--- a/src/java.base/share/classes/sun/security/ssl/DTLSInputRecord.java Thu Jun 07 23:53:56 2018 +0800
+++ b/src/java.base/share/classes/sun/security/ssl/DTLSInputRecord.java Thu Jun 07 09:30:42 2018 -0700
@@ -25,12 +25,18 @@
package sun.security.ssl;
-import java.io.*;
-import java.nio.*;
+import java.io.IOException;
+import java.nio.ByteBuffer;
import java.security.GeneralSecurityException;
-import java.util.*;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.LinkedList;
+import java.util.List;
+import java.util.Set;
+import java.util.TreeSet;
import javax.crypto.BadPaddingException;
-import javax.net.ssl.*;
+import javax.net.ssl.SSLException;
import sun.security.ssl.SSLCipher.SSLReadCipher;
/**
@@ -506,7 +512,7 @@
// Should be repacked for suitable fragment length.
//
- // Note that the acquiring processes will reassemble the
+ // Note that the acquiring processes will reassemble
// the fragments later.
return compareToSequence(o.recordEpoch, o.recordSeq);
}
--- a/src/java.base/share/classes/sun/security/ssl/InputRecord.java Thu Jun 07 23:53:56 2018 +0800
+++ b/src/java.base/share/classes/sun/security/ssl/InputRecord.java Thu Jun 07 09:30:42 2018 -0700
@@ -25,8 +25,12 @@
package sun.security.ssl;
-import java.io.*;
-import java.nio.*;
+import java.io.Closeable;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.nio.BufferUnderflowException;
+import java.nio.ByteBuffer;
import javax.crypto.BadPaddingException;
import sun.security.ssl.SSLCipher.SSLReadCipher;
@@ -62,10 +66,6 @@
this.helloVersion = helloVersion;
}
- ProtocolVersion getHelloVersion() {
- return helloVersion;
- }
-
boolean seqNumIsHuge() {
return (readCipher.authenticator != null) &&
readCipher.authenticator.seqNumIsHuge();
@@ -281,7 +281,7 @@
j = pointer + 2;
for (int i = 0; i < cipherSpecLen; i += 3) {
if (packet.get() != 0) {
- // Ignore version 2.0 specifix cipher suite. Clients
+ // Ignore version 2.0 specific cipher suite. Clients
// should also include the version 3.0 equivalent in
// the V2ClientHello message.
packet.get(); // ignore the 2nd byte
--- a/src/java.base/share/classes/sun/security/ssl/Record.java Thu Jun 07 23:53:56 2018 +0800
+++ b/src/java.base/share/classes/sun/security/ssl/Record.java Thu Jun 07 09:30:42 2018 -0700
@@ -65,25 +65,25 @@
* in standard big-endian form.
*/
static int getInt8(ByteBuffer m) throws IOException {
- Record.verifyLength(m, 1);
+ verifyLength(m, 1);
return (m.get() & 0xFF);
}
static int getInt16(ByteBuffer m) throws IOException {
- Record.verifyLength(m, 2);
+ verifyLength(m, 2);
return ((m.get() & 0xFF) << 8) |
(m.get() & 0xFF);
}
static int getInt24(ByteBuffer m) throws IOException {
- Record.verifyLength(m, 3);
+ verifyLength(m, 3);
return ((m.get() & 0xFF) << 16) |
((m.get() & 0xFF) << 8) |
(m.get() & 0xFF);
}
static int getInt32(ByteBuffer m) throws IOException {
- Record.verifyLength(m, 4);
+ verifyLength(m, 4);
return ((m.get() & 0xFF) << 24) |
((m.get() & 0xFF) << 16) |
((m.get() & 0xFF) << 8) |
@@ -95,7 +95,7 @@
*/
static byte[] getBytes8(ByteBuffer m) throws IOException {
int len = Record.getInt8(m);
- Record.verifyLength(m, len);
+ verifyLength(m, len);
byte[] b = new byte[len];
m.get(b);
@@ -104,7 +104,7 @@
static byte[] getBytes16(ByteBuffer m) throws IOException {
int len = Record.getInt16(m);
- Record.verifyLength(m, len);
+ verifyLength(m, len);
byte[] b = new byte[len];
m.get(b);
@@ -113,7 +113,7 @@
static byte[] getBytes24(ByteBuffer m) throws IOException {
int len = Record.getInt24(m);
- Record.verifyLength(m, len);
+ verifyLength(m, len);
byte[] b = new byte[len];
m.get(b);
@@ -125,18 +125,18 @@
* in standard big-endian form.
