Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
openanolis
dragonwell8_jdk
提交
5ec1b863
D
dragonwell8_jdk
项目概览
openanolis
/
dragonwell8_jdk
通知
4
Star
2
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
D
dragonwell8_jdk
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
提交
5ec1b863
编写于
3月 17, 2008
作者:
X
xuelei
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
6447412: Issue with socket.close() for ssl sockets when poweroff on other system
Summary: Support SSL sockets SOLINGER Reviewed-by: chegar
上级
6ce3a596
变更
4
显示空白变更内容
内联
并排
Showing
4 changed file
with
214 addition
and
13 deletion
+214
-13
src/share/classes/sun/security/ssl/Handshaker.java
src/share/classes/sun/security/ssl/Handshaker.java
+4
-1
src/share/classes/sun/security/ssl/OutputRecord.java
src/share/classes/sun/security/ssl/OutputRecord.java
+12
-0
src/share/classes/sun/security/ssl/SSLSocketImpl.java
src/share/classes/sun/security/ssl/SSLSocketImpl.java
+82
-12
test/sun/security/ssl/com/sun/net/ssl/internal/ssl/SSLSocketImpl/AsyncSSLSocketClose.java
...t/ssl/internal/ssl/SSLSocketImpl/AsyncSSLSocketClose.java
+116
-0
未找到文件。
src/share/classes/sun/security/ssl/Handshaker.java
浏览文件 @
5ec1b863
...
...
@@ -617,7 +617,8 @@ abstract class Handshaker {
r
.
write
(
1
);
// single byte of data
if
(
conn
!=
null
)
{
synchronized
(
conn
.
writeLock
)
{
conn
.
writeLock
.
lock
();
try
{
conn
.
writeRecord
(
r
);
conn
.
changeWriteCiphers
();
if
(
debug
!=
null
&&
Debug
.
isOn
(
"handshake"
))
{
...
...
@@ -625,6 +626,8 @@ abstract class Handshaker {
}
mesg
.
write
(
output
);
output
.
flush
();
}
finally
{
conn
.
writeLock
.
unlock
();
}
}
else
{
synchronized
(
engine
.
writeLock
)
{
...
...
src/share/classes/sun/security/ssl/OutputRecord.java
浏览文件 @
5ec1b863
...
...
@@ -174,6 +174,18 @@ class OutputRecord extends ByteArrayOutputStream implements Record {
return
count
==
headerSize
;
}
/*
* Return true if the record is of a given alert.
*/
boolean
isAlert
(
byte
description
)
{
// An alert is defined with a two bytes struct,
// {byte level, byte description}, following after the header bytes.
if
(
count
>
(
headerSize
+
1
)
&&
contentType
==
ct_alert
)
{
return
buf
[
headerSize
+
1
]
==
description
;
}
return
false
;
}
/*
* Compute the MAC and append it to this record. In case we
...
...
src/share/classes/sun/security/ssl/SSLSocketImpl.java
浏览文件 @
5ec1b863
/*
* Copyright 1996-200
7
Sun Microsystems, Inc. All Rights Reserved.
* Copyright 1996-200
8
Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
...
...
@@ -33,6 +33,8 @@ import java.security.AccessController;
import
java.security.AccessControlContext
;
import
java.security.PrivilegedAction
;
import
java.util.*
;
import
java.util.concurrent.TimeUnit
;
import
java.util.concurrent.locks.ReentrantLock
;
import
javax.crypto.BadPaddingException
;
...
...
@@ -274,7 +276,7 @@ final public class SSLSocketImpl extends BaseSSLSocketImpl {
* from the peer are handled properly.
*/
private
Object
handshakeLock
;
Object
writeLock
;
ReentrantLock
writeLock
;
private
Object
readLock
;
private
InputRecord
inrec
;
...
...
