/hg/release/icedtea6-1.13: 2 new changesets
andrew at icedtea.classpath.org
andrew at icedtea.classpath.org
Wed Jan 21 22:22:50 UTC 2015
changeset 024da504977d in /hg/release/icedtea6-1.13
details: http://icedtea.classpath.org/hg/release/icedtea6-1.13?cmd=changeset;node=024da504977d
author: Andrew John Hughes <gnu.andrew at redhat.com>
date: Wed Jan 21 18:48:53 2015 +0000
PR2184: CACAO lacks JVM_FindClassFromCaller introduced by security patch in 2.5.3
2014-10-29 Andrew John Hughes <gnu.andrew at redhat.com>
* Makefile.am:
(ICEDTEA_PATCHES): Add new patch for CACAO
builds.
* NEWS: Updated.
* patches/cacao/pr2184.patch:
Implement JVM_FindClassFromCaller as same
as JVM_FindClassFromClassLoader for now.
changeset 8693268730ca in /hg/release/icedtea6-1.13
details: http://icedtea.classpath.org/hg/release/icedtea6-1.13?cmd=changeset;node=8693268730ca
author: Andrew John Hughes <gnu.andrew at redhat.com>
date: Wed Jan 21 22:22:34 2015 +0000
Fix issues found with b34.
OJ51, PR2187: Sync patch for 4873188 with 7 version
OJ52, PR2185: Application of 6786276 introduces compatibility issue
OJ53, PR2181: strict-aliasing warnings issued on PPC32
OJ54, PR2182: 6911104 reintroduces test fragment removed in existing 6964018 backport
S6730740, PR2186: Fix for 6729881 has apparently broken several 64 bit tests: "Bad address"
S7031830, PR2183: bad_record_mac failure on TLSv1.2 enabled connection with SSLEngine
2015-01-21 Andrew John Hughes <gnu.andrew at redhat.com>
* Makefile.am:
(ICEDTEA_PATCHES): Add patches below.
* NEWS: Updated.
* patches/openjdk/6730740-pr2186-64-bit_breakage_in_6729881.patch,
* patches/openjdk/7031830-pr2183-bad_record_mac_failure.patch,
* patches/openjdk/oj51-pr2187-sync_4873188.patch,
* patches/openjdk/oj52-pr2185-no_serbia_montenegro.patch,
* patches/openjdk/oj53-pr2181-strict_aliasing_on_ppc32.patch,
* patches/openjdk/oj54-pr2182-6911104_reintroduces_test_fragment.patch:
New patches to fix issues found in b34.
diffstat:
ChangeLog | 23 +
Makefile.am | 11 +-
NEWS | 8 +
patches/cacao/pr2184.patch | 75 +
patches/openjdk/6730740-pr2186-64-bit_breakage_in_6729881.patch | 55 +
patches/openjdk/7031830-pr2183-bad_record_mac_failure.patch | 522 ++++++++++
patches/openjdk/oj51-pr2187-sync_4873188.patch | 58 +
patches/openjdk/oj52-pr2185-no_serbia_montenegro.patch | 73 +
patches/openjdk/oj53-pr2181-strict_aliasing_on_ppc32.patch | 25 +
patches/openjdk/oj54-pr2182-6911104_reintroduces_test_fragment.patch | 15 +
10 files changed, 863 insertions(+), 2 deletions(-)
diffs (truncated from 934 to 500 lines):
diff -r 15e9801d9167 -r 8693268730ca ChangeLog
--- a/ChangeLog Tue Jan 20 11:35:12 2015 +0000
+++ b/ChangeLog Wed Jan 21 22:22:34 2015 +0000
@@ -1,3 +1,26 @@
+2015-01-21 Andrew John Hughes <gnu.andrew at redhat.com>
+
+ * Makefile.am:
+ (ICEDTEA_PATCHES): Add patches below.
+ * NEWS: Updated.
+ * patches/openjdk/6730740-pr2186-64-bit_breakage_in_6729881.patch,
+ * patches/openjdk/7031830-pr2183-bad_record_mac_failure.patch,
+ * patches/openjdk/oj51-pr2187-sync_4873188.patch,
+ * patches/openjdk/oj52-pr2185-no_serbia_montenegro.patch,
+ * patches/openjdk/oj53-pr2181-strict_aliasing_on_ppc32.patch,
+ * patches/openjdk/oj54-pr2182-6911104_reintroduces_test_fragment.patch:
+ New patches to fix issues found in b34.
