< prev index next >

src/java.base/share/classes/sun/security/ssl/ServerHello.java

Print this page

        

*** 45,56 **** import sun.security.ssl.SSLCipher.SSLReadCipher; import sun.security.ssl.SSLCipher.SSLWriteCipher; import sun.security.ssl.SSLHandshake.HandshakeMessage; import sun.security.ssl.SupportedVersionsExtension.SHSupportedVersionsSpec; - import static sun.security.ssl.SSLExtension.SH_SESSION_TICKET; - /** * Pack of the ServerHello/HelloRetryRequest handshake message. */ final class ServerHello { static final SSLConsumer handshakeConsumer = --- 45,54 ----
*** 337,355 **** } } shc.handshakeProducers.put(SSLHandshake.SERVER_HELLO_DONE.id, SSLHandshake.SERVER_HELLO_DONE); } else { - // stateless and use the client session id (RFC 5077 3.4) - if (shc.statelessResumption) { - shc.resumingSession = new SSLSessionImpl(shc.resumingSession, - (clientHello.sessionId.length() == 0) ? - new SessionId(true, - shc.sslContext.getSecureRandom()) : - new SessionId(clientHello.sessionId.getId()) - ); - } shc.handshakeSession = shc.resumingSession; shc.negotiatedProtocol = shc.resumingSession.getProtocolVersion(); shc.negotiatedCipherSuite = shc.resumingSession.getSuite(); shc.handshakeHash.determine( --- 335,344 ----
*** 500,512 **** HandshakeMessage message) throws IOException { // The producing happens in server side only. ServerHandshakeContext shc = (ServerHandshakeContext)context; ClientHelloMessage clientHello = (ClientHelloMessage)message; - SSLSessionContextImpl sessionCache = (SSLSessionContextImpl) - shc.sslContext.engineGetServerSessionContext(); - // If client hasn't specified a session we can resume, start a // new one and choose its cipher suite and compression options, // unless new session creation is disabled for this connection! if (!shc.isResumption || shc.resumingSession == null) { if (!shc.sslConfig.enableSessionCreation) { --- 489,498 ----
*** 558,567 **** --- 544,555 ---- setUpPskKD(shc, shc.resumingSession.consumePreSharedKey()); // The session can't be resumed again---remove it from cache + SSLSessionContextImpl sessionCache = (SSLSessionContextImpl) + shc.sslContext.engineGetServerSessionContext(); sessionCache.remove(shc.resumingSession.getSessionId()); } // update the responders shc.handshakeProducers.put(SSLHandshake.ENCRYPTED_EXTENSIONS.id,
*** 689,703 **** writeCipher, (clientHello.sessionId.length() != 0)); // Update the context for master key derivation. shc.handshakeKeyDerivation = kd; - // Check if the server supports stateless resumption - if (sessionCache.statelessEnabled()) { - shc.statelessResumption = true; - } - // The handshake message has been delivered. return null; } private static CipherSuite chooseCipherSuite( --- 677,686 ----
*** 1113,1139 **** if (!chc.sslConfig.enableSessionCreation) { throw chc.conContext.fatal(Alert.PROTOCOL_VERSION, "New session creation is disabled"); } ! ! if (serverHello.sessionId.length() == 0 && ! chc.statelessResumption) { ! SessionId newId = new SessionId(true, ! chc.sslContext.getSecureRandom()); ! chc.handshakeSession = new SSLSessionImpl(chc, ! chc.negotiatedCipherSuite, newId); ! ! if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) { ! SSLLogger.fine("Locally assigned Session Id: " + ! newId.toString()); ! } ! } else { ! chc.handshakeSession = new SSLSessionImpl(chc, ! chc.negotiatedCipherSuite, ! serverHello.sessionId); ! } chc.handshakeSession.setMaximumPacketSize( chc.sslConfig.maximumPacketSize); } // --- 1096,1108 ---- if (!chc.sslConfig.enableSessionCreation) { throw chc.conContext.fatal(Alert.PROTOCOL_VERSION, "New session creation is disabled"); } ! chc.handshakeSession = new SSLSessionImpl(chc, ! chc.negotiatedCipherSuite, ! serverHello.sessionId); chc.handshakeSession.setMaximumPacketSize( chc.sslConfig.maximumPacketSize); } //
*** 1156,1170 **** } chc.conContext.consumers.putIfAbsent( ContentType.CHANGE_CIPHER_SPEC.id, ChangeCipherSpec.t10Consumer); - if (chc.statelessResumption) { - chc.handshakeConsumers.putIfAbsent( - SSLHandshake.NEW_SESSION_TICKET.id, - SSLHandshake.NEW_SESSION_TICKET); - } chc.handshakeConsumers.put( SSLHandshake.FINISHED.id, SSLHandshake.FINISHED); } else { SSLKeyExchange ke = SSLKeyExchange.valueOf( --- 1125,1134 ----
< prev index next >