You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hc.apache.org by ol...@apache.org on 2013/12/04 22:07:43 UTC

svn commit: r1547915 - in /httpcomponents/httpcore/trunk: RELEASE_NOTES.txt httpcore-nio/src/main/java/org/apache/http/nio/reactor/ssl/SSLIOSession.java

Author: olegk
Date: Wed Dec  4 21:07:43 2013
New Revision: 1547915

URL: http://svn.apache.org/r1547915
Log:
HTTPCORE-366: Non-blocking SSLIOSession can enter an infinite loop if the underlying channel receives incoming data simultaneously with inactivity timeout

Modified:
    httpcomponents/httpcore/trunk/RELEASE_NOTES.txt
    httpcomponents/httpcore/trunk/httpcore-nio/src/main/java/org/apache/http/nio/reactor/ssl/SSLIOSession.java

Modified: httpcomponents/httpcore/trunk/RELEASE_NOTES.txt
URL: http://svn.apache.org/viewvc/httpcomponents/httpcore/trunk/RELEASE_NOTES.txt?rev=1547915&r1=1547914&r2=1547915&view=diff
==============================================================================
--- httpcomponents/httpcore/trunk/RELEASE_NOTES.txt (original)
+++ httpcomponents/httpcore/trunk/RELEASE_NOTES.txt Wed Dec  4 21:07:43 2013
@@ -1,6 +1,10 @@
 Changes since 4.3
 -------------------
 
+* [HTTPCORE-366] Non-blocking SSLIOSession can enter an infinite loop if the underlying
+  channel receives incoming data simultaneously with inactivity timeout.
+  Contributed by Oleg Kalnichevski <olegk at apache.org>
+
 * [HTTPCORE-364] IOSessionImpl.getLocalAddress() (etc.) creates unnecessary copy of channel
 
 * DefaultConnectingIOReactor / DefaultListeningIOReactor do not correctly apply some initial 

Modified: httpcomponents/httpcore/trunk/httpcore-nio/src/main/java/org/apache/http/nio/reactor/ssl/SSLIOSession.java
URL: http://svn.apache.org/viewvc/httpcomponents/httpcore/trunk/httpcore-nio/src/main/java/org/apache/http/nio/reactor/ssl/SSLIOSession.java?rev=1547915&r1=1547914&r2=1547915&view=diff
==============================================================================
--- httpcomponents/httpcore/trunk/httpcore-nio/src/main/java/org/apache/http/nio/reactor/ssl/SSLIOSession.java (original)
+++ httpcomponents/httpcore/trunk/httpcore-nio/src/main/java/org/apache/http/nio/reactor/ssl/SSLIOSession.java Wed Dec  4 21:07:43 2013
@@ -262,6 +262,12 @@ public class SSLIOSession implements IOS
                 this.inEncrypted.flip();
                 result = doUnwrap(this.inEncrypted, this.inPlain);
                 this.inEncrypted.compact();
+                if (!this.inEncrypted.hasRemaining() && result.getHandshakeStatus() == HandshakeStatus.NEED_UNWRAP) {
+                    throw new SSLException("Input buffer is full");
+                }
+                if (this.status >= IOSession.CLOSING) {
+                    this.inPlain.clear();
+                }
                 if (result.getStatus() != Status.OK) {
                     handshaking = false;
                 }
@@ -352,6 +358,9 @@ public class SSLIOSession implements IOS
             this.inEncrypted.flip();
             final SSLEngineResult result = doUnwrap(this.inEncrypted, this.inPlain);
             this.inEncrypted.compact();
+            if (!this.inEncrypted.hasRemaining() && result.getHandshakeStatus() == HandshakeStatus.NEED_UNWRAP) {
+                throw new SSLException("Input buffer is full");
+            }
             if (result.getStatus() == Status.OK) {
                 decrypted = true;
             } else {