+
+2014-10-29 Andrew John Hughes <gnu.andrew at redhat.com>
+
+ * Makefile.am:
+ (ICEDTEA_PATCHES): Add new patch for CACAO
+ builds.
+ * NEWS: Updated.
+ * patches/cacao/pr2184.patch:
+ Implement JVM_FindClassFromCaller as same
+ as JVM_FindClassFromClassLoader for now.
+
2015-01-19 Andrew John Hughes <gnu.andrew at redhat.com>
* Makefile.am:
diff -r 15e9801d9167 -r 8693268730ca Makefile.am
--- a/Makefile.am Tue Jan 20 11:35:12 2015 +0000
+++ b/Makefile.am Wed Jan 21 22:22:34 2015 +0000
@@ -601,7 +601,13 @@
patches/pr2070-type_punning_warnings.patch \
patches/pr2082-s390_type_fixes.patch \
patches/pr2096-4096-bit_dh.patch \
- patches/pr2179-avoid_x86_workaround_on_zero.patch
+ patches/pr2179-avoid_x86_workaround_on_zero.patch \
+ patches/openjdk/6730740-pr2186-64-bit_breakage_in_6729881.patch \
+ patches/openjdk/oj51-pr2187-sync_4873188.patch \
+ patches/openjdk/7031830-pr2183-bad_record_mac_failure.patch \
+ patches/openjdk/oj52-pr2185-no_serbia_montenegro.patch \
+ patches/openjdk/oj53-pr2181-strict_aliasing_on_ppc32.patch \
+ patches/openjdk/oj54-pr2182-6911104_reintroduces_test_fragment.patch
if WITH_RHINO
ICEDTEA_PATCHES += \
@@ -613,7 +619,8 @@
patches/cacao/launcher.patch \
patches/cacao/memory.patch \
patches/cacao/hotspot/original/memory.patch \
- patches/cacao/armhf.patch
+ patches/cacao/armhf.patch \
+ patches/cacao/pr2184.patch
else
if USING_CACAO
ICEDTEA_PATCHES += \
diff -r 15e9801d9167 -r 8693268730ca NEWS
--- a/NEWS Tue Jan 20 11:35:12 2015 +0000
+++ b/NEWS Wed Jan 21 22:22:34 2015 +0000
@@ -164,6 +164,12 @@
- S8062807: Exporting RMI objects fails when run under restrictive SecurityManager
- S8064560: (tz) Support tzdata2014j
* Backports
+ - OJ51, PR2187: Sync patch for 4873188 with 7 version
+ - OJ52, PR2185: Application of 6786276 introduces compatibility issue
+ - OJ53, PR2181: strict-aliasing warnings issued on PPC32
+ - OJ54, PR2182: 6911104 reintroduces test fragment removed in existing 6964018 backport
+ - S6730740, PR2186: Fix for 6729881 has apparently broken several 64 bit tests: "Bad address"
+ - S7031830, PR2183: bad_record_mac failure on TLSv1.2 enabled connection with SSLEngine
- S8000897, PR2173, RH1155012: VM crash in CompileBroker
- S8020190, PR2174, RH1176718: Fatal: Bug in native code: jfieldID must match object
- S8028623, PR2177, RH1168693: SA: hash codes in SymbolTable mismatching java_lang_String::hash_code for extended characters.
@@ -179,6 +185,8 @@
- PR2125: Synchronise elliptic curves in sun.security.ec.NamedCurve with those listed by NSS
- PR2179: Avoid x86 workaround when running Zero rather than a JIT
- PR2180: Old autotools dislike $(builddir)/fsg.sh
+* CACAO
+ - PR2184: CACAO lacks JVM_FindClassFromCaller introduced by security patch in 2.5.3
New in release 1.13.5 (2014-10-14):
diff -r 15e9801d9167 -r 8693268730ca patches/cacao/pr2184.patch
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/patches/cacao/pr2184.patch Wed Jan 21 22:22:34 2015 +0000
@@ -0,0 +1,75 @@
+# HG changeset patch
+# User Xerxes RÃ¥nby <xerxes at gudinna.com>
+# Date 1414362363 -3600
+# Node ID ec6bd33b3e927738d1353e6e639e76f74d55635f
+# Parent ea3c9a40d975430d1e9dcb598bf25b4bd7aec4ca
+OpenJDK: Implement JVM_FindClassFromCaller
+
+8015256: Better class accessibility
+Summary: Improve protection domain check in forName()
+
+* contrib/mapfile-vers-product: Export said function.
