# HG changeset patch
# User weijun
# Date 1531930469 -28800
# Node ID 2dd2d73c52f69f0c33197b19b4b5441aafc4ff18
# Parent  1edcf36fe15f79d6228d1a63eb680878e2386480
8207250: setUseClientMode post handshake with the same value as before does not throw IAE
Reviewed-by: xuelei

diff -r 1edcf36fe15f -r 2dd2d73c52f6 src/java.base/share/classes/sun/security/ssl/TransportContext.java
--- a/src/java.base/share/classes/sun/security/ssl/TransportContext.java	Wed Jul 18 11:57:51 2018 -0400
+++ b/src/java.base/share/classes/sun/security/ssl/TransportContext.java	Thu Jul 19 00:14:29 2018 +0800
@@ -393,6 +393,13 @@
     }
 
     void setUseClientMode(boolean useClientMode) {
+        // Once handshaking has begun, the mode can not be reset for the
+        // life of this engine.
+        if (handshakeContext != null || isNegotiated) {
+            throw new IllegalArgumentException(
+                    "Cannot change mode after SSL traffic has started");
+        }
+
         /*
          * If we need to change the client mode and the enabled
          * protocols and cipher suites haven't specifically been
@@ -400,13 +407,6 @@
          * default ones.
          */
         if (sslConfig.isClientMode != useClientMode) {
-            // Once handshaking has begun, the mode can not be reset for the
-            // life of this engine.
-            if (handshakeContext != null || isNegotiated) {
-                throw new IllegalArgumentException(
-                    "Cannot change mode after SSL traffic has started");
-            }
-
             if (sslContext.isDefaultProtocolVesions(
                     sslConfig.enabledProtocols)) {
                 sslConfig.enabledProtocols =
diff -r 1edcf36fe15f -r 2dd2d73c52f6 test/jdk/sun/security/ssl/SSLEngineImpl/EngineEnforceUseClientMode.java
--- a/test/jdk/sun/security/ssl/SSLEngineImpl/EngineEnforceUseClientMode.java	Wed Jul 18 11:57:51 2018 -0400
+++ b/test/jdk/sun/security/ssl/SSLEngineImpl/EngineEnforceUseClientMode.java	Thu Jul 19 00:14:29 2018 +0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2004, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2004, 2018, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -28,7 +28,7 @@
 
 /*
  * @test
- * @bug 4980882
+ * @bug 4980882 8207250
  * @summary SSLEngine should enforce setUseClientMode
  * @run main/othervm EngineEnforceUseClientMode
  * @author Brad R. Wetmore
@@ -190,14 +190,18 @@
                 checkTransfer(appOut1, appIn2);
                 checkTransfer(appOut2, appIn1);
 
+                // Should not be able to set mode now, no matter if
+                // it is the same of different.
                 System.out.println("Try changing modes...");
-                try {
-                    ssle2.setUseClientMode(true);
-                    throw new RuntimeException(
-                        "setUseClientMode():  " +
-                        "Didn't catch the exception properly");
-                } catch (IllegalArgumentException e) {
-                    System.out.println("Caught the correct exception.");
+                for (boolean b : new Boolean[] {true, false}) {
+                    try {
+                        ssle2.setUseClientMode(b);
+                        throw new RuntimeException(
+                                "setUseClientMode(" + b + "):  " +
+                                        "Didn't catch the exception properly");
+                    } catch (IllegalArgumentException e) {
+                        System.out.println("Caught the correct exception.");
+                    }
                 }
 
                 return;