mirrors/JetBrainsRuntime
1
0
Fork 0
mirror of https://github.com/JetBrains/JetBrainsRuntime.git synced 2025-12-06 09:29:38 +01:00
Code Issues Packages Projects Releases Wiki Activity

8235448: code cleanup in SSLContextImpl.java

Browse Source 
Reviewed-by: mbaesken
Backport-of: baebce3d2f
This commit is contained in:
Goetz Lindenmaier
2023-03-01 14:44:07 +00:00
parent 5802a9a926
commit 15bdc4dcc4
1 changed files with 35 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

80
src/java.base/share/classes/sun/security/ssl/SSLContextImpl.java
View File

@@ -25,7 +25,7 @@
package sun.security.ssl;
import java.io.*;
import java.io.FileInputStream;
import java.net.Socket;
import java.security.*;
import java.security.cert.*;
@@ -617,26 +617,6 @@ public abstract class SSLContextImpl extends SSLContextSpi {
boolean isDTLS() {
return false;
}
static ProtocolVersion[] getSupportedProtocols() {
if (SunJSSE.isFIPS()) {
return new ProtocolVersion[] {
ProtocolVersion.TLS13,
ProtocolVersion.TLS12,
ProtocolVersion.TLS11,
ProtocolVersion.TLS10
};
} else {
return new ProtocolVersion[]{
ProtocolVersion.TLS13,
ProtocolVersion.TLS12,
ProtocolVersion.TLS11,
ProtocolVersion.TLS10,
ProtocolVersion.SSL30,
ProtocolVersion.SSL20Hello
};
}
}
}
/*
@@ -934,9 +914,41 @@ public abstract class SSLContextImpl extends SSLContextSpi {
ProtocolVersion[] candidates;
if (refactored.isEmpty()) {
if (client) {
candidates = getProtocols();
// default client protocols
if (SunJSSE.isFIPS()) {
candidates = new ProtocolVersion[] {
ProtocolVersion.TLS13,
ProtocolVersion.TLS12,
ProtocolVersion.TLS11,
ProtocolVersion.TLS10
};
} else {
candidates = new ProtocolVersion[] {
ProtocolVersion.TLS13,
ProtocolVersion.TLS12,
ProtocolVersion.TLS11,
ProtocolVersion.TLS10,
ProtocolVersion.SSL30
};
}
} else {
candidates = getSupportedProtocols();
if (SunJSSE.isFIPS()) {
candidates = new ProtocolVersion[] {
ProtocolVersion.TLS13,
ProtocolVersion.TLS12,
ProtocolVersion.TLS11,
ProtocolVersion.TLS10
};
} else {
candidates = new ProtocolVersion[] {
ProtocolVersion.TLS13,
ProtocolVersion.TLS12,
ProtocolVersion.TLS11,
ProtocolVersion.TLS10,
ProtocolVersion.SSL30,
ProtocolVersion.SSL20Hello
};
}
}
} else {
// Use the customized TLS protocols.
@@ -947,25 +959,6 @@ public abstract class SSLContextImpl extends SSLContextSpi {
return getAvailableProtocols(candidates);
}
static ProtocolVersion[] getProtocols() {
if (SunJSSE.isFIPS()) {
return new ProtocolVersion[]{
ProtocolVersion.TLS13,
ProtocolVersion.TLS12,
ProtocolVersion.TLS11,
ProtocolVersion.TLS10
};
} else {
return new ProtocolVersion[]{
ProtocolVersion.TLS13,
ProtocolVersion.TLS12,
ProtocolVersion.TLS11,
ProtocolVersion.TLS10,
ProtocolVersion.SSL30
};
}
}
protected CustomizedTLSContext() {
if (reservedException != null) {
throw reservedException;
@@ -991,8 +984,6 @@ public abstract class SSLContextImpl extends SSLContextSpi {
List<CipherSuite> getServerDefaultCipherSuites() {
return serverDefaultCipherSuites;
}
}
/*
@@ -1243,7 +1234,6 @@ public abstract class SSLContextImpl extends SSLContextSpi {
private static final List<CipherSuite> serverDefaultCipherSuites;
static {
// Both DTLSv1.0 and DTLSv1.2 can be used in FIPS mode.
supportedProtocols = Arrays.asList(
ProtocolVersion.DTLS12,
ProtocolVersion.DTLS10