+* src/native/vm/openjdk/jvm.cpp (JVM_FindClassFromCaller): Implement it.
+
+diff --git a/contrib/mapfile-vers-product b/contrib/mapfile-vers-product
+--- cacao/cacao/contrib/mapfile-vers-product
++++ cacao/cacao/contrib/mapfile-vers-product
+@@ -87,6 +87,7 @@
+ JVM_Exit;
+ JVM_FillInStackTrace;
+ JVM_FindClassFromBootLoader;
++ JVM_FindClassFromCaller;
+ JVM_FindClassFromClass;
+ JVM_FindClassFromClassLoader;
+ JVM_FindLibraryEntry;
+--- cacao/cacao/src/native/vm/openjdk/jvm.cpp.orig 2014-10-29 16:40:30.732305204 +0000
++++ cacao/cacao/src/native/vm/openjdk/jvm.cpp 2014-10-29 16:44:06.643292016 +0000
+@@ -684,6 +684,48 @@
+ }
+
+
++/* JVM_FindClassFromCaller
++ * Find a class from a given class loader. Throws ClassNotFoundException.
++ * name: name of class
++ * init: whether initialization is done
++ * loader: class loader to look up the class.
++ * This may not be the same as the caller's class loader.
++ * caller: initiating class. The initiating class may be null when a security
++ * manager is not installed.
++ *
++ * Find a class with this name in this loader,
++ * using the caller's "protection domain".
++ */
++
++jclass JVM_FindClassFromCaller(JNIEnv* env, const char* name, jboolean init, jobject loader, jclass caller)
++{
++ classinfo *c;
++ utf *u;
++ classloader_t *cl;
++
++ TRACEJVMCALLS(("JVM_FindClassFromCaller(name=%s, init=%d, loader=%p, caller=%p)", name, init, loader, caller));
++
++ u = utf_new_char(name);
++ cl = loader_hashtable_classloader_add((java_handle_t *) loader);
++
++ /* XXX The caller's protection domain should be used during
++ the load_class_from_classloader but there is no specification or
++ unit-test in OpenJDK documenting the desired effect */
++
++ c = load_class_from_classloader(u, cl);
++
++ if (c == NULL)
++ return NULL;
++
++ if (init)
++ if (!(c->state & CLASS_INITIALIZED))
++ if (!initialize_class(c))
++ return NULL;
++
++ return (jclass) LLNI_classinfo_wrap(c);
++}
++
++
+ /* JVM_FindClassFromClassLoader */
+
+ jclass JVM_FindClassFromClassLoader(JNIEnv* env, const char* name, jboolean init, jobject loader, jboolean throwError)
diff -r 15e9801d9167 -r 8693268730ca patches/openjdk/6730740-pr2186-64-bit_breakage_in_6729881.patch
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/patches/openjdk/6730740-pr2186-64-bit_breakage_in_6729881.patch Wed Jan 21 22:22:34 2015 +0000
@@ -0,0 +1,55 @@
+# HG changeset patch
+# User chegar
+# Date 1217350415 25200
+# Tue Jul 29 09:53:35 2008 -0700
+# Node ID 629fa51e0281243c7341bce37e4421a7069c72ee
+# Parent 31845b0edbd16232f26c266f1f79729fb83a6975
+6730740: Fix for 6729881 has apparently broken several 64 bit tests: "Bad address"
+Reviewed-by: alanb, jccollet
+
+diff -r 31845b0edbd1 -r 629fa51e0281 src/solaris/native/java/net/linux_close.c
+--- openjdk/jdk/src/solaris/native/java/net/linux_close.c Wed Jan 21 20:57:52 2015 +0000
++++ openjdk/jdk/src/solaris/native/java/net/linux_close.c Tue Jul 29 09:53:35 2008 -0700
+@@ -281,7 +281,9 @@
+
+ int NET_RecvFrom(int s, void *buf, int len, unsigned int flags,
+ struct sockaddr *from, int *fromlen) {
+- BLOCKING_IO_RETURN_INT( s, recvfrom(s, buf, len, flags, from, (socklen_t)fromlen) );
++ socklen_t socklen = *fromlen;
++ BLOCKING_IO_RETURN_INT( s, recvfrom(s, buf, len, flags, from, &socklen) );
++ *fromlen = socklen;
+ }
+
