You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@mina.apache.org by el...@apache.org on 2019/04/09 07:26:50 UTC
[mina] 03/03: Fixed some SSL code
This is an automated email from the ASF dual-hosted git repository.
elecharny pushed a commit to branch mina-write-request
in repository https://gitbox.apache.org/repos/asf/mina.git
commit 73e881ad935e5aa6080b90585ac8dc8ddfc377e1
Author: emmanuel lecharny <el...@apache.org>
AuthorDate: Tue Apr 9 09:26:43 2019 +0200
Fixed some SSL code
---
.../java/org/apache/mina/filter/ssl/SslFilter.java | 2 +-
.../org/apache/mina/filter/ssl/SslHandler.java | 34 +++++++++++++++++++---
.../java/org/apache/mina/filter/ssl/SslTest.java | 1 -
3 files changed, 31 insertions(+), 6 deletions(-)
diff --git a/mina-core/src/main/java/org/apache/mina/filter/ssl/SslFilter.java b/mina-core/src/main/java/org/apache/mina/filter/ssl/SslFilter.java
index 2638f0c..7fc2591 100644
--- a/mina-core/src/main/java/org/apache/mina/filter/ssl/SslFilter.java
+++ b/mina-core/src/main/java/org/apache/mina/filter/ssl/SslFilter.java
@@ -857,7 +857,7 @@ public class SslFilter extends IoFilterAdapter {
* message, but not for handshake messages, which will be swallowed.
*
*/
- private static class EncryptedWriteRequest extends DefaultWriteRequest {
+ /* package protected */ static class EncryptedWriteRequest extends DefaultWriteRequest {
// Thee encrypted messagee
private final IoBuffer encryptedMessage;
diff --git a/mina-core/src/main/java/org/apache/mina/filter/ssl/SslHandler.java b/mina-core/src/main/java/org/apache/mina/filter/ssl/SslHandler.java
index cbc6bd6..3da0fe4 100644
--- a/mina-core/src/main/java/org/apache/mina/filter/ssl/SslHandler.java
+++ b/mina-core/src/main/java/org/apache/mina/filter/ssl/SslHandler.java
@@ -33,6 +33,7 @@ import javax.net.ssl.SSLEngineResult.Status;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLHandshakeException;
+import org.apache.mina.core.RuntimeIoException;
import org.apache.mina.core.buffer.IoBuffer;
import org.apache.mina.core.filterchain.IoFilter.NextFilter;
import org.apache.mina.core.filterchain.IoFilterEvent;
@@ -42,6 +43,7 @@ import org.apache.mina.core.session.IoEventType;
import org.apache.mina.core.session.IoSession;
import org.apache.mina.core.write.DefaultWriteRequest;
import org.apache.mina.core.write.WriteRequest;
+import org.apache.mina.filter.ssl.SslFilter.EncryptedWriteRequest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -528,9 +530,34 @@ class SslHandler {
* UNDERFLOW - Need to read more data from the socket. It's normal.
* CLOSED - The other peer closed the socket. Also normal.
*/
- if (status == SSLEngineResult.Status.BUFFER_OVERFLOW) {
- throw new SSLException("SSLEngine error during decrypt: " + status + " inNetBuffer: " + inNetBuffer
+ switch (status) {
+ case BUFFER_OVERFLOW:
+ throw new SSLException("SSLEngine error during decrypt: " + status + " inNetBuffer: " + inNetBuffer
+ "appBuffer: " + appBuffer);
+ case CLOSED:
+ Exception exception =new RuntimeIoException("SSL/TLS close_notify received");
+
+ // Empty the Ssl queue
+ for (IoFilterEvent event:filterWriteEventQueue) {
+ EncryptedWriteRequest writeRequest = (EncryptedWriteRequest)event.getParameter();
+ WriteFuture writeFuture = writeRequest.getParentRequest().getFuture();
+ writeFuture.setException(exception);
+ writeFuture.notifyAll();
+ }
+
+ // Empty the session queue
+ while (!session.getWriteRequestQueue().isEmpty(session)) {
+ WriteRequest writeRequest = session.getWriteRequestQueue().poll( session );
+ WriteFuture writeFuture = writeRequest.getFuture();
+ writeFuture.setException(exception);
+ writeFuture.notifyAll();
+ }
+
+ // We *must* shutdown session
+ session.closeNow();
+ break;
+ default:
+ break;
}
}
@@ -595,8 +622,7 @@ class SslHandler {
}
// First make sure that the out buffer is completely empty.
- // Since we
- // cannot call wrap with data left on the buffer
+ // Since we cannot call wrap with data left on the buffer
if (outNetBuffer != null && outNetBuffer.hasRemaining()) {
return;
}
diff --git a/mina-core/src/test/java/org/apache/mina/filter/ssl/SslTest.java b/mina-core/src/test/java/org/apache/mina/filter/ssl/SslTest.java
index 23d7fd8..e61bad6 100644
--- a/mina-core/src/test/java/org/apache/mina/filter/ssl/SslTest.java
+++ b/mina-core/src/test/java/org/apache/mina/filter/ssl/SslTest.java
@@ -152,7 +152,6 @@ public class SslTest {
String line = in.readLine();
//System.out.println("Client got: " + line);
socket.close();
-
}
private static SSLContext createSSLContext() throws IOException, GeneralSecurityException {