# HG changeset patch
# User ascarpino
# Date 1526450385 25200
# Node ID 5f23e0400f272adef346ea1d89cab0bce0894da3
# Parent  1753f2461f71cb4ed52a50e145b7128474db1674
Use PostHandshakeContext for New Session Ticket when approriate

diff -r 1753f2461f71 -r 5f23e0400f27 src/java.base/share/classes/sun/security/ssl/HandshakeContext.java
--- a/src/java.base/share/classes/sun/security/ssl/HandshakeContext.java	Tue May 15 14:52:51 2018 -0700
+++ b/src/java.base/share/classes/sun/security/ssl/HandshakeContext.java	Tue May 15 22:59:45 2018 -0700
@@ -199,10 +199,9 @@
         this.handshakeExtensions = new HashMap<>();
         this.handshakePossessions = new LinkedList<>();
         this.handshakeCredentials = new LinkedList<>();
-        this.requestedServerNames = new LinkedList<>();
+        this.requestedServerNames = null;
         this.negotiatedServerName = null;
         this.negotiatedCipherSuite = conContext.cipherSuite;
-
         initialize();
     }
 
@@ -225,7 +224,7 @@
         this.activeCipherSuites = null;
         this.algorithmConstraints = null;
         this.maximumActiveProtocol = null;
-        this.handshakeExtensions = null;
+        this.handshakeExtensions = Collections.emptyMap();  // Not in TLS13
         this.handshakePossessions = null;
         this.handshakeCredentials = null;
     }
@@ -433,9 +432,6 @@
             // For TLS 1.2 and prior versions, the HelloRequest message MAY
             // be sent by the server at any time.
             consumer = SSLHandshake.HELLO_REQUEST;
-        } else if (handshakeType == SSLHandshake.NEW_SESSION_TICKET.id) {
-            // new session ticket may be sent any time after server finished
-            consumer = SSLHandshake.NEW_SESSION_TICKET;
         } else {
             consumer = handshakeConsumers.get(handshakeType);
         }
@@ -563,5 +559,12 @@
 
         return false;
     }
+
+    List<SNIServerName> getRequestedServerNames() {
+        if (requestedServerNames == null) {
+            return Collections.<SNIServerName>emptyList();
+        }
+        return requestedServerNames;
+    }
 }
 
diff -r 1753f2461f71 -r 5f23e0400f27 src/java.base/share/classes/sun/security/ssl/NewSessionTicket.java
--- a/src/java.base/share/classes/sun/security/ssl/NewSessionTicket.java	Tue May 15 14:52:51 2018 -0700
+++ b/src/java.base/share/classes/sun/security/ssl/NewSessionTicket.java	Tue May 15 22:59:45 2018 -0700
@@ -273,8 +273,8 @@
         public void consume(ConnectionContext context,
                             ByteBuffer message) throws IOException {
             // The consuming happens in client side only.
-            ClientHandshakeContext chc = (ClientHandshakeContext)context;
-            NewSessionTicketMessage nstm = new NewSessionTicketMessage(chc, message);
+            PostHandshakeContext hc = (PostHandshakeContext) context;
+            NewSessionTicketMessage nstm = new NewSessionTicketMessage(hc, message);
             if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
                 SSLLogger.fine(
                 "Consuming NewSessionTicket message", nstm);
@@ -292,7 +292,7 @@
             }
 
             SSLSessionContextImpl sessionCache = (SSLSessionContextImpl)
-                chc.sslContext.engineGetClientSessionContext();
+                hc.sslContext.engineGetClientSessionContext();
 
             if (sessionCache.getSessionTimeout() > SEVEN_DAYS_IN_SECONDS) {
                 if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
@@ -302,7 +302,7 @@
                 return;
             }
 
-            SSLSessionImpl sessionToSave = chc.conContext.conSession;
+            SSLSessionImpl sessionToSave = hc.conContext.conSession;
 