+ int NET_Send(int s, void *msg, int len, unsigned int flags) {
+@@ -298,7 +300,9 @@
+ }
+
+ int NET_Accept(int s, struct sockaddr *addr, int *addrlen) {
+- BLOCKING_IO_RETURN_INT( s, accept(s, addr, (socklen_t)addrlen) );
++ socklen_t socklen = *addrlen;
++ BLOCKING_IO_RETURN_INT( s, accept(s, addr, &socklen) );
++ *addrlen = socklen;
+ }
+
+ int NET_Connect(int s, struct sockaddr *addr, int addrlen) {
+diff -r 31845b0edbd1 -r 629fa51e0281 src/solaris/native/java/net/net_util_md.c
+--- openjdk/jdk/src/solaris/native/java/net/net_util_md.c Wed Jan 21 20:57:52 2015 +0000
++++ openjdk/jdk/src/solaris/native/java/net/net_util_md.c Tue Jul 29 09:53:35 2008 -0700
+@@ -1104,7 +1104,16 @@
+ }
+ #endif
+
+- rv = getsockopt(fd, level, opt, result, (socklen_t)len);
++#ifdef __solaris__
++ rv = getsockopt(fd, level, opt, result, len);
++#else
++ {
++ socklen_t socklen = *len;
++ rv = getsockopt(fd, level, opt, result, &socklen);
++ *len = socklen;
++ }
++#endif
++
+ if (rv < 0) {
+ return rv;
+ }
diff -r 15e9801d9167 -r 8693268730ca patches/openjdk/7031830-pr2183-bad_record_mac_failure.patch
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/patches/openjdk/7031830-pr2183-bad_record_mac_failure.patch Wed Jan 21 22:22:34 2015 +0000
@@ -0,0 +1,522 @@
+# HG changeset patch
+# User wetmore
+# Date 1421871245 0
+# Wed Jan 21 20:14:05 2015 +0000
+# Node ID 8b1568063cd45ed88422dd8d98f019f9971708e8
+# Parent bbff2a7acd335d23a7946a1b7eedd42946946311
+7031830: bad_record_mac failure on TLSv1.2 enabled connection with SSLEngine
+Reviewed-by: xuelei, weijun, asaha
+
+diff -r bbff2a7acd33 -r 8b1568063cd4 src/share/classes/sun/security/ssl/CipherBox.java
+--- openjdk/jdk/src/share/classes/sun/security/ssl/CipherBox.java Wed Jan 21 20:02:14 2015 +0000
++++ openjdk/jdk/src/share/classes/sun/security/ssl/CipherBox.java Wed Jan 21 20:14:05 2015 +0000
+@@ -312,9 +312,11 @@
+ byte[] buf = null;
+ int limit = bb.limit();
+ if (bb.hasArray()) {
++ int arrayOffset = bb.arrayOffset();
+ buf = bb.array();
+- System.arraycopy(buf, pos,
+- buf, pos + prefix.length, limit - pos);
++ System.arraycopy(buf, arrayOffset + pos,
++ buf, arrayOffset + pos + prefix.length,
++ limit - pos);
+ bb.limit(limit + prefix.length);
+ } else {
+ buf = new byte[limit - pos];
+@@ -500,9 +502,10 @@
+ byte[] buf = null;
+ int limit = bb.limit();
+ if (bb.hasArray()) {
++ int arrayOffset = bb.arrayOffset();
+ buf = bb.array();
+- System.arraycopy(buf, pos + blockSize,
+- buf, pos, limit - pos - blockSize);
++ System.arraycopy(buf, arrayOffset + pos + blockSize,
++ buf, arrayOffset + pos, limit - pos - blockSize);
+ bb.limit(limit - blockSize);
+ } else {
+ buf = new byte[limit - pos - blockSize];
+diff -r bbff2a7acd33 -r 8b1568063cd4 test/sun/security/ssl/com/sun/net/ssl/internal/ssl/SSLEngineImpl/SSLEngineBadBufferArrayAccess.java
+--- /dev/null Thu Jan 01 00:00:00 1970 +0000
++++ openjdk/jdk/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/SSLEngineImpl/SSLEngineBadBufferArrayAccess.java Wed Jan 21 20:14:05 2015 +0000
+@@ -0,0 +1,479 @@
++/*
++ * Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
++ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
++ *
++ * This code is free software; you can redistribute it and/or modify it
++ * under the terms of the GNU General Public License version 2 only, as
++ * published by the Free Software Foundation.
