You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2018/12/14 12:44:13 UTC

svn commit: r1848935 - in /tomcat/trunk/java/org/apache/tomcat/util/net: LocalStrings.properties SecureNio2Channel.java

Author: markt
Date: Fri Dec 14 12:44:13 2018
New Revision: 1848935

URL: http://svn.apache.org/viewvc?rev=1848935&view=rev
Log:
Ensure TLS socket is closed when normal closure fails.

Modified:
    tomcat/trunk/java/org/apache/tomcat/util/net/LocalStrings.properties
    tomcat/trunk/java/org/apache/tomcat/util/net/SecureNio2Channel.java

Modified: tomcat/trunk/java/org/apache/tomcat/util/net/LocalStrings.properties
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/LocalStrings.properties?rev=1848935&r1=1848934&r2=1848935&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/util/net/LocalStrings.properties [UTF-8] (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/LocalStrings.properties [UTF-8] Fri Dec 14 12:44:13 2018
@@ -29,8 +29,8 @@ channel.nio.ssl.invalidStatus=Unexpected
 channel.nio.ssl.netInputNotEmpty=Network input buffer still contains data. Handshake will fail.
 channel.nio.ssl.netOutputNotEmpty=Network output buffer still contains data. Handshake will fail.
 channel.nio.ssl.notHandshaking=NOT_HANDSHAKING during handshake
-channel.nio.ssl.pendingWriteDuringClose=Pending write, so remaining data in the network buffer, can't send SSL close message, force a close with close(true) instead
-channel.nio.ssl.remainingDataDuringClose=Remaining data in the network buffer, can't send SSL close message, force a close with close(true) instead
+channel.nio.ssl.pendingWriteDuringClose=Pending write, so remaining data in the network buffer, can't send SSL close message, socket closed anyway
+channel.nio.ssl.remainingDataDuringClose=Remaining data in the network buffer, can't send SSL close message, socket closes anyway
 channel.nio.ssl.sniDefault=Unable to buffer enough data to determine requested SNI host name. Using default
 channel.nio.ssl.sniHostName=The SNI host name extracted for connection [{0}] was [{1}]
 channel.nio.ssl.timeoutDuringHandshake=Timeout during handshake.

Modified: tomcat/trunk/java/org/apache/tomcat/util/net/SecureNio2Channel.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/SecureNio2Channel.java?rev=1848935&r1=1848934&r2=1848935&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/util/net/SecureNio2Channel.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/SecureNio2Channel.java Fri Dec 14 12:44:13 2018
@@ -583,16 +583,20 @@ public class SecureNio2Channel extends N
         try {
             if (timeout > 0) {
                 if (!flush().get(timeout, TimeUnit.MILLISECONDS).booleanValue()) {
+                    closeSilently();
                     throw new IOException(sm.getString("channel.nio.ssl.remainingDataDuringClose"));
                 }
             } else {
                 if (!flush().get().booleanValue()) {
+                    closeSilently();
                     throw new IOException(sm.getString("channel.nio.ssl.remainingDataDuringClose"));
                 }
             }
         } catch (InterruptedException | ExecutionException | TimeoutException e) {
+            closeSilently();
             throw new IOException(sm.getString("channel.nio.ssl.remainingDataDuringClose"), e);
         } catch (WritePendingException e) {
+            closeSilently();
             throw new IOException(sm.getString("channel.nio.ssl.pendingWriteDuringClose"), e);
         }
         //prep the buffer for the close message
@@ -609,16 +613,20 @@ public class SecureNio2Channel extends N
         try {
             if (timeout > 0) {
                 if (!flush().get(timeout, TimeUnit.MILLISECONDS).booleanValue()) {
+                    closeSilently();
                     throw new IOException(sm.getString("channel.nio.ssl.remainingDataDuringClose"));
                 }
             } else {
                 if (!flush().get().booleanValue()) {
+                    closeSilently();
                     throw new IOException(sm.getString("channel.nio.ssl.remainingDataDuringClose"));
                 }
             }
         } catch (InterruptedException | ExecutionException | TimeoutException e) {
+            closeSilently();
             throw new IOException(sm.getString("channel.nio.ssl.remainingDataDuringClose"), e);
         } catch (WritePendingException e) {
+            closeSilently();
             throw new IOException(sm.getString("channel.nio.ssl.pendingWriteDuringClose"), e);
         }
 



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org