bcgit
diff --git a/‎tls/src/main/java/org/bouncycastle/tls/DTLSClientProtocol.java‎
Lines changed: 20 additions & 11 deletions b/‎tls/src/main/java/org/bouncycastle/tls/DTLSClientProtocol.java‎
Lines changed: 20 additions & 11 deletions
diff --git a/‎tls/src/main/java/org/bouncycastle/tls/DTLSRecordLayer.java‎
Lines changed: 6 additions & 1 deletion b/‎tls/src/main/java/org/bouncycastle/tls/DTLSRecordLayer.java‎
Lines changed: 6 additions & 1 deletion
diff --git a/‎tls/src/main/java/org/bouncycastle/tls/DTLSServerProtocol.java‎
Lines changed: 32 additions & 32 deletions b/‎tls/src/main/java/org/bouncycastle/tls/DTLSServerProtocol.java‎
Lines changed: 32 additions & 32 deletions
diff --git a/‎tls/src/main/java/org/bouncycastle/tls/DTLSTransport.java‎
Lines changed: 10 additions & 0 deletions b/‎tls/src/main/java/org/bouncycastle/tls/DTLSTransport.java‎
Lines changed: 10 additions & 0 deletions
diff --git a/‎tls/src/main/java/org/bouncycastle/tls/TlsProtocol.java‎
Lines changed: 14 additions & 4 deletions b/‎tls/src/main/java/org/bouncycastle/tls/TlsProtocol.java‎
Lines changed: 14 additions & 4 deletions
@@ -34,10 +34,6 @@ public DTLSTransport connect(TlsClient client, DatagramTransport transport)
 
         TlsClientContextImpl clientContext = new TlsClientContextImpl(client.getCrypto());
 
-        ClientHandshakeState state = new ClientHandshakeState();
-        state.client = client;
-        state.clientContext = clientContext;
-
         client.init(clientContext);
         clientContext.handshakeBeginning(client);
 
@@ -47,23 +43,34 @@ public DTLSTransport connect(TlsClient client, DatagramTransport transport)
         DTLSRecordLayer recordLayer = new DTLSRecordLayer(clientContext, client, transport);
         client.notifyCloseHandle(recordLayer);
 
+        ClientHandshakeState state = new ClientHandshakeState();
+        state.client = client;
+        state.clientContext = clientContext;
+        state.recordLayer = recordLayer;
+
         try
         {
-            return clientHandshake(state, recordLayer);
+            return clientHandshake(state);
+        }
+        catch (TlsFatalAlertReceived fatalAlertReceived)
+        {
+//            assert recordLayer.isFailed();
+            invalidateSession(state);
+            throw fatalAlertReceived;
         }
         catch (TlsFatalAlert fatalAlert)
         {
-            abortClientHandshake(state, recordLayer, fatalAlert.getAlertDescription());
+            abortClientHandshake(state, fatalAlert.getAlertDescription());
             throw fatalAlert;
         }
         catch (IOException e)
         {
-            abortClientHandshake(state, recordLayer, AlertDescription.internal_error);
+            abortClientHandshake(state, AlertDescription.internal_error);
             throw e;
         }
         catch (RuntimeException e)
         {
-            abortClientHandshake(state, recordLayer, AlertDescription.internal_error);
+            abortClientHandshake(state, AlertDescription.internal_error);
             throw new TlsFatalAlert(AlertDescription.internal_error, e);
         }
         finally
@@ -72,17 +79,18 @@ public DTLSTransport connect(TlsClient client, DatagramTransport transport)
         }
     }
 
-    protected void abortClientHandshake(ClientHandshakeState state, DTLSRecordLayer recordLayer, short alertDescription)
+    protected void abortClientHandshake(ClientHandshakeState state, short alertDescription)
     {
-        recordLayer.fail(alertDescription);
+        state.recordLayer.fail(alertDescription);
         invalidateSession(state);
     }
 
-    protected DTLSTransport clientHandshake(ClientHandshakeState state, DTLSRecordLayer recordLayer)
+    protected DTLSTransport clientHandshake(ClientHandshakeState state)
         throws IOException
     {
         TlsClient client = state.client;
         TlsClientContextImpl clientContext = state.clientContext;
+        DTLSRecordLayer recordLayer = state.recordLayer;
         SecurityParameters securityParameters = clientContext.getSecurityParametersHandshake();
 
