equal
deleted
inserted
replaced
443 ClientHandshakeContext chc = (ClientHandshakeContext)context; |
443 ClientHandshakeContext chc = (ClientHandshakeContext)context; |
444 |
444 |
445 // In response to ALPN request only |
445 // In response to ALPN request only |
446 AlpnSpec requestedAlps = |
446 AlpnSpec requestedAlps = |
447 (AlpnSpec)chc.handshakeExtensions.get(SSLExtension.CH_ALPN); |
447 (AlpnSpec)chc.handshakeExtensions.get(SSLExtension.CH_ALPN); |
448 if (requestedAlps == null) { |
448 if (requestedAlps == null || |
|
449 requestedAlps.applicationProtocols == null || |
|
450 requestedAlps.applicationProtocols.isEmpty()) { |
449 chc.conContext.fatal(Alert.UNEXPECTED_MESSAGE, |
451 chc.conContext.fatal(Alert.UNEXPECTED_MESSAGE, |
450 "Unexpected " + SSLExtension.CH_ALPN.name + " extension"); |
452 "Unexpected " + SSLExtension.CH_ALPN.name + " extension"); |
451 } |
453 } |
452 |
454 |
453 // Parse the extension. |
455 // Parse the extension. |
466 "Only one application protocol name " + |
468 "Only one application protocol name " + |
467 "is allowed in ServerHello message"); |
469 "is allowed in ServerHello message"); |
468 } |
470 } |
469 |
471 |
470 // The respond application protocol must be one of the requested. |
472 // The respond application protocol must be one of the requested. |
471 if (requestedAlps.applicationProtocols.contains( |
473 if (!requestedAlps.applicationProtocols.containsAll( |
472 spec.applicationProtocols)) { |
474 spec.applicationProtocols)) { |
473 chc.conContext.fatal(Alert.UNEXPECTED_MESSAGE, |
475 chc.conContext.fatal(Alert.UNEXPECTED_MESSAGE, |
474 "Invalid " + SSLExtension.CH_ALPN.name + " extension: " + |
476 "Invalid " + SSLExtension.CH_ALPN.name + " extension: " + |
475 "Only client specified application protocol " + |
477 "Only client specified application protocol " + |
476 "is allowed in ServerHello message"); |
478 "is allowed in ServerHello message"); |