--- old/src/share/classes/sun/security/ssl/HandshakeMessage.java 2009-03-05 10:53:36.000000000 +0000 +++ new/src/share/classes/sun/security/ssl/HandshakeMessage.java 2009-03-05 10:53:35.000000000 +0000 @@ -223,6 +223,7 @@ byte[] compression_methods; HelloExtensions extensions = new HelloExtensions(); + boolean disableHelloExtensions; private final static byte[] NULL_COMPRESSION = new byte[] {0}; @@ -231,6 +232,12 @@ clnt_random = new RandomCookie(generator); compression_methods = NULL_COMPRESSION; // sessionId, cipher_suites TBS later + + if (System.getProperty("sun.security.ssl.disableHelloExtensions", "no").equalsIgnoreCase("no")) { + this.disableHelloExtensions = false; + } else { + this.disableHelloExtensions = true; + } } CipherSuiteList getCipherSuites() { @@ -246,6 +253,22 @@ extensions.add(SupportedEllipticPointFormatsExtension.DEFAULT); } } + + String serverName; + /** + *

Sets the name of the server being connected to, for reasons of sending + * an SNI (Server Name Indication) Hello Extension. Server name indication + * allows multiple domains to be hosted on the same server, by indicating + * the domain being requested before the server sends its certificate.

+ *

Sending of server name extensions can be disabled by using:

+ * System.setProperty("sun.security.ssl.disableHelloExtensions","no") + * @param serverName - String representing the name expected on the server's + * certificate, for example "asdf.example.com" + */ + void setServerName(String serverName) { + this.serverName = serverName; + extensions.add(new ServerNameExtension(serverName)); + } int messageLength() { /* @@ -277,7 +300,9 @@ s.putBytes8(sessionId.getId()); cipherSuites.send(s); s.putBytes8(compression_methods); - extensions.send(s); + if (this.disableHelloExtensions == false) { + extensions.send(s); + } } void print(PrintStream s) throws IOException {