You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@mina.apache.org by "Dimitar Mavrodiev (Created) (JIRA)" <ji...@apache.org> on 2011/12/19 17:09:30 UTC

[jira] [Created] (DIRMINA-880) Implementation of SslFilter#isCloseNotify() is incorrect

Implementation of SslFilter#isCloseNotify() is incorrect
--------------------------------------------------------

                 Key: DIRMINA-880
                 URL: https://issues.apache.org/jira/browse/DIRMINA-880
             Project: MINA
          Issue Type: Bug
          Components: Filter
    Affects Versions: 2.0.4
         Environment: RHEL 5.6
            Reporter: Dimitar Mavrodiev
            Priority: Minor


SslFilter#isCloseNotify() shouldn't probe for the 4th byte as its value may vary. Current implementation doesn't also cover SSL 3.0/TLS 1.1/TLS 1.2. I've created a patch that I believe has it right. Note that probes for SSL 2.0 are intentionally excluded as SSL 2.0 use has been prohibited by RFC 6176.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

[jira] [Resolved] (DIRMINA-880) Implementation of SslFilter#isCloseNotify() is incorrect

Posted by "Emmanuel Lecharny (Resolved) (JIRA)" <ji...@apache.org>.

     [ https://issues.apache.org/jira/browse/DIRMINA-880?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Emmanuel Lecharny resolved DIRMINA-880.
---------------------------------------

       Resolution: Fixed
    Fix Version/s: 2.0.5
         Assignee: Emmanuel Lecharny

ixed with http://svn.apache.org/viewvc?rev=1221052&view=rev
                
> Implementation of SslFilter#isCloseNotify() is incorrect
> --------------------------------------------------------
>
>                 Key: DIRMINA-880
>                 URL: https://issues.apache.org/jira/browse/DIRMINA-880
>             Project: MINA
>          Issue Type: Bug
>          Components: Filter
>    Affects Versions: 2.0.4
>         Environment: RHEL 5.6
>            Reporter: Dimitar Mavrodiev
>            Assignee: Emmanuel Lecharny
>            Priority: Minor
>             Fix For: 2.0.5
>
>         Attachments: isCloseNotify.patch
>
>
> SslFilter#isCloseNotify() shouldn't probe for the 4th byte as its value may vary. Current implementation doesn't also cover SSL 3.0/TLS 1.1/TLS 1.2. I've created a patch that I believe has it right. Note that probes for SSL 2.0 are intentionally excluded as SSL 2.0 use has been prohibited by RFC 6176.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

[jira] [Commented] (DIRMINA-880) Implementation of SslFilter#isCloseNotify() is incorrect

Posted by "Emmanuel Lecharny (Commented) (JIRA)" <ji...@apache.org>.

    [ https://issues.apache.org/jira/browse/DIRMINA-880?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13172787#comment-13172787 ] 

Emmanuel Lecharny commented on DIRMINA-880:
-------------------------------------------

You are correct. I'll apply the patch.

Many thanks !
                
> Implementation of SslFilter#isCloseNotify() is incorrect
> --------------------------------------------------------
>
>                 Key: DIRMINA-880
>                 URL: https://issues.apache.org/jira/browse/DIRMINA-880
>             Project: MINA
>          Issue Type: Bug
>          Components: Filter
>    Affects Versions: 2.0.4
>         Environment: RHEL 5.6
>            Reporter: Dimitar Mavrodiev
>            Priority: Minor
>         Attachments: isCloseNotify.patch
>
>
> SslFilter#isCloseNotify() shouldn't probe for the 4th byte as its value may vary. Current implementation doesn't also cover SSL 3.0/TLS 1.1/TLS 1.2. I've created a patch that I believe has it right. Note that probes for SSL 2.0 are intentionally excluded as SSL 2.0 use has been prohibited by RFC 6176.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

[jira] [Updated] (DIRMINA-880) Implementation of SslFilter#isCloseNotify() is incorrect

Posted by "Dimitar Mavrodiev (Updated) (JIRA)" <ji...@apache.org>.

     [ https://issues.apache.org/jira/browse/DIRMINA-880?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Dimitar Mavrodiev updated DIRMINA-880:
--------------------------------------

    Attachment: isCloseNotify.patch

isCloseNotify() fix
                
> Implementation of SslFilter#isCloseNotify() is incorrect
> --------------------------------------------------------
>
>                 Key: DIRMINA-880
>                 URL: https://issues.apache.org/jira/browse/DIRMINA-880
>             Project: MINA
>          Issue Type: Bug
>          Components: Filter
>    Affects Versions: 2.0.4
>         Environment: RHEL 5.6
>            Reporter: Dimitar Mavrodiev
>            Priority: Minor
>         Attachments: isCloseNotify.patch
>
>
> SslFilter#isCloseNotify() shouldn't probe for the 4th byte as its value may vary. Current implementation doesn't also cover SSL 3.0/TLS 1.1/TLS 1.2. I've created a patch that I believe has it right. Note that probes for SSL 2.0 are intentionally excluded as SSL 2.0 use has been prohibited by RFC 6176.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira