--- a/src/java.base/share/classes/sun/security/ssl/SSLEngineImpl.java Tue May 22 16:38:48 2018 -0700
+++ b/src/java.base/share/classes/sun/security/ssl/SSLEngineImpl.java Tue May 22 21:46:47 2018 -0700
@@ -163,7 +163,8 @@
HandshakeContext hc = conContext.handshakeContext;
HandshakeStatus hsStatus = null;
- if (!conContext.isNegotiated) {
+ if (!conContext.isNegotiated &&
+ !conContext.isClosed() && !conContext.isBroken) {
conContext.kickstart();
hsStatus = getHandshakeStatus();
@@ -470,7 +471,8 @@
}
HandshakeStatus hsStatus = null;
- if (!conContext.isNegotiated) {
+ if (!conContext.isNegotiated &&
+ !conContext.isClosed() && !conContext.isBroken) {
conContext.kickstart();
/*
--- a/src/java.base/share/classes/sun/security/ssl/SSLSocketImpl.java Tue May 22 16:38:48 2018 -0700
+++ b/src/java.base/share/classes/sun/security/ssl/SSLSocketImpl.java Tue May 22 21:46:47 2018 -0700
@@ -473,7 +473,8 @@
}
private synchronized void ensureNegotiated() throws IOException {
- if (conContext.isNegotiated || conContext.isClosed()) {
+ if (conContext.isNegotiated ||
+ conContext.isClosed() || conContext.isBroken) {
return;
}
@@ -552,7 +553,8 @@
}
// start handshaking if the connection has not been negotiated.
- if (!conContext.isNegotiated && !conContext.isClosed()) {
+ if (!conContext.isNegotiated &&
+ !conContext.isClosed() && !conContext.isBroken) {
ensureNegotiated();
}
@@ -691,7 +693,8 @@
}
// start handshaking if the connection has not been negotiated.
- if (!conContext.isNegotiated && !conContext.isClosed()) {
+ if (!conContext.isNegotiated &&
+ !conContext.isClosed() && !conContext.isBroken) {
ensureNegotiated();
}
--- a/src/java.base/share/classes/sun/security/ssl/TransportContext.java Tue May 22 16:38:48 2018 -0700
+++ b/src/java.base/share/classes/sun/security/ssl/TransportContext.java Tue May 22 21:46:47 2018 -0700
@@ -214,6 +214,17 @@
throw new IllegalStateException("Client/Server mode not yet set.");
}
+ if (outputRecord.isClosed() || inputRecord.isClosed() || isBroken) {
+ if (closeReason != null) {
+ throw new SSLException(
+ "Cannot kickstart, the connection is broken or closed",
+ closeReason);
+ } else {
+ throw new SSLException(
+ "Cannot kickstart, the connection is broken or closed");
+ }
+ }
+
// initialize the handshaker if necessary
if (handshakeContext == null) {
// TLS1.3 post-handshake
--- a/test/jdk/javax/net/ssl/SSLEngine/NoAuthClientAuth.java Tue May 22 16:38:48 2018 -0700
+++ b/test/jdk/javax/net/ssl/SSLEngine/NoAuthClientAuth.java Tue May 22 21:46:47 2018 -0700
@@ -21,15 +21,19 @@
* questions.
*/
+//
+// SunJSSE does not support dynamic system properties, no way to re-use
+// system properties in samevm/agentvm mode.
+//
+
/*
* @test
* @bug 4495742
* @summary Demonstrate SSLEngine switch from no client auth to client auth.
- * @run main/othervm NoAuthClientAuth
- *
- * SunJSSE does not support dynamic system properties, no way to re-use
- * system properties in samevm/agentvm mode.
- *
+ * @run main/othervm NoAuthClientAuth SSLv3
+ * @run main/othervm NoAuthClientAuth TLSv1
+ * @run main/othervm NoAuthClientAuth TLSv1.1
+ * @run main/othervm NoAuthClientAuth TLSv1.2
* @author Brad R. Wetmore
*/
@@ -78,6 +82,7 @@
import java.security.*;
import java.nio.*;
+// Note that this test case depends on JSSE provider implementation details.
public class NoAuthClientAuth {
/*
@@ -128,15 +133,21 @@
private static String trustFilename =
System.getProperty("test.src", ".") + "/" + pathToStores +
"/" + trustStoreFile;
+ // the specified protocol
+ private static String tlsProtocol;
/*
* Main entry point for this test.
