You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by re...@apache.org on 2019/03/07 19:50:06 UTC
[tomcat] branch master updated: SSL engines need additional buffer
space on input
This is an automated email from the ASF dual-hosted git repository.
remm pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/master by this push:
new 9e4932c SSL engines need additional buffer space on input
9e4932c is described below
commit 9e4932c7f051af389429cc754d913db325d8aed1
Author: remm <re...@apache.org>
AuthorDate: Thu Mar 7 20:49:56 2019 +0100
SSL engines need additional buffer space on input
Ideally, I will refactor this to make it transparent, most likely the
main input buffer can be used as an extra overflow buffer. The value
comes from JSSE, while OpenSSL uses 16KB. Same behavior for both
engines.
---
java/org/apache/coyote/http2/Http2AsyncParser.java | 6 +++++-
webapps/docs/changelog.xml | 3 +++
2 files changed, 8 insertions(+), 1 deletion(-)
diff --git a/java/org/apache/coyote/http2/Http2AsyncParser.java b/java/org/apache/coyote/http2/Http2AsyncParser.java
index 92531bf..7bd24df 100644
--- a/java/org/apache/coyote/http2/Http2AsyncParser.java
+++ b/java/org/apache/coyote/http2/Http2AsyncParser.java
@@ -42,7 +42,11 @@ class Http2AsyncParser extends Http2Parser {
socketWrapper.getSocketBufferHandler().expand(input.getMaxFrameSize());
this.upgradeHandler = upgradeHandler;
header = ByteBuffer.allocate(9);
- framePaylod = ByteBuffer.allocate(input.getMaxFrameSize());
+ int frameBufferSize = input.getMaxFrameSize();
+ if (socketWrapper.isSecure()) {
+ frameBufferSize += 16676;
+ }
+ framePaylod = ByteBuffer.allocate(frameBufferSize);
}
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 47b7b59..db7a05f 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -134,6 +134,9 @@
<bug>63223</bug>: Correctly account for push requests when tracking
currently active HTTP/2 streams. (markt)
</fix>
+ <fix>
+ Ensure enough buffer space when using TLS with NIO2 and HTTP/2. (remm)
+ </fix>
</changelog>
</subsection>
<subsection name="WebSocket">
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org