@@ -314,7 +316,6 @@ final public class SSLSocketImpl extends BaseSSLSocketImpl {
private
HashMap
<
HandshakeCompletedListener
,
AccessControlContext
>
handshakeListeners
;
/*
* Reuse the same internal input/output streams.
*/
...
...
@@ -526,7 +527,7 @@ final public class SSLSocketImpl extends BaseSSLSocketImpl {
enabledCipherSuites
=
CipherSuiteList
.
getDefault
();
enabledProtocols
=
ProtocolList
.
getDefault
();
handshakeLock
=
new
Object
();
writeLock
=
new
Object
();
writeLock
=
new
ReentrantLock
();
readLock
=
new
Object
();
inrec
=
null
;
...
...
@@ -677,15 +678,80 @@ final public class SSLSocketImpl extends BaseSSLSocketImpl {
// implementations are fragile and don't like to see empty
// records, so this also increases robustness.
//
synchronized
(
writeLock
)
{
if
(!
r
.
isEmpty
())
{
// If the record is a close notify alert, we need to honor
// socket option SO_LINGER. Note that we will try to send
// the close notify even if the SO_LINGER set to zero.
if
(
r
.
isAlert
(
Alerts
.
alert_close_notify
)
&&
getSoLinger
()
>=
0
)
{
// keep and clear the current thread interruption status.
boolean
interrupted
=
Thread
.
interrupted
();
try
{
if
(
writeLock
.
tryLock
(
getSoLinger
(),
TimeUnit
.
SECONDS
))
{
try
{
writeRecordInternal
(
r
);
}
finally
{
writeLock
.
unlock
();
}
}
else
{
SSLException
ssle
=
new
SSLException
(
"SO_LINGER timeout,"
+
" close_notify message cannot be sent."
);
// For layered, non-autoclose sockets, we are not
// able to bring them into a usable state, so we
// treat it as fatal error.
if
(
self
!=
this
&&
!
autoClose
)
{
// Note that the alert description is
// specified as -1, so no message will be send
// to peer anymore.
fatal
((
byte
)(-
1
),
ssle
);
}
else
if
((
debug
!=
null
)
&&
Debug
.
isOn
(
"ssl"
))
{
System
.
out
.
println
(
threadName
()
+
", received Exception: "
+
ssle
);
}
// RFC2246 requires that the session becomes
// unresumable if any connection is terminated
// without proper close_notify messages with
// level equal to warning.
//
// RFC4346 no longer requires that a session not be
// resumed if failure to properly close a connection.
//
// We choose to make the session unresumable if
// failed to send the close_notify message.
//
sess
.
invalidate
();
}
}
catch
(
InterruptedException
ie
)
{
// keep interrupted status
interrupted
=
true
;
}
// restore the interrupted status
if
(
interrupted
)
{
Thread
.
currentThread
().
interrupt
();
}
}
else
{
writeLock
.
lock
();
try
{
writeRecordInternal
(
r
);
}
finally
{
writeLock
.
unlock
();
}
}
}
}
private
void
writeRecordInternal
(
OutputRecord
r
)
throws
IOException
{
// r.compress(c);
r
.
addMAC
(
writeMAC
);
r
.
encrypt
(
writeCipher
);
r
.
write
(
sockOutput
);
}
}
}
/*
...
...
@@ -1533,7 +1599,11 @@ final public class SSLSocketImpl extends BaseSSLSocketImpl {
if
(
oldState
==
cs_HANDSHAKE
)
{
sockInput
.
skip
(
sockInput
.
available
());
}
// If the description equals -1, the alert won't be sent to peer.
if
(
description
!=
-
1
)
{
sendAlert
(
Alerts
.
alert_fatal
,
description
);
}
if
(
cause
instanceof
SSLException
)
{
// only true if != null
closeReason
=
(
SSLException
)
cause
;
}
else
{
...
...
@@ -1614,7 +1684,7 @@ final public class SSLSocketImpl extends BaseSSLSocketImpl {
* Emit alerts. Caller must have synchronized with "this".
