8287411: Enhance DTLS Performance

Reviewed-by: rhalade, ahgross, weijun, ascarpino

src/java.base/share/classes/sun/security/ssl/ClientHello.java

@@ -1378,10 +1378,14 @@ final class ClientHello {
                 shc.resumingSession = resumingSession ? previous : null;
             }
 
+
+            // We will by default exchange DTLS cookies for all handshakes
+            // (new and resumed) unless jdk.tls.enableDtlsResumeCookie=false.
+            // The property only affects the cookie exchange for resumption.
+            if (!shc.isResumption || SSLConfiguration.enableDtlsResumeCookie) {
                 HelloCookieManager hcm =
                         shc.sslContext.getHelloCookieManager(ProtocolVersion.DTLS10);
-            if (!shc.isResumption &&
-                !hcm.isCookieValid(shc, clientHello, clientHello.cookie)) {
+                if (!hcm.isCookieValid(shc, clientHello, clientHello.cookie)) {
                     //
                     // Perform cookie exchange for DTLS handshaking if no cookie
                     // or the cookie is invalid in the ClientHello message.
@@ -1398,6 +1402,7 @@ final class ClientHello {
 
                     return;
                 }
+            }
 
             // cache the client random number for further using
             shc.clientHelloRandom = clientHello.clientRandom;

src/java.base/share/classes/sun/security/ssl/SSLConfiguration.java

@@ -116,6 +116,9 @@ final class SSLConfiguration implements Cloneable {
     static final boolean enableFFDHE =
             Utilities.getBooleanProperty("jsse.enableFFDHE", true);
 
+    static final boolean enableDtlsResumeCookie = Utilities.getBooleanProperty(
+            "jdk.tls.enableDtlsResumeCookie", true);
+
     // Is the extended_master_secret extension supported?
     static {
         boolean supportExtendedMasterSecret = Utilities.getBooleanProperty(