         DTLSReliableHandshake handshake = new DTLSReliableHandshake(clientContext, recordLayer,
@@ -1136,6 +1144,7 @@ protected static class ClientHandshakeState
     {
         TlsClient client = null;
         TlsClientContextImpl clientContext = null;
+        DTLSRecordLayer recordLayer = null;
         TlsSession tlsSession = null;
         SessionParameters sessionParameters = null;
         TlsSecret sessionMasterSecret = null;
 
@@ -150,6 +150,11 @@ boolean isClosed()
         return closed;
     }
 
+    boolean isFailed()
+    {
+        return failed;
+    }
+
     void resetAfterHelloVerifyRequestServer(long recordSeq)
     {
         this.inConnection = true;
@@ -740,7 +745,7 @@ else if (null != retransmitEpoch && epoch == retransmitEpoch.getEpoch())
                 if (alertLevel == AlertLevel.fatal)
                 {
                     failed();
-                    throw new TlsFatalAlert(alertDescription);
+                    throw new TlsFatalAlertReceived(alertDescription);
                 }
 
                 // TODO Can close_notify be a fatal alert?
 
@@ -50,10 +50,6 @@ public DTLSTransport accept(TlsServer server, DatagramTransport transport, DTLSR
 
         TlsServerContextImpl serverContext = new TlsServerContextImpl(server.getCrypto());
 
-        ServerHandshakeState state = new ServerHandshakeState();
-        state.server = server;
-        state.serverContext = serverContext;
-
         server.init(serverContext);
         serverContext.handshakeBeginning(server);
 
@@ -63,23 +59,34 @@ public DTLSTransport accept(TlsServer server, DatagramTransport transport, DTLSR
         DTLSRecordLayer recordLayer = new DTLSRecordLayer(serverContext, server, transport);
         server.notifyCloseHandle(recordLayer);
 
+        ServerHandshakeState state = new ServerHandshakeState();
+        state.server = server;
+        state.serverContext = serverContext;
+        state.recordLayer = recordLayer;
+
         try
         {
-            return serverHandshake(state, recordLayer, request);
+            return serverHandshake(state, request);
+        }
+        catch (TlsFatalAlertReceived fatalAlertReceived)
+        {
+//            assert recordLayer.isFailed();
+            invalidateSession(state);
+            throw fatalAlertReceived;
         }
         catch (TlsFatalAlert fatalAlert)
         {
-            abortServerHandshake(state, recordLayer, fatalAlert.getAlertDescription());
+            abortServerHandshake(state, fatalAlert.getAlertDescription());
             throw fatalAlert;
         }
         catch (IOException e)
         {
-            abortServerHandshake(state, recordLayer, AlertDescription.internal_error);
+            abortServerHandshake(state, AlertDescription.internal_error);
             throw e;
         }
         catch (RuntimeException e)
         {
-            abortServerHandshake(state, recordLayer, AlertDescription.internal_error);
+            abortServerHandshake(state, AlertDescription.internal_error);
             throw new TlsFatalAlert(AlertDescription.internal_error, e);
         }
         finally
@@ -88,17 +95,17 @@ public DTLSTransport accept(TlsServer server, DatagramTransport transport, DTLSR
         }
     }
 
-    protected void abortServerHandshake(ServerHandshakeState state, DTLSRecordLayer recordLayer, short alertDescription)
+    protected void abortServerHandshake(ServerHandshakeState state, short alertDescription)
     {
-        recordLayer.fail(alertDescription);
+        state.recordLayer.fail(alertDescription);
         invalidateSession(state);
     }
 
-    protected DTLSTransport serverHandshake(ServerHandshakeState state, DTLSRecordLayer recordLayer,
-        DTLSRequest request) throws IOException
+    protected DTLSTransport serverHandshake(ServerHandshakeState state, DTLSRequest request) throws IOException
     {
         TlsServer server = state.server;
         TlsServerContextImpl serverContext = state.serverContext;
+        DTLSRecordLayer recordLayer = state.recordLayer;
         SecurityParameters securityParameters = serverContext.getSecurityParametersHandshake();
 
         DTLSReliableHandshake handshake = new DTLSReliableHandshake(serverContext, recordLayer,
@@ -110,9 +117,6 @@ protected DTLSTransport serverHandshake(ServerHandshakeState state, DTLSRecordLa
         {
             clientMessage = handshake.receiveMessage();
 
