/*
* Sends a change cipher spec message and updates the write side
* cipher state so that future messages use the just-negotiated spec.
*/
void sendChangeCipherSpec(Finished mesg, boolean lastMessage) throws IOException {
output.flush(); // i.e. handshake data
/*
* The write cipher state is protected by the connection write lock
* so we must grab it while making the change. We also
* make sure no writes occur between sending the ChangeCipherSpec
* message, installing the new cipher state, and sending the
* Finished message.
*
* We already hold SSLEngine/SSLSocket "this" by virtue
* of this being called from the readRecord code.
*/
OutputRecord r;
if (conn != null) {
r = new OutputRecord(Record.ct_change_cipher_spec);
} else {
r = new EngineOutputRecord(Record.ct_change_cipher_spec, engine);
}
r.setVersion(protocolVersion);
r.write(1); // single byte of data
if (conn != null) {
conn.writeLock.lock();
try {
conn.writeRecord(r);
conn.changeWriteCiphers();
if (debug != null && Debug.isOn("handshake")) {
mesg.print(System.out);
}
mesg.write(output);
output.flush();
} finally {
conn.writeLock.unlock();
}
} else {
synchronized (engine.writeLock) {
engine.writeRecord((EngineOutputRecord) r);
engine.changeWriteCiphers();
if (debug != null && Debug.isOn("handshake")) {
mesg.print(System.out);
}
mesg.write(output);
if (lastMessage) {
output.setFinishedMsg();
}
output.flush();
}
}
}
private void setVersionSE(ProtocolVersion protocolVersion) {
if (conn != null) {
conn.setVersion(protocolVersion);
} else {
engine.setVersion(protocolVersion);
}
}
/*
* Set the handshake session
*/
void setHandshakeSessionSE(SSLSessionImpl handshakeSession) {
if (conn != null) {
conn.setHandshakeSession(handshakeSession);
} else {
engine.setHandshakeSession(handshakeSession);
}
}
int getPortSE() {
if (conn != null) {
return conn.getPort();
} else {
return engine.getPeerPort();
}
}
AccessControlContext getAccSE() {
if (conn != null) {
return conn.getAcc();
} else {
return engine.getAcc();
}
}
String getHostSE() {
if (conn != null) {
return conn.getHost();
} else {
return engine.getPeerHost();
}
}
String getRawHostnameSE() {
if (conn != null) {
return conn.getRawHostname();
} else {
return engine.getPeerHost();
}
}
void warningSE(byte b) {
if (conn != null) {
conn.warning(b);
} else {
engine.warning(b);
}
}
void fatalSE(byte b, String diagnostic, Throwable cause) throws IOException {
if (conn != null) {
conn.fatal(b, diagnostic, cause);
} else {
engine.fatal(b, diagnostic, cause);
}
}
String getHostAddressSE() {
if (conn != null) {
return conn.getInetAddress().getHostAddress();
} else {
/*
* This is for caching only, doesn't matter that's is really
* a hostname. The main thing is that it doesn't do
* a reverse DNS lookup, potentially slowing things down.
*/
return engine.getPeerHost();
}
}