You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hc.apache.org by ol...@apache.org on 2013/12/04 22:07:43 UTC
svn commit: r1547915 - in /httpcomponents/httpcore/trunk: RELEASE_NOTES.txt
httpcore-nio/src/main/java/org/apache/http/nio/reactor/ssl/SSLIOSession.java
Author: olegk
Date: Wed Dec 4 21:07:43 2013
New Revision: 1547915
URL: http://svn.apache.org/r1547915
Log:
HTTPCORE-366: Non-blocking SSLIOSession can enter an infinite loop if the underlying channel receives incoming data simultaneously with inactivity timeout
Modified:
httpcomponents/httpcore/trunk/RELEASE_NOTES.txt
httpcomponents/httpcore/trunk/httpcore-nio/src/main/java/org/apache/http/nio/reactor/ssl/SSLIOSession.java
Modified: httpcomponents/httpcore/trunk/RELEASE_NOTES.txt
URL: http://svn.apache.org/viewvc/httpcomponents/httpcore/trunk/RELEASE_NOTES.txt?rev=1547915&r1=1547914&r2=1547915&view=diff
==============================================================================
--- httpcomponents/httpcore/trunk/RELEASE_NOTES.txt (original)
+++ httpcomponents/httpcore/trunk/RELEASE_NOTES.txt Wed Dec 4 21:07:43 2013
@@ -1,6 +1,10 @@
Changes since 4.3
-------------------
+* [HTTPCORE-366] Non-blocking SSLIOSession can enter an infinite loop if the underlying
+ channel receives incoming data simultaneously with inactivity timeout.
+ Contributed by Oleg Kalnichevski <olegk at apache.org>
+
* [HTTPCORE-364] IOSessionImpl.getLocalAddress() (etc.) creates unnecessary copy of channel
* DefaultConnectingIOReactor / DefaultListeningIOReactor do not correctly apply some initial
Modified: httpcomponents/httpcore/trunk/httpcore-nio/src/main/java/org/apache/http/nio/reactor/ssl/SSLIOSession.java
URL: http://svn.apache.org/viewvc/httpcomponents/httpcore/trunk/httpcore-nio/src/main/java/org/apache/http/nio/reactor/ssl/SSLIOSession.java?rev=1547915&r1=1547914&r2=1547915&view=diff
==============================================================================
--- httpcomponents/httpcore/trunk/httpcore-nio/src/main/java/org/apache/http/nio/reactor/ssl/SSLIOSession.java (original)
+++ httpcomponents/httpcore/trunk/httpcore-nio/src/main/java/org/apache/http/nio/reactor/ssl/SSLIOSession.java Wed Dec 4 21:07:43 2013
@@ -262,6 +262,12 @@ public class SSLIOSession implements IOS
this.inEncrypted.flip();
result = doUnwrap(this.inEncrypted, this.inPlain);
this.inEncrypted.compact();
+ if (!this.inEncrypted.hasRemaining() && result.getHandshakeStatus() == HandshakeStatus.NEED_UNWRAP) {
+ throw new SSLException("Input buffer is full");
+ }
+ if (this.status >= IOSession.CLOSING) {
+ this.inPlain.clear();
+ }
if (result.getStatus() != Status.OK) {
handshaking = false;
}
@@ -352,6 +358,9 @@ public class SSLIOSession implements IOS
this.inEncrypted.flip();
final SSLEngineResult result = doUnwrap(this.inEncrypted, this.inPlain);
this.inEncrypted.compact();
+ if (!this.inEncrypted.hasRemaining() && result.getHandshakeStatus() == HandshakeStatus.NEED_UNWRAP) {
+ throw new SSLException("Input buffer is full");
+ }
if (result.getStatus() == Status.OK) {
decrypted = true;
} else {