-            // NOTE: DTLSRecordLayer requires any DTLS version, we don't otherwise constrain this
-//            ProtocolVersion recordLayerVersion = recordLayer.getReadVersion();
-
             if (clientMessage.getType() == HandshakeType.client_hello)
             {
                 processClientHello(state, clientMessage.getBody());
@@ -132,14 +136,7 @@ protected DTLSTransport serverHandshake(ServerHandshakeState state, DTLSRecordLa
         }
 
         {
-            byte[] serverHelloBody = generateServerHello(state, recordLayer);
-
-            // TODO[dtls13] Ideally, move this into generateServerHello once legacy_record_version clarified
-            {
-                ProtocolVersion recordLayerVersion = serverContext.getServerVersion();
-                recordLayer.setReadVersion(recordLayerVersion);
-                recordLayer.setWriteVersion(recordLayerVersion);
-            }
+            byte[] serverHelloBody = generateServerHello(state);
 
             handshake.sendMessage(HandshakeType.server_hello, serverHelloBody);
         }
@@ -446,15 +443,13 @@ protected byte[] generateNewSessionTicket(ServerHandshakeState state, NewSession
         return buf.toByteArray();
     }
 
-    protected byte[] generateServerHello(ServerHandshakeState state, DTLSRecordLayer recordLayer)
+    protected byte[] generateServerHello(ServerHandshakeState state)
         throws IOException
     {
         TlsServer server = state.server;
         TlsServerContextImpl serverContext = state.serverContext;
         SecurityParameters securityParameters = serverContext.getSecurityParametersHandshake();
 
-        // TODO[dtls13] Negotiate cipher suite first?
-
         ProtocolVersion serverVersion;
 
         // NOT renegotiating
@@ -470,22 +465,24 @@ protected byte[] generateServerHello(ServerHandshakeState state, DTLSRecordLayer
 //                ? ProtocolVersion.DTLSv12
 //                : server_version;
 //
-//            recordLayer.setWriteVersion(legacy_record_version);
+//            state.recordLayer.setWriteVersion(legacy_record_version);
             securityParameters.negotiatedVersion = serverVersion;
         }
 
         // TODO[dtls13]
 //        if (ProtocolVersion.DTLSv13.isEqualOrEarlierVersionOf(serverVersion))
 //        {
 //            // See RFC 8446 D.4.
-//            recordStream.setIgnoreChangeCipherSpec(true);
+//            state.recordLayer.setIgnoreChangeCipherSpec(true);
 //
-//            recordStream.setWriteVersion(ProtocolVersion.DTLSv12);
+//            state.recordLayer.setReadVersion(ProtocolVersion.DTLSv12);
+//            state.recordLayer.setWriteVersion(ProtocolVersion.DTLSv12);
 //
 //            return generate13ServerHello(clientHello, clientHelloMessage, false);
 //        }
-//
-//        recordStream.setWriteVersion(serverVersion);
+
+        state.recordLayer.setReadVersion(serverVersion);
+        state.recordLayer.setWriteVersion(serverVersion);
 
         {
             boolean useGMTUnixTime = server.shouldUseGMTUnixTime();
@@ -704,7 +701,7 @@ else if (TlsUtils.hasExpectedEmptyExtensionData(state.serverExtensions,
 
         state.clientHello = null;
 
-        applyMaxFragmentLengthExtension(recordLayer, securityParameters.getMaxFragmentLength());
+        applyMaxFragmentLengthExtension(state.recordLayer, securityParameters.getMaxFragmentLength());
 
         ByteArrayOutputStream buf = new ByteArrayOutputStream();
         serverHello.encode(serverContext, buf);
@@ -838,6 +835,8 @@ protected void processClientHello(ServerHandshakeState state, byte[] body)
     protected void processClientHello(ServerHandshakeState state, ClientHello clientHello)
         throws IOException
     {
+        state.recordLayer.setWriteVersion(ProtocolVersion.DTLSv10);
+
         state.clientHello = clientHello;
 
         // TODO Read RFCs for guidance on the expected record layer version number
@@ -1014,6 +1013,7 @@ protected static class ServerHandshakeState
     {
         TlsServer server = null;
         TlsServerContextImpl serverContext = null;
+        DTLSRecordLayer recordLayer = null;
         TlsSession tlsSession = null;
         SessionParameters sessionParameters = null;
         TlsSecret sessionMasterSecret = null;
 
