src/share/classes/sun/security/ssl/HandshakeMessage.java
Print this page
rev 928 : Summary: Added support for Server Name Indication (SNI) hello
extension to SSL client.
Contributed-by: Michael Tandy <michaeltandy at googlemail dot com>
@@ -221,18 +221,25 @@
SessionId sessionId;
private CipherSuiteList cipherSuites;
byte[] compression_methods;
HelloExtensions extensions = new HelloExtensions();
+ boolean disableHelloExtensions;
private final static byte[] NULL_COMPRESSION = new byte[] {0};
ClientHello(SecureRandom generator, ProtocolVersion protocolVersion) {
this.protocolVersion = protocolVersion;
clnt_random = new RandomCookie(generator);
compression_methods = NULL_COMPRESSION;
// sessionId, cipher_suites TBS later
+
+ if (System.getProperty("sun.security.ssl.disableHelloExtensions", "no").equalsIgnoreCase("no")) {
+ this.disableHelloExtensions = false;
+ } else {
+ this.disableHelloExtensions = true;
+ }
}
CipherSuiteList getCipherSuites() {
return cipherSuites;
}
@@ -245,10 +252,26 @@
extensions.add(SupportedEllipticCurvesExtension.DEFAULT);
extensions.add(SupportedEllipticPointFormatsExtension.DEFAULT);
}
}
+ String serverName;
+ /**
+ * <p>Sets the name of the server being connected to, for reasons of sending
+ * an SNI (Server Name Indication) Hello Extension. Server name indication
+ * allows multiple domains to be hosted on the same server, by indicating
+ * the domain being requested before the server sends its certificate.</p>
+ * <p>Sending of server name extensions can be disabled by using:</p>
+ * <code>System.setProperty("sun.security.ssl.disableHelloExtensions","no")</code>
+ * @param serverName - String representing the name expected on the server's
+ * certificate, for example "asdf.example.com"
+ */
+ void setServerName(String serverName) {
+ this.serverName = serverName;
+ extensions.add(new ServerNameExtension(serverName));
+ }
+
int messageLength() {
/*
* Add fixed size parts of each field...
* version + random + session + cipher + compress
*/
@@ -275,12 +298,14 @@
s.putInt8(protocolVersion.minor);
clnt_random.send(s);
s.putBytes8(sessionId.getId());
cipherSuites.send(s);
s.putBytes8(compression_methods);
+ if (this.disableHelloExtensions == false) {
extensions.send(s);
}
+ }
void print(PrintStream s) throws IOException {
s.println("*** ClientHello, " + protocolVersion);
if (debug != null && Debug.isOn("verbose")) {