--- a/src/java.base/share/classes/sun/security/ssl/ClientHello.java Wed Feb 20 13:21:36 2019 -0500
+++ b/src/java.base/share/classes/sun/security/ssl/ClientHello.java Wed Feb 20 13:24:57 2019 -0500
@@ -803,13 +803,8 @@
shc.sslConfig.getEnabledExtensions(
SSLHandshake.CLIENT_HELLO);
- ClientHelloMessage chm;
- try {
- chm = new ClientHelloMessage(shc, message, enabledExtensions);
- } catch (Exception e) {
- throw shc.conContext.fatal(Alert.HANDSHAKE_FAILURE,
- "ClientHelloMessage failure", e);
- }
+ ClientHelloMessage chm =
+ new ClientHelloMessage(shc, message, enabledExtensions);
if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
SSLLogger.fine("Consuming ClientHello handshake message", chm);
}
--- a/src/java.base/share/classes/sun/security/ssl/HandshakeContext.java Wed Feb 20 13:21:36 2019 -0500
+++ b/src/java.base/share/classes/sun/security/ssl/HandshakeContext.java Wed Feb 20 13:24:57 2019 -0500
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -26,6 +26,8 @@
package sun.security.ssl;
import java.io.IOException;
+import java.nio.BufferOverflowException;
+import java.nio.BufferUnderflowException;
import java.nio.ByteBuffer;
import java.security.AlgorithmConstraints;
import java.security.CryptoPrimitive;
@@ -443,6 +445,10 @@
throw conContext.fatal(Alert.UNEXPECTED_MESSAGE,
"Unsupported handshake message: " +
SSLHandshake.nameOf(handshakeType), unsoe);
+ } catch (BufferUnderflowException | BufferOverflowException be) {
+ throw conContext.fatal(Alert.DECODE_ERROR,
+ "Illegal handshake message: " +
+ SSLHandshake.nameOf(handshakeType), be);
}
// update handshake hash after handshake message consumption.
--- a/src/java.base/share/classes/sun/security/ssl/PostHandshakeContext.java Wed Feb 20 13:21:36 2019 -0500
+++ b/src/java.base/share/classes/sun/security/ssl/PostHandshakeContext.java Wed Feb 20 13:24:57 2019 -0500
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -26,6 +26,8 @@
package sun.security.ssl;
import java.io.IOException;
+import java.nio.BufferOverflowException;
+import java.nio.BufferUnderflowException;
import java.nio.ByteBuffer;
import java.util.ArrayList;
import java.util.LinkedHashMap;
@@ -74,6 +76,10 @@
throw conContext.fatal(Alert.UNEXPECTED_MESSAGE,
"Unsupported post-handshake message: " +
SSLHandshake.nameOf(handshakeType), unsoe);
+ } catch (BufferUnderflowException | BufferOverflowException be) {
+ throw conContext.fatal(Alert.DECODE_ERROR,
+ "Illegal handshake message: " +
+ SSLHandshake.nameOf(handshakeType), be);
}
}
}
--- a/test/jdk/javax/net/ssl/interop/ClientHelloBufferUnderflowException.java Wed Feb 20 13:21:36 2019 -0500
+++ b/test/jdk/javax/net/ssl/interop/ClientHelloBufferUnderflowException.java Wed Feb 20 13:24:57 2019 -0500
@@ -28,7 +28,7 @@
/*
* @test
- * @bug 8215790
+ * @bug 8215790 8219389
* @summary Verify exception
* @modules java.base/sun.security.util
* @run main/othervm ClientHelloBufferUnderflowException
@@ -45,12 +45,15 @@
try {
(new ClientHelloBufferUnderflowException()).run();
} catch (SSLHandshakeException e) {
- System.out.println("Correct exception thrown");
+ System.out.println("Correct exception thrown: " + e);
+ return;
} catch (Exception e) {
System.out.println("Failed: Exception not SSLHandShakeException");
System.out.println(e.getMessage());
throw e;
}
+
+ throw new Exception("No expected exception");
}
@Override
@@ -76,6 +79,7 @@
} catch (Exception e) {
// ignore
}
+
return bytes;
}
}