diff --git a/src/java.base/share/classes/sun/security/ssl/SSLContextImpl.java b/src/java.base/share/classes/sun/security/ssl/SSLContextImpl.java index 0824f2d702d..53ff1454a53 100644 --- a/src/java.base/share/classes/sun/security/ssl/SSLContextImpl.java +++ b/src/java.base/share/classes/sun/security/ssl/SSLContextImpl.java @@ -25,7 +25,7 @@ package sun.security.ssl; -import java.io.*; +import java.io.FileInputStream; import java.net.Socket; import java.security.*; import java.security.cert.*; @@ -71,7 +71,8 @@ public abstract class SSLContextImpl extends SSLContextSpi { private volatile StatusResponseManager statusResponseManager; private final ReentrantLock contextLock = new ReentrantLock(); - final HashMap keyHashMap = new HashMap<>(); + final HashMap keyHashMap = new HashMap<>(); SSLContextImpl() { @@ -594,17 +595,6 @@ public abstract class SSLContextImpl extends SSLContextSpi { boolean isDTLS() { return false; } - - static ProtocolVersion[] getSupportedProtocols() { - return new ProtocolVersion[]{ - ProtocolVersion.TLS13, - ProtocolVersion.TLS12, - ProtocolVersion.TLS11, - ProtocolVersion.TLS10, - ProtocolVersion.SSL30, - ProtocolVersion.SSL20Hello - }; - } } /* @@ -858,9 +848,24 @@ public abstract class SSLContextImpl extends SSLContextSpi { ProtocolVersion[] candidates; if (refactored.isEmpty()) { if (client) { - candidates = getProtocols(); + // default client protocols + candidates = new ProtocolVersion[] { + ProtocolVersion.TLS13, + ProtocolVersion.TLS12, + ProtocolVersion.TLS11, + ProtocolVersion.TLS10, + ProtocolVersion.SSL30 + }; + } else { - candidates = getSupportedProtocols(); + candidates = new ProtocolVersion[] { + ProtocolVersion.TLS13, + ProtocolVersion.TLS12, + ProtocolVersion.TLS11, + ProtocolVersion.TLS10, + ProtocolVersion.SSL30, + ProtocolVersion.SSL20Hello + }; } } else { // Use the customized TLS protocols. @@ -871,16 +876,6 @@ public abstract class SSLContextImpl extends SSLContextSpi { return getAvailableProtocols(candidates); } - static ProtocolVersion[] getProtocols() { - return new ProtocolVersion[]{ - ProtocolVersion.TLS13, - ProtocolVersion.TLS12, - ProtocolVersion.TLS11, - ProtocolVersion.TLS10, - ProtocolVersion.SSL30 - }; - } - protected CustomizedTLSContext() { if (reservedException != null) { throw reservedException; @@ -906,8 +901,6 @@ public abstract class SSLContextImpl extends SSLContextSpi { List getServerDefaultCipherSuites() { return serverDefaultCipherSuites; } - - } /* @@ -1183,7 +1176,6 @@ public abstract class SSLContextImpl extends SSLContextSpi { private static final List serverDefaultCipherSuites; static { - // Both DTLSv1.0 and DTLSv1.2 can be used in FIPS mode. supportedProtocols = Arrays.asList( ProtocolVersion.DTLS12, ProtocolVersion.DTLS10