--- a/src/java.base/share/classes/sun/security/ssl/HandshakeContext.java Tue May 15 14:52:51 2018 -0700
+++ b/src/java.base/share/classes/sun/security/ssl/HandshakeContext.java Tue May 15 22:59:45 2018 -0700
@@ -199,10 +199,9 @@
this.handshakeExtensions = new HashMap<>();
this.handshakePossessions = new LinkedList<>();
this.handshakeCredentials = new LinkedList<>();
- this.requestedServerNames = new LinkedList<>();
+ this.requestedServerNames = null;
this.negotiatedServerName = null;
this.negotiatedCipherSuite = conContext.cipherSuite;
-
initialize();
}
@@ -225,7 +224,7 @@
this.activeCipherSuites = null;
this.algorithmConstraints = null;
this.maximumActiveProtocol = null;
- this.handshakeExtensions = null;
+ this.handshakeExtensions = Collections.emptyMap(); // Not in TLS13
this.handshakePossessions = null;
this.handshakeCredentials = null;
}
@@ -433,9 +432,6 @@
// For TLS 1.2 and prior versions, the HelloRequest message MAY
// be sent by the server at any time.
consumer = SSLHandshake.HELLO_REQUEST;
- } else if (handshakeType == SSLHandshake.NEW_SESSION_TICKET.id) {
- // new session ticket may be sent any time after server finished
- consumer = SSLHandshake.NEW_SESSION_TICKET;
} else {
consumer = handshakeConsumers.get(handshakeType);
}
@@ -563,5 +559,12 @@
return false;
}
+
+ List<SNIServerName> getRequestedServerNames() {
+ if (requestedServerNames == null) {
+ return Collections.<SNIServerName>emptyList();
+ }
+ return requestedServerNames;
+ }
}
--- a/src/java.base/share/classes/sun/security/ssl/NewSessionTicket.java Tue May 15 14:52:51 2018 -0700
+++ b/src/java.base/share/classes/sun/security/ssl/NewSessionTicket.java Tue May 15 22:59:45 2018 -0700
@@ -273,8 +273,8 @@
public void consume(ConnectionContext context,
ByteBuffer message) throws IOException {
// The consuming happens in client side only.
- ClientHandshakeContext chc = (ClientHandshakeContext)context;
- NewSessionTicketMessage nstm = new NewSessionTicketMessage(chc, message);
+ PostHandshakeContext hc = (PostHandshakeContext) context;
+ NewSessionTicketMessage nstm = new NewSessionTicketMessage(hc, message);
if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
SSLLogger.fine(
"Consuming NewSessionTicket message", nstm);
@@ -292,7 +292,7 @@
}
SSLSessionContextImpl sessionCache = (SSLSessionContextImpl)
- chc.sslContext.engineGetClientSessionContext();
+ hc.sslContext.engineGetClientSessionContext();
if (sessionCache.getSessionTimeout() > SEVEN_DAYS_IN_SECONDS) {
if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
@@ -302,7 +302,7 @@
return;
}
- SSLSessionImpl sessionToSave = chc.conContext.conSession;
+ SSLSessionImpl sessionToSave = hc.conContext.conSession;
Optional<SecretKey> resumptionMasterSecret =
sessionToSave.getResumptionMasterSecret();
@@ -322,11 +322,10 @@
// create and cache the new session
// The new session must be a child of the existing session so
// they will be invalidated together, etc.
- chc.negotiatedProtocol = chc.conContext.protocolVersion;
SessionId newId =
- new SessionId(true, chc.sslContext.getSecureRandom());
+ new SessionId(true, hc.sslContext.getSecureRandom());
SSLSessionImpl sessionCopy =
- new SSLSessionImpl(chc, sessionToSave.getSuite(), newId,
+ new SSLSessionImpl(hc, sessionToSave.getSuite(), newId,
sessionToSave.getCreationTime());
sessionToSave.addChild(sessionCopy);
sessionCopy.setPreSharedKey(psk);
@@ -335,7 +334,7 @@
sessionCache.put(sessionCopy);
// The handshakeContext is no longer needed
- chc.conContext.handshakeContext = null;
+ hc.free();
}
}
--- a/src/java.base/share/classes/sun/security/ssl/PostHandshakeContext.java Tue May 15 14:52:51 2018 -0700
+++ b/src/java.base/share/classes/sun/security/ssl/PostHandshakeContext.java Tue May 15 22:59:45 2018 -0700
@@ -40,6 +40,8 @@
consumers = new LinkedHashMap<>() {{
put(SSLHandshake.KEY_UPDATE.id,
SSLHandshake.KEY_UPDATE);
+ put(SSLHandshake.NEW_SESSION_TICKET.id,
+ SSLHandshake.NEW_SESSION_TICKET);
}};
}
--- a/src/java.base/share/classes/sun/security/ssl/SSLSessionImpl.java Tue May 15 14:52:51 2018 -0700
+++ b/src/java.base/share/classes/sun/security/ssl/SSLSessionImpl.java Tue May 15 22:59:45 2018 -0700
@@ -203,8 +203,8 @@
SignatureScheme.getAlgorithmNames(hc.localSupportedSignAlgs);
negotiatedMaxFragLen = -1;
statusResponses = null;
- this.requestedServerNames =
- Collections.unmodifiableList(hc.requestedServerNames);
+ this.requestedServerNames = Collections.<SNIServerName>unmodifiableList(
+ hc.getRequestedServerNames());
this.serverNameIndication = hc.negotiatedServerName;
if (hc.sslConfig.isClientMode) {
this.useExtendedMasterSecret =
@@ -1040,12 +1040,10 @@
*/
@Override
public List<SNIServerName> getRequestedServerNames() {
- if (requestedServerNames != null && !requestedServerNames.isEmpty()) {
- return Collections.<SNIServerName>unmodifiableList(
- requestedServerNames);
+ if (requestedServerNames == null) {
+ return Collections.<SNIServerName>emptyList();
}
-
- return Collections.<SNIServerName>emptyList();
+ return requestedServerNames;
}
/** Returns a string representation of this SSL session */
--- a/src/java.base/share/classes/sun/security/ssl/TransportContext.java Tue May 15 14:52:51 2018 -0700
+++ b/src/java.base/share/classes/sun/security/ssl/TransportContext.java Tue May 15 22:59:45 2018 -0700
@@ -183,7 +183,8 @@
byte type = HandshakeContext.getHandshakeType(this,
plaintext);
if (handshakeContext == null) {
- if (type == SSLHandshake.KEY_UPDATE.id) {
+ if (type == SSLHandshake.KEY_UPDATE.id ||
+ type == SSLHandshake.NEW_SESSION_TICKET.id) {
handshakeContext = new PostHandshakeContext(this);
} else {
handshakeContext = sslConfig.isClientMode ?