             Optional<SecretKey> resumptionMasterSecret =
                 sessionToSave.getResumptionMasterSecret();
@@ -322,11 +322,10 @@
             // create and cache the new session
             // The new session must be a child of the existing session so
             // they will be invalidated together, etc.
-            chc.negotiatedProtocol = chc.conContext.protocolVersion;
             SessionId newId =
-                new SessionId(true, chc.sslContext.getSecureRandom());
+                new SessionId(true, hc.sslContext.getSecureRandom());
             SSLSessionImpl sessionCopy =
-                new SSLSessionImpl(chc, sessionToSave.getSuite(), newId,
+                new SSLSessionImpl(hc, sessionToSave.getSuite(), newId,
                 sessionToSave.getCreationTime());
             sessionToSave.addChild(sessionCopy);
             sessionCopy.setPreSharedKey(psk);
@@ -335,7 +334,7 @@
             sessionCache.put(sessionCopy);
 
             // The handshakeContext is no longer needed
-            chc.conContext.handshakeContext = null;
+            hc.free();
         }
     }
 
diff -r 1753f2461f71 -r 5f23e0400f27 src/java.base/share/classes/sun/security/ssl/PostHandshakeContext.java
--- a/src/java.base/share/classes/sun/security/ssl/PostHandshakeContext.java	Tue May 15 14:52:51 2018 -0700
+++ b/src/java.base/share/classes/sun/security/ssl/PostHandshakeContext.java	Tue May 15 22:59:45 2018 -0700
@@ -40,6 +40,8 @@
         consumers = new LinkedHashMap<>() {{
             put(SSLHandshake.KEY_UPDATE.id,
                     SSLHandshake.KEY_UPDATE);
+            put(SSLHandshake.NEW_SESSION_TICKET.id,
+                    SSLHandshake.NEW_SESSION_TICKET);
         }};
     }
 
diff -r 1753f2461f71 -r 5f23e0400f27 src/java.base/share/classes/sun/security/ssl/SSLSessionImpl.java
--- a/src/java.base/share/classes/sun/security/ssl/SSLSessionImpl.java	Tue May 15 14:52:51 2018 -0700
+++ b/src/java.base/share/classes/sun/security/ssl/SSLSessionImpl.java	Tue May 15 22:59:45 2018 -0700
@@ -203,8 +203,8 @@
             SignatureScheme.getAlgorithmNames(hc.localSupportedSignAlgs);
         negotiatedMaxFragLen = -1;
         statusResponses = null;
-        this.requestedServerNames =
-                Collections.unmodifiableList(hc.requestedServerNames);
+        this.requestedServerNames = Collections.<SNIServerName>unmodifiableList(
+                hc.getRequestedServerNames());
         this.serverNameIndication = hc.negotiatedServerName;
         if (hc.sslConfig.isClientMode) {
             this.useExtendedMasterSecret =
@@ -1040,12 +1040,10 @@
      */
     @Override
     public List<SNIServerName> getRequestedServerNames() {
-        if (requestedServerNames != null && !requestedServerNames.isEmpty()) {
-            return Collections.<SNIServerName>unmodifiableList(
-                                                requestedServerNames);
+        if (requestedServerNames == null) {
+            return Collections.<SNIServerName>emptyList();
         }
-
-        return Collections.<SNIServerName>emptyList();
+        return requestedServerNames;
     }
 
     /** Returns a string representation of this SSL session */
diff -r 1753f2461f71 -r 5f23e0400f27 src/java.base/share/classes/sun/security/ssl/TransportContext.java
--- a/src/java.base/share/classes/sun/security/ssl/TransportContext.java	Tue May 15 14:52:51 2018 -0700
+++ b/src/java.base/share/classes/sun/security/ssl/TransportContext.java	Tue May 15 22:59:45 2018 -0700
@@ -183,7 +183,8 @@
                 byte type = HandshakeContext.getHandshakeType(this,
                         plaintext);
                 if (handshakeContext == null) {
-                    if (type == SSLHandshake.KEY_UPDATE.id) {
+                    if (type == SSLHandshake.KEY_UPDATE.id ||
+                            type == SSLHandshake.NEW_SESSION_TICKET.id) {
                         handshakeContext = new PostHandshakeContext(this);
                     } else {
                         handshakeContext = sslConfig.isClientMode ?