325 mesg.print(System.out);
326 }
327
328 // Reject client initiated renegotiation?
329 //
330 // If server side should reject client-initiated renegotiation,
331 // send an alert_handshake_failure fatal alert, not a no_renegotiation
332 // warning alert (no_renegotiation must be a warning: RFC 2246).
333 // no_renegotiation might seem more natural at first, but warnings
334 // are not appropriate because the sending party does not know how
335 // the receiving party will behave. This state must be treated as
336 // a fatal server condition.
337 //
338 // This will not have any impact on server initiated renegotiation.
339 if (rejectClientInitiatedRenego && !isInitialHandshake &&
340 state != HandshakeMessage.ht_hello_request) {
341 fatalSE(Alerts.alert_handshake_failure,
342 "Client initiated renegotiation is not allowed");
343 }
344
345 // check the server name indication if required
346 ServerNameExtension clientHelloSNIExt = (ServerNameExtension)
347 mesg.extensions.get(ExtensionType.EXT_SERVER_NAME);
348 if (!sniMatchers.isEmpty()) {
349 // we do not reject client without SNI extension
350 if (clientHelloSNIExt != null &&
351 !clientHelloSNIExt.isMatched(sniMatchers)) {
352 fatalSE(Alerts.alert_unrecognized_name,
353 "Unrecognized server name indication");
354 }
355 }
356
357 // Does the message include security renegotiation indication?
358 boolean renegotiationIndicated = false;
359
360 // check the TLS_EMPTY_RENEGOTIATION_INFO_SCSV
361 CipherSuiteList cipherSuites = mesg.getCipherSuites();
362 if (cipherSuites.contains(CipherSuite.C_SCSV)) {
363 renegotiationIndicated = true;
364 if (isInitialHandshake) {
365 secureRenegotiation = true;
366 } else {
367 // abort the handshake with a fatal handshake_failure alert
368 if (secureRenegotiation) {
369 fatalSE(Alerts.alert_handshake_failure,
370 "The SCSV is present in a secure renegotiation");
371 } else {
372 fatalSE(Alerts.alert_handshake_failure,
373 "The SCSV is present in a insecure renegotiation");
374 }
375 }
376 }
377
378 // check the "renegotiation_info" extension
379 RenegotiationInfoExtension clientHelloRI = (RenegotiationInfoExtension)
380 mesg.extensions.get(ExtensionType.EXT_RENEGOTIATION_INFO);
381 if (clientHelloRI != null) {
|
325 mesg.print(System.out);
326 }
327
328 // Reject client initiated renegotiation?
329 //
330 // If server side should reject client-initiated renegotiation,
331 // send an alert_handshake_failure fatal alert, not a no_renegotiation
332 // warning alert (no_renegotiation must be a warning: RFC 2246).
333 // no_renegotiation might seem more natural at first, but warnings
334 // are not appropriate because the sending party does not know how
335 // the receiving party will behave. This state must be treated as
336 // a fatal server condition.
337 //
338 // This will not have any impact on server initiated renegotiation.
339 if (rejectClientInitiatedRenego && !isInitialHandshake &&
340 state != HandshakeMessage.ht_hello_request) {
341 fatalSE(Alerts.alert_handshake_failure,
342 "Client initiated renegotiation is not allowed");
343 }
344
345 CipherSuiteList cipherSuites = mesg.getCipherSuites();
346 if (cipherSuites.contains(CipherSuite.C_FALLBACK_SCSV)
347 && mesg.protocolVersion.compareTo(getActiveProtocols().max) < 0) {
348 // Some clients expect a response with the version they
349 // requested.
350 setVersion(mesg.protocolVersion);
351 fatalSE(Alerts.alert_inappropriate_fallback,
352 "Client protocol downgrade is not allowed");
353 }
354
355 // check the server name indication if required
356 ServerNameExtension clientHelloSNIExt = (ServerNameExtension)
357 mesg.extensions.get(ExtensionType.EXT_SERVER_NAME);
358 if (!sniMatchers.isEmpty()) {
359 // we do not reject client without SNI extension
360 if (clientHelloSNIExt != null &&
361 !clientHelloSNIExt.isMatched(sniMatchers)) {
362 fatalSE(Alerts.alert_unrecognized_name,
363 "Unrecognized server name indication");
364 }
365 }
366
367 // Does the message include security renegotiation indication?
368 boolean renegotiationIndicated = false;
369
370 // check the TLS_EMPTY_RENEGOTIATION_INFO_SCSV
371 if (cipherSuites.contains(CipherSuite.C_SCSV)) {
372 renegotiationIndicated = true;
373 if (isInitialHandshake) {
374 secureRenegotiation = true;
375 } else {
376 // abort the handshake with a fatal handshake_failure alert
377 if (secureRenegotiation) {
378 fatalSE(Alerts.alert_handshake_failure,
379 "The SCSV is present in a secure renegotiation");
380 } else {
381 fatalSE(Alerts.alert_handshake_failure,
382 "The SCSV is present in a insecure renegotiation");
383 }
384 }
385 }
386
387 // check the "renegotiation_info" extension
388 RenegotiationInfoExtension clientHelloRI = (RenegotiationInfoExtension)
389 mesg.extensions.get(ExtensionType.EXT_RENEGOTIATION_INFO);
390 if (clientHelloRI != null) {
|