@@ -55,6 +55,11 @@ public int receive(byte[] buf, int off, int len, int waitMillis, DTLSRecordCallb
         {
             return recordLayer.receive(buf, off, len, waitMillis, recordCallback);
         }
+        catch (TlsFatalAlertReceived fatalAlertReceived)
+        {
+//            assert recordLayer.isFailed();
+            throw fatalAlertReceived;
+        }
         catch (TlsFatalAlert fatalAlert)
         {
             if (AlertDescription.bad_record_mac == fatalAlert.getAlertDescription())
@@ -107,6 +112,11 @@ public int receivePending(byte[] buf, int off, int len, DTLSRecordCallback recor
         {
             return recordLayer.receivePending(buf, off, len, recordCallback);
         }
+        catch (TlsFatalAlertReceived fatalAlertReceived)
+        {
+//            assert recordLayer.isFailed();
+            throw fatalAlertReceived;
+        }
         catch (TlsFatalAlert fatalAlert)
         {
             if (AlertDescription.bad_record_mac == fatalAlert.getAlertDescription())
 
@@ -144,7 +144,7 @@ protected boolean isTLSv13ConnectionState()
     private TlsOutputStream tlsOutputStream = null;
 
     private volatile boolean closed = false;
-    private volatile boolean failedWithError = false;
+    private volatile boolean failed = false;
     private volatile boolean appDataReady = false;
     private volatile boolean appDataSplitEnabled = true;
     private volatile boolean keyUpdateEnabled = false;
@@ -324,7 +324,7 @@ protected void handleException(short alertDescription, String message, Throwable
     protected void handleFailure() throws IOException
     {
         this.closed = true;
-        this.failedWithError = true;
+        this.failed = true;
 
         /*
          * RFC 2246 7.2.1. The session becomes unresumable if any connection is terminated
@@ -819,7 +819,7 @@ public int readApplicationData(byte[] buf, int off, int len)
         {
             if (this.closed)
             {
-                if (this.failedWithError)
+                if (this.failed)
                 {
                     throw new IOException("Cannot read application data on failed TLS connection");
                 }
@@ -885,7 +885,7 @@ protected void safeReadRecord()
         }
         catch (TlsFatalAlertReceived e)
         {
-            // Connection failure already handled at source
+//            assert isFailed();
             throw e;
         }
         catch (TlsFatalAlert e)
@@ -916,6 +916,11 @@ protected boolean safeReadFullRecord(byte[] input, int inputOff, int inputLen)
         {
             return recordStream.readFullRecord(input, inputOff, inputLen);
         }
+        catch (TlsFatalAlertReceived e)
+        {
+//            assert isFailed();
+            throw e;
+        }
         catch (TlsFatalAlert e)
         {
             handleException(e.getAlertDescription(), "Failed to process record", e);
@@ -1917,6 +1922,11 @@ public boolean isConnected()
         return null != context && context.isConnected();
     }
 