*/
public static void main(String args[]) throws Exception {
+ Security.setProperty("jdk.tls.disabledAlgorithms", "");
+
if (debug) {
System.setProperty("javax.net.debug", "all");
}
+ tlsProtocol = args[0];
+
NoAuthClientAuth test = new NoAuthClientAuth();
test.runTest();
@@ -298,6 +309,7 @@
*/
clientEngine = sslc.createSSLEngine("client", 80);
clientEngine.setUseClientMode(true);
+ clientEngine.setEnabledProtocols(new String[] { tlsProtocol });
}
/*
--- a/test/jdk/sun/security/ssl/SSLEngineImpl/CloseEngineException.java Tue May 22 16:38:48 2018 -0700
+++ b/test/jdk/sun/security/ssl/SSLEngineImpl/CloseEngineException.java Tue May 22 21:46:47 2018 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2018, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -45,9 +45,10 @@
import java.security.*;
import java.nio.*;
+// Note that this test case depends on JSSE provider implementation details.
public class CloseEngineException {
- private static boolean debug = false;
+ private static boolean debug = true;
private SSLContext sslc;
private SSLEngine ssle1; // client
@@ -94,43 +95,53 @@
SSLEngineResult result1; // ssle1's results from last operation
SSLEngineResult result2; // ssle2's results from last operation
- while (!isEngineClosed(ssle1) || !isEngineClosed(ssle2)) {
+ while (!isEngineClosed(ssle1) && !isEngineClosed(ssle2)) {
log("================");
- result1 = ssle1.wrap(appOut1, oneToTwo);
- result2 = ssle2.wrap(appOut2, twoToOne);
+ if (!isEngineClosed(ssle1)) {
+ result1 = ssle1.wrap(appOut1, oneToTwo);
+ runDelegatedTasks(result1, ssle1);
- log("wrap1: " + result1);
- log("oneToTwo = " + oneToTwo);
- log("");
+ log("wrap1: " + result1);
+ log("oneToTwo = " + oneToTwo);
+ log("");
- log("wrap2: " + result2);
- log("twoToOne = " + twoToOne);
+ oneToTwo.flip();
+ }
+ if (!isEngineClosed(ssle2)) {
+ result2 = ssle2.wrap(appOut2, twoToOne);
+ runDelegatedTasks(result2, ssle2);
- runDelegatedTasks(result1, ssle1);
- runDelegatedTasks(result2, ssle2);
+ log("wrap2: " + result2);
+ log("twoToOne = " + twoToOne);
- oneToTwo.flip();
- twoToOne.flip();
+ twoToOne.flip();
+ }
log("----");
- result1 = ssle1.unwrap(twoToOne, appIn1);
- result2 = ssle2.unwrap(oneToTwo, appIn2);
-
- log("unwrap1: " + result1);
- log("twoToOne = " + twoToOne);
- log("");
+ if (!isEngineClosed(ssle1) && !dataDone) {
+ log("--");
+ result1 = ssle1.unwrap(twoToOne, appIn1);
+ runDelegatedTasks(result1, ssle1);
- log("unwrap2: " + result2);
- log("oneToTwo = " + oneToTwo);
+ log("unwrap1: " + result1);
+ log("twoToOne = " + twoToOne);
+ log("");
+
+ twoToOne.compact();
+ }
+ if (!isEngineClosed(ssle2)) {
+ log("---");
+ result2 = ssle2.unwrap(oneToTwo, appIn2);
+ runDelegatedTasks(result2, ssle2);
- runDelegatedTasks(result1, ssle1);
- runDelegatedTasks(result2, ssle2);
+ log("unwrap2: " + result2);
+ log("oneToTwo = " + oneToTwo);
- oneToTwo.compact();
- twoToOne.compact();
+ oneToTwo.compact();
+ }
/*
* If we've transfered all the data between app1 and app2,
@@ -154,7 +165,7 @@
throw new Exception(
"TEST FAILED: didn't throw Exception");
} catch (SSLException e) {
- System.out.println("PARTIAL PASS");
+ System.err.println("PARTIAL PASS");
}
}
}
@@ -167,7 +178,7 @@
throw new Exception(
"TEST FAILED: didn't throw Exception");
} catch (SSLException e) {
- System.out.println("TEST PASSED");
+ System.err.println("TEST PASSED");
}
}
@@ -181,7 +192,7 @@
test.runTest();
- System.out.println("Test Passed.");
+ System.err.println("Test Passed.");
}
/*
@@ -277,7 +288,7 @@
private static void log(String str) {
if (debug) {
- System.out.println(str);
+ System.err.println(str);
}
}
}