(3rd Round) Proposed API Changes for JEP 114: TLS Server Name Indication (SNI) Extension
Xuelei Fan
xuelei.fan at oracle.com
Wed Aug 15 03:15:11 UTC 2012
On 8/14/2012 10:01 PM, Sean Mullan wrote:
> SSLSocketFactory
>
> - The new createSocket throws an IAE if the socket is an SSLSocket, but the
> existing createSocket method doesn't. That seems a bit odd, what do we currently do?
>
For the existing createSocket, it does not work when the socket is an
instance of SSLSocket. It is expected to read and write raw SSL records
from the socket. But if it is SSLSocket, the I/O are for application
data over the TLS layer.
I want to describe it clear in the new API.
Xuelei
> --Sean
>
>
> On 8/12/12 8:50 AM, Xuelei Fan wrote:
>> Hi,
>>
>> Please review the spec of JEP 114, TLS Server Name Indication (SNI)
>> Extension.
>>
>> http://cr.openjdk.java.net./~xuelei/7068321/webrev_spec.04/
>>
>> Please read the README to help you understanding the the specification:
>>
>> http://cr.openjdk.java.net./~xuelei/7068321/README_04.txt
>>
>> The major differences comparing with previous webrev are:
>> 1. client mode and server mode will use separated API set.
>> For client, the related APIs are:
>> setServerName(String type, String value)
>> clearServerName(String type)
>> disableServerName(String type)
>> enableServerName(String type)
>> isDisabledServerName(String type)
>> getServerNames()
>>
>> For server side, the related APIs are:
>> setServerNamePattern(String type, Pattern pattern)
>> clearServerNamePattern(String type)
>> getServerNamePatterns()
>>
>> 2. close the door to use the generated socket in client mode.
>>
>> SSLSocketFactory.createSocket(Socket s,
>> InputStream consumed, boolean autoClose)
>>
>> The returned socket was set in server mode.
>>
>> Regards,
>> Xuelei
>>
More information about the security-dev
mailing list