*/
private
void
sendAlert
(
byte
level
,
byte
description
)
{
if
(
connectionState
>=
cs_
CLOSED
)
{
if
(
connectionState
>=
cs_
SENT_CLOSE
)
{
return
;
}
...
...
test/sun/security/ssl/com/sun/net/ssl/internal/ssl/SSLSocketImpl/AsyncSSLSocketClose.java
0 → 100644
浏览文件 @
5ec1b863
/*
* Copyright 2007 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
* CA 95054 USA or visit www.sun.com if you need additional information or
* have any questions.
*/
/*
* @test
* @bug 6447412
* @summary Issue with socket.close() for ssl sockets when poweroff on
* other system
*/
import
javax.net.ssl.*
;
import
java.io.*
;
public
class
AsyncSSLSocketClose
implements
Runnable
{
SSLSocket
socket
;
SSLServerSocket
ss
;
// Where do we find the keystores?
static
String
pathToStores
=
"../../../../../../../etc"
;
static
String
keyStoreFile
=
"keystore"
;
static
String
trustStoreFile
=
"truststore"
;
static
String
passwd
=
"passphrase"
;
public
static
void
main
(
String
[]
args
)
{
String
keyFilename
=
System
.
getProperty
(
"test.src"
,
"./"
)
+
"/"
+
pathToStores
+
"/"
+
keyStoreFile
;
String
trustFilename
=
System
.
getProperty
(
"test.src"
,
"./"
)
+
"/"
+
pathToStores
+
"/"
+
trustStoreFile
;
System
.
setProperty
(
"javax.net.ssl.keyStore"
,
keyFilename
);
System
.
setProperty
(
"javax.net.ssl.keyStorePassword"
,
passwd
);
System
.
setProperty
(
"javax.net.ssl.trustStore"
,
trustFilename
);
System
.
setProperty
(
"javax.net.ssl.trustStorePassword"
,
passwd
);
new
AsyncSSLSocketClose
();
}
public
AsyncSSLSocketClose
()
{
try
{
SSLServerSocketFactory
sslssf
=
(
SSLServerSocketFactory
)
SSLServerSocketFactory
.
getDefault
();
ss
=
(
SSLServerSocket
)
sslssf
.
createServerSocket
(
0
);
SSLSocketFactory
sslsf
=
(
SSLSocketFactory
)
SSLSocketFactory
.
getDefault
();
socket
=
(
SSLSocket
)
sslsf
.
createSocket
(
"localhost"
,
ss
.
getLocalPort
());
SSLSocket
serverSoc
=
(
SSLSocket
)
ss
.
accept
();
ss
.
close
();
(
new
Thread
(
this
)).
start
();
serverSoc
.
startHandshake
();
try
{
Thread
.
sleep
(
5000
);
}
catch
(
Exception
e
)
{
e
.
printStackTrace
();
}
socket
.
setSoLinger
(
true
,
10
);
System
.
out
.
println
(
"Calling Socket.close"
);
socket
.
close
();
System
.
out
.
println
(
"ssl socket get closed"
);
System
.
out
.
flush
();
}
catch
(
IOException
e
)
{
e
.
printStackTrace
();
}
}
// block in write
public
void
run
()
{
try
{
byte
[]
ba
=
new
byte
[
1024
];
for
(
int
i
=
0
;
i
<
ba
.
length
;
i
++)
ba
[
i
]
=
0x7A
;
OutputStream
os
=
socket
.
getOutputStream
();
int
count
=
0
;
while
(
true
)
{
count
+=
ba
.
length
;
System
.
out
.
println
(
count
+
" bytes to be written"
);
os
.
write
(
ba
);
System
.
out
.
println
(
count
+
" bytes written"
);
}
}
catch
(
IOException
e
)
{
e
.
printStackTrace
();
}
}
}
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录