Code review request, JEP 114, 7068321 Support TLS Server Name Indication (SNI) Extension in JSSE Server
Brad Wetmore
bradford.wetmore at oracle.com
Wed Oct 10 00:33:31 UTC 2012
Hi again,
On 10/9/2012 8:56 AM, Xuelei Fan wrote:
> Thanks for the comments. The new comments for
> SSLEngine/SSLSocket/SSLServerSocket do make the spec much more simple
> and clear.
Thanks, that looks so much cleaner, and I think developers will
appreciate it.
> BTW, I removed the restriction on SSLSocketFactory.createSocket(), the
> socket parameter can be an instance of SSLSocket.
>
> The spec review is closed. Please file new bugs if you have other concerns.
Very minor comments in the API which don't need CCC modification.
javax/net/ssl/SNIHostName.java
==============================
Changes look good. Didn't review everything.
javax/net/ssl/SNIMatcher.java
=============================
Changes look good. Didn't review everything.
javax/net/ssl/SNIServerName.java
================================
Changes look good. Didn't review everything.
javax/net/ssl/StandardConstants.java
====================================
Didn't review.
javax/net/ssl/ExtendedSSLSession.java
=====================================
Didn't review.
javax/net/ssl/SSLParameters.java
================================
60: Wow, good catch!
314: Looks great, thanks!
javax/net/ssl/SSLSocketFactory.java
===================================
Change look good.
216: I think you need a period at end of sentence here.
231: Might suggest some reason text for the UnsupportedOperationException.
javax/net/ssl/SSLEngine.java
============================
Minor nit: Copyright.
1218/1220/1225: You are not closing the <li> properly, I think you are
effectively adding another empty bullet.
1227: Copy/paste error. You said socket, but probably meant engine. :)
javax/net/ssl/SSLServerSocket.java
==================================
Minor nit: Copyright.
488/490/495: You are not closing the <li> properly.
499: Similar comment to above. You could say server socket or leave as
is, since it is a kind of a socket.
javax/net/ssl/SSLSocket.java
============================
Minor nit: Copyright.
sun/security/ssl/Utilities.java
===============================
46: Minor comment on method name, you might want to use
"addToSNIServerNameList" since you are adding.
84: Just wondering why you added this method here? This added a bit of
overhead in extra methods calls (well, maybe not with hotspot unrolling)
and added a few chars to the source. So given that you have added this,
why not update the remainder also?
EngineOutputRecord/InputRecord/OutputRecord.
See the below comment in SSLSocketImpl.java. If you decide to accept
it, you will want to remove the unmodifiable collection.
sun/security/ssl/BaseSSLSocketImpl.java
=======================================
OK
sun/security/ssl/ClientHandshaker.java
======================================
OK
sun/security/ssl/HandshakeInStream.java
=======================================
OK
sun/security/ssl/HandshakeMessage.java
======================================
OK
sun/security/ssl/Handshaker.java
================================
291: The change to allow for setting of SNI information has opened up a
race condition. It's probably not too bad for SSLSocket, but might be
more for SSLEngine. When we create ClientHandshaker/ServerHandshakers,
we normally grab all the parameters necessary for the handshaker, and
any future parameter modifications will apply to the next handshake. In
the past, our SNI information would never change, so it wasn't necessary
to pass it in on creation. That assumption no longer holds.
So you could see something like this:
sslEngine.beginHandshake();
SSLParameters sslp = new SSLParameters();
sslp.setHostnames("example.com");
sslEngine.setSSLParameters(sslp);
// do handshake...
and you'll get the new value instead of old.
sun/security/ssl/HelloExtensions.java
=====================================
35: Are these extra imports necessary with the package import at line 31?
307: Can you add the "backwards compatibility" comment about the size?
For
backward compatibility, all future data structures associated with
new NameTypes MUST begin with a 16-bit length field.
I'll forget it otherwise.
423: This behavior is currently underspecified. Right now we have one
SNI match type, but eventually we might have more. Your current impl
requires that *ALL* SNI matchers match. What if you have more than one,
and more than one SNI hostnames are sent?
SNIHostname: "example.com"
SNINickName: "www.example.com"
SNIMatcher: "example.com"
SNINickNameMatcher: "www1.example.com
Should this fail or succeed? That is, should it be an AND or an OR?
Whatever you decide, please document it at least here. Not sure if you
want to make the doc at the API level.
438: Minor nit: snInOther -> sniInOther?
sun/security/ssl/ProtocolList.java
==================================
OK
sun/security/ssl/SSLEngineImpl.java
===================================
2084: See comments in SSLSocketImpl.java:2509.
2100/2107: See comments in Handshaker.
sun/security/ssl/SSLServerSocketImpl.java
=========================================
OK
sun/security/ssl/SSLSessionImpl.java
====================================
OK
sun/security/ssl/SSLSocketFactoryImpl.java
==========================================
OK
sun/security/ssl/SSLSocketImpl.java
===================================
561: If I'm remembering and understanding this code right:
this.host = sock.getLocalAddress().getHostName(); // in server mode
Don't ServerSockets generally creates Sockets with just local IP
addresses (no hostnames), so this getHostname() will trigger a reverse
hostname lookup? Is that right?
2509: Something to investigate: you are depending on SSLParameters
returning an unmodifiable list. But a subclass might not do that. Can
you think of any situations where this might be a bad idea? If so, then
we might want to change the unmodifiable language in SSLParameters and
do regular cloning. This will have repercussions in other areas, like
around 2527/2532, where you'll need to pass a copy to the Handshaker.
2524/2541: See comments in Handshaker.
sun/security/ssl/ServerHandshaker.java
======================================
OK
sun/security/ssl/SunJSSE.java
=============================
OK
sun/security/ssl/X509KeyManagerImpl.java
========================================
133/150: Thanks for the comment here.
sun/security/ssl/X509TrustManagerImpl.java
==========================================
OK
Thanks,
Brad
More information about the security-dev
mailing list