You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by re...@apache.org on 2019/03/07 19:50:06 UTC

[tomcat] branch master updated: SSL engines need additional buffer space on input

This is an automated email from the ASF dual-hosted git repository.

remm pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/master by this push:
     new 9e4932c  SSL engines need additional buffer space on input
9e4932c is described below

commit 9e4932c7f051af389429cc754d913db325d8aed1
Author: remm <re...@apache.org>
AuthorDate: Thu Mar 7 20:49:56 2019 +0100

    SSL engines need additional buffer space on input
    
    Ideally, I will refactor this to make it transparent, most likely the
    main input buffer can be used as an extra overflow buffer. The value
    comes from JSSE, while OpenSSL uses 16KB. Same behavior for both
    engines.
---
 java/org/apache/coyote/http2/Http2AsyncParser.java | 6 +++++-
 webapps/docs/changelog.xml                         | 3 +++
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/java/org/apache/coyote/http2/Http2AsyncParser.java b/java/org/apache/coyote/http2/Http2AsyncParser.java
index 92531bf..7bd24df 100644
--- a/java/org/apache/coyote/http2/Http2AsyncParser.java
+++ b/java/org/apache/coyote/http2/Http2AsyncParser.java
@@ -42,7 +42,11 @@ class Http2AsyncParser extends Http2Parser {
         socketWrapper.getSocketBufferHandler().expand(input.getMaxFrameSize());
         this.upgradeHandler = upgradeHandler;
         header = ByteBuffer.allocate(9);
-        framePaylod = ByteBuffer.allocate(input.getMaxFrameSize());
+        int frameBufferSize = input.getMaxFrameSize();
+        if (socketWrapper.isSecure()) {
+            frameBufferSize += 16676;
+        }
+        framePaylod = ByteBuffer.allocate(frameBufferSize);
     }
 
 
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 47b7b59..db7a05f 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -134,6 +134,9 @@
         <bug>63223</bug>: Correctly account for push requests when tracking
         currently active HTTP/2 streams. (markt)
       </fix>
+      <fix>
+        Ensure enough buffer space when using TLS with NIO2 and HTTP/2. (remm)
+      </fix>
     </changelog>
   </subsection>
   <subsection name="WebSocket">


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org