++ *
++ * This code is distributed in the hope that it will be useful, but WITHOUT
++ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
++ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
++ * version 2 for more details (a copy is included in the LICENSE file that
++ * accompanied this code).
++ *
++ * You should have received a copy of the GNU General Public License version
++ * 2 along with this work; if not, write to the Free Software Foundation,
++ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
++ *
++ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
++ * or visit www.oracle.com if you need additional information or have any
++ * questions.
++ */
++
++/*
++ * @test
++ * @bug 7031830
++ * @summary bad_record_mac failure on TLSv1.2 enabled connection with SSLEngine
++ * @run main/othervm SSLEngineBadBufferArrayAccess
++ *
++ * SunJSSE does not support dynamic system properties, no way to re-use
++ * system properties in samevm/agentvm mode.
++ */
++
++/**
++ * A SSLSocket/SSLEngine interop test case. This is not the way to
++ * code SSLEngine-based servers, but works for what we need to do here,
++ * which is to make sure that SSLEngine/SSLSockets can talk to each other.
++ * SSLEngines can use direct or indirect buffers, and different code
++ * is used to get at the buffer contents internally, so we test that here.
++ *
++ * The test creates one SSLSocket (client) and one SSLEngine (server).
++ * The SSLSocket talks to a raw ServerSocket, and the server code
++ * does the translation between byte [] and ByteBuffers that the SSLEngine
++ * can use. The "transport" layer consists of a Socket Input/OutputStream
++ * and two byte buffers for the SSLEngines: think of them
++ * as directly connected pipes.
++ *
++ * Again, this is a *very* simple example: real code will be much more
++ * involved. For example, different threading and I/O models could be
++ * used, transport mechanisms could close unexpectedly, and so on.
++ *
++ * When this application runs, notice that several messages
++ * (wrap/unwrap) pass before any application data is consumed or
++ * produced. (For more information, please see the SSL/TLS
++ * specifications.) There may several steps for a successful handshake,
++ * so it's typical to see the following series of operations:
++ *
++ * client server message
++ * ====== ====== =======
++ * write() ... ClientHello
++ * ... unwrap() ClientHello
++ * ... wrap() ServerHello/Certificate
++ * read() ... ServerHello/Certificate
++ * write() ... ClientKeyExchange
++ * write() ... ChangeCipherSpec
++ * write() ... Finished
++ * ... unwrap() ClientKeyExchange
++ * ... unwrap() ChangeCipherSpec
++ * ... unwrap() Finished
++ * ... wrap() ChangeCipherSpec
++ * ... wrap() Finished
++ * read() ... ChangeCipherSpec
++ * read() ... Finished
++ *
++ * This particular bug had a problem where byte buffers backed by an
++ * array didn't offset correctly, and we got bad MAC errors.
++ */
++import javax.net.ssl.*;
++import javax.net.ssl.SSLEngineResult.*;
++import java.io.*;
++import java.net.*;
++import java.security.*;
++import java.nio.*;
++
++public class SSLEngineBadBufferArrayAccess {
++
++ /*
++ * Enables logging of the SSL/TLS operations.
++ */
++ private static boolean logging = true;
++
++ /*
++ * Enables the JSSE system debugging system property:
++ *
++ * -Djavax.net.debug=all
++ *
++ * This gives a lot of low-level information about operations underway,
++ * including specific handshake messages, and might be best examined
++ * after gaining some familiarity with this application.