*/
static void putInt8(ByteBuffer m, int i) throws IOException {
- Record.verifyLength(m, 1);
+ verifyLength(m, 1);
m.put((byte)(i & 0xFF));
}
static void putInt16(ByteBuffer m, int i) throws IOException {
- Record.verifyLength(m, 2);
+ verifyLength(m, 2);
m.put((byte)((i >> 8) & 0xFF));
m.put((byte)(i & 0xFF));
}
static void putInt24(ByteBuffer m, int i) throws IOException {
- Record.verifyLength(m, 3);
+ verifyLength(m, 3);
m.put((byte)((i >> 16) & 0xFF));
m.put((byte)((i >> 8) & 0xFF));
m.put((byte)(i & 0xFF));
@@ -154,10 +154,10 @@
*/
static void putBytes8(ByteBuffer m, byte[] s) throws IOException {
if (s == null || s.length == 0) {
- Record.verifyLength(m, 1);
+ verifyLength(m, 1);
putInt8(m, 0);
} else {
- Record.verifyLength(m, 1 + s.length);
+ verifyLength(m, 1 + s.length);
putInt8(m, s.length);
m.put(s);
}
@@ -165,10 +165,10 @@
static void putBytes16(ByteBuffer m, byte[] s) throws IOException {
if (s == null || s.length == 0) {
- Record.verifyLength(m, 2);
+ verifyLength(m, 2);
putInt16(m, 0);
} else {
- Record.verifyLength(m, 2 + s.length);
+ verifyLength(m, 2 + s.length);
putInt16(m, s.length);
m.put(s);
}
@@ -176,10 +176,10 @@
static void putBytes24(ByteBuffer m, byte[] s) throws IOException {
if (s == null || s.length == 0) {
- Record.verifyLength(m, 3);
+ verifyLength(m, 3);
putInt24(m, 0);
} else {
- Record.verifyLength(m, 3 + s.length);
+ verifyLength(m, 3 + s.length);
putInt24(m, s.length);
m.put(s);
}
--- a/src/java.base/share/classes/sun/security/ssl/SSLEngineInputRecord.java Thu Jun 07 23:53:56 2018 +0800
+++ b/src/java.base/share/classes/sun/security/ssl/SSLEngineInputRecord.java Thu Jun 07 09:30:42 2018 -0700
@@ -25,23 +25,20 @@
package sun.security.ssl;
-import java.io.*;
-import java.nio.*;
+import java.io.IOException;
+import java.nio.ByteBuffer;
import java.security.GeneralSecurityException;
import java.util.ArrayList;
import javax.crypto.BadPaddingException;
-import javax.net.ssl.*;
+import javax.net.ssl.SSLException;
+import javax.net.ssl.SSLHandshakeException;
+import javax.net.ssl.SSLProtocolException;
import sun.security.ssl.SSLCipher.SSLReadCipher;
/**
* {@code InputRecord} implementation for {@code SSLEngine}.
*/
final class SSLEngineInputRecord extends InputRecord implements SSLRecord {
- // used by handshake hash computation for handshake fragment
- private byte prevType = -1;
- private int hsMsgOff = 0;
- private int hsMsgLen = 0;
-
private boolean formatVerified = false; // SSLv2 ruled out?
// Cache for incomplete handshake messages.
@@ -84,7 +81,7 @@
/*
* If we have already verified previous packets, we can
* ignore the verifications steps, and jump right to the
- * determination. Otherwise, try one last hueristic to
+ * determination. Otherwise, try one last heuristic to
* see if it's SSL/TLS.
*/
if (formatVerified ||
@@ -233,7 +230,8 @@
//
// check for handshake fragment
//
- if (contentType != ContentType.HANDSHAKE.id && hsMsgOff != hsMsgLen) {
+ if (contentType != ContentType.HANDSHAKE.id &&
+ handshakeBuffer != null && handshakeBuffer.hasRemaining()) {
throw new SSLProtocolException(
"Expected to get a handshake fragment");
}
--- a/src/java.base/share/classes/sun/security/ssl/SSLSocketInputRecord.java Thu Jun 07 23:53:56 2018 +0800
+++ b/src/java.base/share/classes/sun/security/ssl/SSLSocketInputRecord.java Thu Jun 07 09:30:42 2018 -0700
@@ -25,12 +25,18 @@
package sun.security.ssl;
-import java.io.*;
-import java.nio.*;
+import java.io.EOFException;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.nio.ByteBuffer;
import java.security.GeneralSecurityException;
import java.util.ArrayList;
import javax.crypto.BadPaddingException;
-import javax.net.ssl.*;
+import javax.net.ssl.SSLException;
+import javax.net.ssl.SSLHandshakeException;
+import javax.net.ssl.SSLProtocolException;
+
import sun.security.ssl.SSLCipher.SSLReadCipher;
/**
@@ -43,11 +49,6 @@
private OutputStream os = null;
private final byte[] temporary = new byte[1024];
- // used by handshake hash computation for handshake fragment
- private byte prevType = -1;
- private int hsMsgOff = 0;
- private int hsMsgLen = 0;
-
private boolean formatVerified = false; // SSLv2 ruled out?
// Cache for incomplete handshake messages.
@@ -78,7 +79,7 @@
/*
* If we have already verified previous packets, we can
* ignore the verifications steps, and jump right to the
- * determination. Otherwise, try one last hueristic to
+ * determination. Otherwise, try one last heuristic to
* see if it's SSL/TLS.
*/
if (formatVerified ||
@@ -180,7 +181,7 @@
}
}
- // The record header should has comsumed.
+ // The record header should has consumed.
hasHeader = false;
return decodeInputRecord(temporary);
}
@@ -263,7 +264,8 @@
throw (SSLProtocolException)(new SSLProtocolException(
"Unexpected exception")).initCause(gse);
}
- if (contentType != ContentType.HANDSHAKE.id && hsMsgOff != hsMsgLen) {
+ if (contentType != ContentType.HANDSHAKE.id &&
+ handshakeBuffer != null && handshakeBuffer.hasRemaining()) {
throw new SSLProtocolException(
"Expected to get a handshake fragment");
}