archive/jdk
1
0
Fork 0
mirror of https://github.com/openjdk/jdk.git synced 2025-08-28 07:14:30 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy

Browse source 
Reviewed-by: xuelei
This commit is contained in:
Bradford Wetmore 2018-08-21 11:30:48 -07:00
parent 538ba1fb5c
commit 5b511a4a78
14 changed files with 663 additions and 106 deletions
Download patch file Download diff file Expand all files Collapse all files

13
src/java.base/share/classes/sun/security/ssl/SSLCipher.java
View file

@ -379,10 +379,10 @@ enum SSLCipher {
private final Map.Entry<WriteCipherGenerator,
ProtocolVersion[]>[] writeCipherGenerators;
// Map of Ciphers listed in jdk.tls.KeyLimit
// Map of Ciphers listed in jdk.tls.keyLimits
private static final HashMap<String, Long> cipherLimits = new HashMap<>();
// Keywords found on the jdk.tls.KeyLimit security property.
// Keywords found on the jdk.tls.keyLimits security property.
final static String tag[] = {"KEYUPDATE"};
static {
@ -407,7 +407,7 @@ enum SSLCipher {
index = 0;
} else {
if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
SSLLogger.fine("jdk.net.keyLimits: Unknown action: " +
SSLLogger.fine("jdk.tls.keyLimits: Unknown action: " +
entry);
}
continue;
@ -423,17 +423,18 @@ enum SSLCipher {
size = Long.parseLong(values[2]);
}
if (size < 1 || size > max) {
throw new NumberFormatException("Length exceeded limits");
throw new NumberFormatException(
"Length exceeded limits");
}
} catch (NumberFormatException e) {
if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
SSLLogger.fine("jdk.net.keyLimits: " + e.getMessage() +
SSLLogger.fine("jdk.tls.keyLimits: " + e.getMessage() +
": " + entry);
}
continue;
}
if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
SSLLogger.fine("jdk.net.keyLimits: entry = " + entry +
SSLLogger.fine("jdk.tls.keyLimits: entry = " + entry +
". " + values[0] + ":" + tag[index] + " = " + size);
}
cipherLimits.put(values[0] + ":" + tag[index], size);