocolVersion) {
- if (protocolVersion.isDTLS) {
- if (protocolVersion.useTLS13PlusSpec()) {
- if (d13HelloCookieManager != null) {
- return d13HelloCookieManager;
- }
+ synchronized (this) {
+ if (d13HelloCookieManager == null) {
+ d13HelloCookieManager =
+ new D13HelloCookieManager(secureRandom);
+ }
+ }
- synchronized (this) {
- if (d13HelloCookieManager == null) {
- d13HelloCookieManager =
- new D13HelloCookieManager(secureRandom);
+ return d13HelloCookieManager;
+ } else {
+ if (d10HelloCookieManager != null) {
+ return d10HelloCookieManager;
}
- }
- return d13HelloCookieManager;
- } else {
- if (d10HelloCookieManager != null) {
+ synchronized (this) {
+ if (d10HelloCookieManager == null) {
+ d10HelloCookieManager =
+ new D10HelloCookieManager(secureRandom);
+ }
+ }
+
return d10HelloCookieManager;
}
-
- synchronized (this) {
- if (d10HelloCookieManager == null) {
- d10HelloCookieManager =
- new D10HelloCookieManager(secureRandom);
+ } else {
+ if (protocolVersion.useTLS13PlusSpec()) {
+ if (t13HelloCookieManager != null) {
+ return t13HelloCookieManager;
}
- }
- return d10HelloCookieManager;
- }
- } else {
- if (protocolVersion.useTLS13PlusSpec()) {
- if (t13HelloCookieManager != null) {
+ synchronized (this) {
+ if (t13HelloCookieManager == null) {
+ t13HelloCookieManager =
+ new T13HelloCookieManager(secureRandom);
+ }
+ }
+
return t13HelloCookieManager;
}
+ }
- synchronized (this) {
- if (t13HelloCookieManager == null) {
- t13HelloCookieManager =
- new T13HelloCookieManager(secureRandom);
- }
- }
-
- return t13HelloCookieManager;
- }
+ return null;
}
-
- return null;
}
- byte[] createCookie(ServerHandshakeContext context,
- ClientHelloMessage clientHello) throws IOException {
- throw new UnsupportedOperationException(
- "Not yet supported handshake cookie manager");
- }
+ abstract byte[] createCookie(ServerHandshakeContext context,
+ ClientHelloMessage clientHello) throws IOException;
- boolean isCookieValid(ServerHandshakeContext context,
- ClientHelloMessage clientHello, byte[] cookie) throws IOException {
- throw new UnsupportedOperationException(
- "Not yet supported handshake cookie manager");
- }
+ abstract boolean isCookieValid(ServerHandshakeContext context,
+ ClientHelloMessage clientHello, byte[] cookie) throws IOException;
// DTLS 1.0/1.2
private static final
class D10HelloCookieManager extends HelloCookieManager {
+
+ final SecureRandom secureRandom;
private int cookieVersion; // allow to wrap, version + sequence
private byte[] cookieSecret;
private byte[] legacySecret;
D10HelloCookieManager(SecureRandom secureRandom) {
- super(secureRandom);
+ this.secureRandom = secureRandom;
this.cookieVersion = secureRandom.nextInt();
this.cookieSecret = new byte[32];
@@ -182,7 +182,6 @@
private static final
class D13HelloCookieManager extends HelloCookieManager {
D13HelloCookieManager(SecureRandom secureRandom) {
- super(secureRandom);
}
@Override
@@ -200,13 +199,14 @@
private static final
class T13HelloCookieManager extends HelloCookieManager {
+
+ final SecureRandom secureRandom;
private int cookieVersion; // version + sequence
private final byte[] cookieSecret;
private final byte[] legacySecret;
T13HelloCookieManager(SecureRandom secureRandom) {
- super(secureRandom);
-
+ this.secureRandom = secureRandom;
this.cookieVersion = secureRandom.nextInt();
this.cookieSecret = new byte[64];
this.legacySecret = new byte[64];
--- a/src/java.base/share/classes/sun/security/ssl/SSLContextImpl.java Thu Jun 07 23:35:22 2018 +0000
+++ b/src/java.base/share/classes/sun/security/ssl/SSLContextImpl.java Fri Jun 08 11:10:40 2018 +0800
@@ -54,7 +54,7 @@
private SecureRandom secureRandom;
// DTLS cookie exchange manager
- private volatile HelloCookieManager helloCookieManager;
+ private volatile HelloCookieManager.Builder helloCookieManagerBuilder;
private final boolean clientEnableStapling = Utilities.getBooleanProperty(
"jdk.tls.client.enableStatusRequestExtension", true);
@@ -244,17 +244,16 @@
// Used for DTLS in server mode only.
HelloCookieManager getHelloCookieManager(ProtocolVersion protocolVersion) {
- if (helloCookieManager != null) {
- return helloCookieManager.valueOf(protocolVersion);
- }
-
- synchronized (this) {
- if (helloCookieManager == null) {
- helloCookieManager = new HelloCookieManager(secureRandom);
+ if (helloCookieManagerBuilder == null) {
+ synchronized (this) {
+ if (helloCookieManagerBuilder == null) {
+ helloCookieManagerBuilder =
+ new HelloCookieManager.Builder(secureRandom);
+ }
}
}
- return helloCookieManager.valueOf(protocolVersion);
+ return helloCookieManagerBuilder.valueOf(protocolVersion);
}
StatusResponseManager getStatusResponseManager() {