++ */
++ private static boolean debug = false;
++ private SSLContext sslc;
++ private SSLEngine serverEngine; // server-side SSLEngine
++ private SSLSocket sslSocket; // client-side socket
++ private ServerSocket serverSocket; // server-side Socket, generates the...
++ private Socket socket; // server-side socket that will read
++
++ private final byte[] serverMsg = "Hi there Client, I'm a Server".getBytes();
++ private final byte[] clientMsg = "Hello Server, I'm a Client".getBytes();
++
++ private ByteBuffer serverOut; // write side of serverEngine
++ private ByteBuffer serverIn; // read side of serverEngine
++
++ private volatile Exception clientException;
++ private volatile Exception serverException;
++
++ /*
++ * For data transport, this example uses local ByteBuffers.
++ */
++ private ByteBuffer cTOs; // "reliable" transport client->server
++ private ByteBuffer sTOc; // "reliable" transport server->client
++
++ /*
++ * The following is to set up the keystores/trust material.
++ */
++ private static final String pathToStores = "../../../../../../../etc/";
++ private static final String keyStoreFile = "keystore";
++ private static final String trustStoreFile = "truststore";
++ private static final String passwd = "passphrase";
++ private static String keyFilename =
++ System.getProperty("test.src", ".") + "/" + pathToStores
++ + "/" + keyStoreFile;
++ private static String trustFilename =
++ System.getProperty("test.src", ".") + "/" + pathToStores
++ + "/" + trustStoreFile;
++
++ /*
++ * Main entry point for this test.
++ */
++ public static void main(String args[]) throws Exception {
++ if (debug) {
++ System.setProperty("javax.net.debug", "all");
++ }
++
++ String [] protocols = new String [] {
++ "SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2" };
++
++ for (String protocol : protocols) {
++ log("Testing " + protocol);
++ /*
++ * Run the tests with direct and indirect buffers.
++ */
++ SSLEngineBadBufferArrayAccess test =
++ new SSLEngineBadBufferArrayAccess(protocol);
++ test.runTest(true);
++ test.runTest(false);
++ }
++
++ System.out.println("Test Passed.");
++ }
++
++ /*
++ * Create an initialized SSLContext to use for these tests.
++ */
++ public SSLEngineBadBufferArrayAccess(String protocol) throws Exception {
++
++ KeyStore ks = KeyStore.getInstance("JKS");
++ KeyStore ts = KeyStore.getInstance("JKS");
++
++ char[] passphrase = "passphrase".toCharArray();
++
++ ks.load(new FileInputStream(keyFilename), passphrase);
++ ts.load(new FileInputStream(trustFilename), passphrase);
++
++ KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
++ kmf.init(ks, passphrase);
++
++ TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
++ tmf.init(ts);
++
++ SSLContext sslCtx = SSLContext.getInstance(protocol);
++
++ sslCtx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
++
++ sslc = sslCtx;
++ }
++
++ /*
++ * Run the test.
++ *
++ * Sit in a tight loop, with the server engine calling wrap/unwrap
++ * regardless of whether data is available or not. We do this until
++ * we get the application data. Then we shutdown and go to the next one.
++ *
++ * The main loop handles all of the I/O phases of the SSLEngine's
++ * lifetime:
++ *
++ * initial handshaking
++ * application data transfer
++ * engine closing
++ *
++ * One could easily separate these phases into separate
++ * sections of code.
++ */
++ private void runTest(boolean direct) throws Exception {
++ boolean serverClose = direct;
++
++ serverSocket = new ServerSocket(0);
++ int port = serverSocket.getLocalPort();
++ Thread thread = createClientThread(port, serverClose);
++
++ socket = serverSocket.accept();
++ socket.setSoTimeout(500);
++ serverSocket.close();
++
++ createSSLEngine();
++ createBuffers(direct);
++
++ try {
++ boolean closed = false;
++
++ InputStream is = socket.getInputStream();
++ OutputStream os = socket.getOutputStream();
++
++ SSLEngineResult serverResult; // results from last operation
++
++ /*
++ * Examining the SSLEngineResults could be much more involved,
++ * and may alter the overall flow of the application.
++ *
++ * For example, if we received a BUFFER_OVERFLOW when trying
++ * to write to the output pipe, we could reallocate a larger
More information about the distro-pkg-dev
mailing list