8237474: Default SSLEngine should create in server role

Reviewed-by: xuelei, coffeys
2025-08-28 15:24:43 +02:00 · 2020-04-14 14:16:58 +00:00 · 2020-04-14 14:16:58 +00:00 · aadc7c7ca8
commit aadc7c7ca8
parent b812e8baff
9 changed files with 67 additions and 13 deletions
--- a/src/java.base/share/classes/sun/security/ssl/SSLContextImpl.java
+++ b/src/java.base/share/classes/sun/security/ssl/SSLContextImpl.java
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2019, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2020, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -1178,6 +1178,10 @@ public abstract class SSLContextImpl extends SSLContextSpi {
        @Override
        protected SSLParameters engineGetDefaultSSLParameters() {
            SSLEngine engine = createSSLEngineImpl();
+            // Note: The TLSContext defaults to client side SSLParameters.
+            // We can do the same here. Please don't change the behavior
+            // for compatibility.
+            engine.setUseClientMode(true);
            return engine.getSSLParameters();
        }

--- a/src/java.base/share/classes/sun/security/ssl/TransportContext.java
+++ b/src/java.base/share/classes/sun/security/ssl/TransportContext.java
@ -89,7 +89,7 @@ final class TransportContext implements ConnectionContext {
    // Called by SSLEngineImpl
    TransportContext(SSLContextImpl sslContext, SSLTransport transport,
            InputRecord inputRecord, OutputRecord outputRecord) {
-        this(sslContext, transport, new SSLConfiguration(sslContext, true),
+        this(sslContext, transport, new SSLConfiguration(sslContext, false),
                inputRecord, outputRecord, true);
    }