--- old/src/share/classes/sun/security/ssl/HandshakeMessage.java 2009-03-05 10:53:36.000000000 +0000 +++ new/src/share/classes/sun/security/ssl/HandshakeMessage.java 2009-03-05 10:53:35.000000000 +0000 @@ -223,6 +223,7 @@ byte[] compression_methods; HelloExtensions extensions = new HelloExtensions(); + boolean disableHelloExtensions; private final static byte[] NULL_COMPRESSION = new byte[] {0}; @@ -231,6 +232,12 @@ clnt_random = new RandomCookie(generator); compression_methods = NULL_COMPRESSION; // sessionId, cipher_suites TBS later + + if (System.getProperty("sun.security.ssl.disableHelloExtensions", "no").equalsIgnoreCase("no")) { + this.disableHelloExtensions = false; + } else { + this.disableHelloExtensions = true; + } } CipherSuiteList getCipherSuites() { @@ -246,6 +253,22 @@ extensions.add(SupportedEllipticPointFormatsExtension.DEFAULT); } } + + String serverName; + /** + *
Sets the name of the server being connected to, for reasons of sending + * an SNI (Server Name Indication) Hello Extension. Server name indication + * allows multiple domains to be hosted on the same server, by indicating + * the domain being requested before the server sends its certificate.
+ *Sending of server name extensions can be disabled by using:
+ *System.setProperty("sun.security.ssl.disableHelloExtensions","no")
+ * @param serverName - String representing the name expected on the server's
+ * certificate, for example "asdf.example.com"
+ */
+ void setServerName(String serverName) {
+ this.serverName = serverName;
+ extensions.add(new ServerNameExtension(serverName));
+ }
int messageLength() {
/*
@@ -277,7 +300,9 @@
s.putBytes8(sessionId.getId());
cipherSuites.send(s);
s.putBytes8(compression_methods);
- extensions.send(s);
+ if (this.disableHelloExtensions == false) {
+ extensions.send(s);
+ }
}
void print(PrintStream s) throws IOException {