+    public boolean isFailed()
+    {
+        return failed;
+    }
+
     public boolean isHandshaking()
     {
         if (closed)
Original file line number	Diff line number	Diff line change
`@@ -34,10 +34,6 @@ public DTLSTransport connect(TlsClient client, DatagramTransport transport)`
`34`	`34`
`35`	`35`	`TlsClientContextImpl clientContext = new TlsClientContextImpl(client.getCrypto());`
`36`	`36`
`37`		`- ClientHandshakeState state = new ClientHandshakeState();`
`38`		`- state.client = client;`
`39`		`- state.clientContext = clientContext;`
`40`		`-`
`41`	`37`	`client.init(clientContext);`
`42`	`38`	`clientContext.handshakeBeginning(client);`
`43`	`39`
`@@ -47,23 +43,34 @@ public DTLSTransport connect(TlsClient client, DatagramTransport transport)`
`47`	`43`	`DTLSRecordLayer recordLayer = new DTLSRecordLayer(clientContext, client, transport);`
`48`	`44`	`client.notifyCloseHandle(recordLayer);`
`49`	`45`
	`46`	`+ ClientHandshakeState state = new ClientHandshakeState();`
	`47`	`+ state.client = client;`
	`48`	`+ state.clientContext = clientContext;`
	`49`	`+ state.recordLayer = recordLayer;`
	`50`	`+`
`50`	`51`	`try`
`51`	`52`	`{`
`52`		`- return clientHandshake(state, recordLayer);`
	`53`	`+ return clientHandshake(state);`
	`54`	`+ }`
	`55`	`+ catch (TlsFatalAlertReceived fatalAlertReceived)`
	`56`	`+ {`
	`57`	`+// assert recordLayer.isFailed();`
	`58`	`+ invalidateSession(state);`
	`59`	`+ throw fatalAlertReceived;`
`53`	`60`	`}`
`54`	`61`	`catch (TlsFatalAlert fatalAlert)`
`55`	`62`	`{`
`56`		`- abortClientHandshake(state, recordLayer, fatalAlert.getAlertDescription());`
	`63`	`+ abortClientHandshake(state, fatalAlert.getAlertDescription());`
`57`	`64`	`throw fatalAlert;`
`58`	`65`	`}`
`59`	`66`	`catch (IOException e)`
`60`	`67`	`{`
`61`		`- abortClientHandshake(state, recordLayer, AlertDescription.internal_error);`
	`68`	`+ abortClientHandshake(state, AlertDescription.internal_error);`
`62`	`69`	`throw e;`
`63`	`70`	`}`
`64`	`71`	`catch (RuntimeException e)`
`65`	`72`	`{`
`66`		`- abortClientHandshake(state, recordLayer, AlertDescription.internal_error);`
	`73`	`+ abortClientHandshake(state, AlertDescription.internal_error);`
`67`	`74`	`throw new TlsFatalAlert(AlertDescription.internal_error, e);`
`68`	`75`	`}`
`69`	`76`	`finally`
`@@ -72,17 +79,18 @@ public DTLSTransport connect(TlsClient client, DatagramTransport transport)`
`72`	`79`	`}`
`73`	`80`	`}`
`74`	`81`
`75`		`- protected void abortClientHandshake(ClientHandshakeState state, DTLSRecordLayer recordLayer, short alertDescription)`
	`82`	`+ protected void abortClientHandshake(ClientHandshakeState state, short alertDescription)`
`76`	`83`	`{`
`77`		`- recordLayer.fail(alertDescription);`
	`84`	`+ state.recordLayer.fail(alertDescription);`
`78`	`85`	`invalidateSession(state);`
`79`	`86`	`}`
`80`	`87`
`81`		`- protected DTLSTransport clientHandshake(ClientHandshakeState state, DTLSRecordLayer recordLayer)`
	`88`	`+ protected DTLSTransport clientHandshake(ClientHandshakeState state)`
`82`	`89`	`throws IOException`
`83`	`90`	`{`
`84`	`91`	`TlsClient client = state.client;`
`85`	`92`	`TlsClientContextImpl clientContext = state.clientContext;`
	`93`	`+ DTLSRecordLayer recordLayer = state.recordLayer;`
`86`	`94`	`SecurityParameters securityParameters = clientContext.getSecurityParametersHandshake();`
`87`	`95`
`88`	`96`	`DTLSReliableHandshake handshake = new DTLSReliableHandshake(clientContext, recordLayer,`
`@@ -1136,6 +1144,7 @@ protected static class ClientHandshakeState`
`1136`	`1144`	`{`
`1137`	`1145`	`TlsClient client = null;`
`1138`	`1146`	`TlsClientContextImpl clientContext = null;`
	`1147`	`+ DTLSRecordLayer recordLayer = null;`
`1139`	`1148`	`TlsSession tlsSession = null;`
`1140`	`1149`	`SessionParameters sessionParameters = null;`
`1141`	`1150`	`TlsSecret sessionMasterSecret = null;`
Original file line number	Diff line number	Diff line change
`@@ -150,6 +150,11 @@ boolean isClosed()`
`150`	`150`	`return closed;`
`151`	`151`	`}`
`152`	`152`
	`153`	`+ boolean isFailed()`
	`154`	`+ {`
	`155`	`+ return failed;`
	`156`	`+ }`
