archive/jdk
1
0
Fork 0
mirror of https://github.com/openjdk/jdk.git synced 2025-08-27 06:45:07 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

8298310: Enhance TLS session negotiation

Browse source 
Reviewed-by: rhalade, mschoene, weijun, ascarpino
This commit is contained in:
Sean Mullan 2023-01-19 20:25:14 +00:00 committed by Henry Jen
parent 9e56d100df
commit f098b490f1
6 changed files with 114 additions and 105 deletions
Download patch file Download diff file Expand all files Collapse all files

15
src/java.base/share/classes/sun/security/provider/certpath/Builder.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2000, 2022, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2000, 2023, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -406,8 +406,7 @@ abstract class Builder {
/**
* Search the specified CertStores and add all certificates matching
* selector to resultCerts. Self-signed certs are not useful here
* and therefore ignored.
* selector to resultCerts.
*
* If the targetCert criterion of the selector is set, only that cert
* is examined and the CertStores are not searched.
@ -426,8 +425,7 @@ abstract class Builder {
X509Certificate targetCert = selector.getCertificate();
if (targetCert != null) {
// no need to search CertStores
if (selector.match(targetCert) && !X509CertImpl.isSelfSigned
(targetCert, buildParams.sigProvider())) {
if (selector.match(targetCert)) {
if (debug != null) {
debug.println("Builder.addMatchingCerts: " +
"adding target cert" +
@ -446,11 +444,8 @@ abstract class Builder {
Collection<? extends Certificate> certs =
store.getCertificates(selector);
for (Certificate cert : certs) {
if (!X509CertImpl.isSelfSigned
((X509Certificate)cert, buildParams.sigProvider())) {
if (resultCerts.add((X509Certificate)cert)) {
add = true;
}
if (resultCerts.add((X509Certificate)cert)) {
add = true;
}
}
if (!checkAll && add) {