	`157`	`+`
`153`	`158`	`void resetAfterHelloVerifyRequestServer(long recordSeq)`
`154`	`159`	`{`
`155`	`160`	`this.inConnection = true;`
`@@ -740,7 +745,7 @@ else if (null != retransmitEpoch && epoch == retransmitEpoch.getEpoch())`
`740`	`745`	`if (alertLevel == AlertLevel.fatal)`
`741`	`746`	`{`
`742`	`747`	`failed();`
`743`		`- throw new TlsFatalAlert(alertDescription);`
	`748`	`+ throw new TlsFatalAlertReceived(alertDescription);`
`744`	`749`	`}`
`745`	`750`
`746`	`751`	`// TODO Can close_notify be a fatal alert?`
Original file line number	Diff line number	Diff line change
`@@ -55,6 +55,11 @@ public int receive(byte[] buf, int off, int len, int waitMillis, DTLSRecordCallb`
`55`	`55`	`{`
`56`	`56`	`return recordLayer.receive(buf, off, len, waitMillis, recordCallback);`
`57`	`57`	`}`
	`58`	`+ catch (TlsFatalAlertReceived fatalAlertReceived)`
	`59`	`+ {`
	`60`	`+// assert recordLayer.isFailed();`
	`61`	`+ throw fatalAlertReceived;`
	`62`	`+ }`
`58`	`63`	`catch (TlsFatalAlert fatalAlert)`
`59`	`64`	`{`
`60`	`65`	`if (AlertDescription.bad_record_mac == fatalAlert.getAlertDescription())`
`@@ -107,6 +112,11 @@ public int receivePending(byte[] buf, int off, int len, DTLSRecordCallback recor`
`107`	`112`	`{`
`108`	`113`	`return recordLayer.receivePending(buf, off, len, recordCallback);`
`109`	`114`	`}`
	`115`	`+ catch (TlsFatalAlertReceived fatalAlertReceived)`
	`116`	`+ {`
	`117`	`+// assert recordLayer.isFailed();`
	`118`	`+ throw fatalAlertReceived;`
	`119`	`+ }`
`110`	`120`	`catch (TlsFatalAlert fatalAlert)`
`111`	`121`	`{`
`112`	`122`	`if (AlertDescription.bad_record_mac == fatalAlert.getAlertDescription())`
Original file line number	Diff line number	Diff line change
`@@ -144,7 +144,7 @@ protected boolean isTLSv13ConnectionState()`
`144`	`144`	`private TlsOutputStream tlsOutputStream = null;`
`145`	`145`
`146`	`146`	`private volatile boolean closed = false;`
`147`		`- private volatile boolean failedWithError = false;`
	`147`	`+ private volatile boolean failed = false;`
`148`	`148`	`private volatile boolean appDataReady = false;`
`149`	`149`	`private volatile boolean appDataSplitEnabled = true;`
`150`	`150`	`private volatile boolean keyUpdateEnabled = false;`
`@@ -324,7 +324,7 @@ protected void handleException(short alertDescription, String message, Throwable`
`324`	`324`	`protected void handleFailure() throws IOException`
`325`	`325`	`{`
`326`	`326`	`this.closed = true;`
`327`		`- this.failedWithError = true;`
	`327`	`+ this.failed = true;`
`328`	`328`
`329`	`329`	`/*`
`330`	`330`	`* RFC 2246 7.2.1. The session becomes unresumable if any connection is terminated`
`@@ -819,7 +819,7 @@ public int readApplicationData(byte[] buf, int off, int len)`
`819`	`819`	`{`
`820`	`820`	`if (this.closed)`
`821`	`821`	`{`
`822`		`- if (this.failedWithError)`
	`822`	`+ if (this.failed)`
`823`	`823`	`{`
`824`	`824`	`throw new IOException("Cannot read application data on failed TLS connection");`
`825`	`825`	`}`
`@@ -885,7 +885,7 @@ protected void safeReadRecord()`
`885`	`885`	`}`
`886`	`886`	`catch (TlsFatalAlertReceived e)`
`887`	`887`	`{`
`888`		`- // Connection failure already handled at source`
	`888`	`+// assert isFailed();`
`889`	`889`	`throw e;`
`890`	`890`	`}`
`891`	`891`	`catch (TlsFatalAlert e)`
`@@ -916,6 +916,11 @@ protected boolean safeReadFullRecord(byte[] input, int inputOff, int inputLen)`
`916`	`916`	`{`
`917`	`917`	`return recordStream.readFullRecord(input, inputOff, inputLen);`
`918`	`918`	`}`
	`919`	`+ catch (TlsFatalAlertReceived e)`
	`920`	`+ {`
	`921`	`+// assert isFailed();`
	`922`	`+ throw e;`
	`923`	`+ }`
`919`	`924`	`catch (TlsFatalAlert e)`
`920`	`925`	`{`
`921`	`926`	`handleException(e.getAlertDescription(), "Failed to process record", e);`
`@@ -1917,6 +1922,11 @@ public boolean isConnected()`
`1917`	`1922`	`return null != context && context.isConnected();`
`1918`	`1923`	`}`
`1919`	`1924`
	`1925`	`+ public boolean isFailed()`
	`1926`	`+ {`
	`1927`	`+ return failed;`
	`1928`	`+ }`
	`1929`	`+`
`1920`	`1930`	`public boolean isHandshaking()`
`1921`	`1931`	`{`
`1922`	`1932`	`if (closed)`