You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2013/05/29 12:17:20 UTC
svn commit: r1487430 -
/tomcat/trunk/java/org/apache/tomcat/websocket/AsyncChannelWrapperSecure.java
Author: markt
Date: Wed May 29 10:17:20 2013
New Revision: 1487430
URL: http://svn.apache.org/r1487430
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=54997
Handle BUFFER_UNDERFLOW during SSL handshake.
Modified:
tomcat/trunk/java/org/apache/tomcat/websocket/AsyncChannelWrapperSecure.java
Modified: tomcat/trunk/java/org/apache/tomcat/websocket/AsyncChannelWrapperSecure.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/websocket/AsyncChannelWrapperSecure.java?rev=1487430&r1=1487429&r2=1487430&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/websocket/AsyncChannelWrapperSecure.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/websocket/AsyncChannelWrapperSecure.java Wed May 29 10:17:20 2013
@@ -317,6 +317,9 @@ public class AsyncChannelWrapperSecure i
private final WrapperFuture<Void,Void> hFuture;
+ private HandshakeStatus handshakeStatus;
+ private Status resultStatus;
+
public WebSocketSslHandshakeThread(WrapperFuture<Void,Void> hFuture) {
this.hFuture = hFuture;
}
@@ -328,8 +331,9 @@ public class AsyncChannelWrapperSecure i
// So the first compact does the right thing
socketReadBuffer.position(socketReadBuffer.limit());
- HandshakeStatus handshakeStatus =
- sslEngine.getHandshakeStatus();
+ handshakeStatus = sslEngine.getHandshakeStatus();
+ resultStatus = Status.OK;
+
boolean handshaking = true;
while(handshaking) {
@@ -338,7 +342,7 @@ public class AsyncChannelWrapperSecure i
socketWriteBuffer.clear();
SSLEngineResult r =
sslEngine.wrap(DUMMY, socketWriteBuffer);
- handshakeStatus = checkResult(r, true);
+ checkResult(r, true);
socketWriteBuffer.flip();
Future<Integer> fWrite =
socketChannel.write(socketWriteBuffer);
@@ -347,7 +351,8 @@ public class AsyncChannelWrapperSecure i
}
case NEED_UNWRAP: {
socketReadBuffer.compact();
- if (socketReadBuffer.position() == 0) {
+ if (socketReadBuffer.position() == 0 ||
+ resultStatus == Status.BUFFER_UNDERFLOW) {
Future<Integer> fRead =
socketChannel.read(socketReadBuffer);
fRead.get();
@@ -355,7 +360,7 @@ public class AsyncChannelWrapperSecure i
socketReadBuffer.flip();
SSLEngineResult r =
sslEngine.unwrap(socketReadBuffer, DUMMY);
- handshakeStatus = checkResult(r, false);
+ checkResult(r, false);
break;
}
case NEED_TASK: {
@@ -383,10 +388,14 @@ public class AsyncChannelWrapperSecure i
hFuture.complete(null);
}
- private HandshakeStatus checkResult(SSLEngineResult result,
- boolean wrap) throws SSLException {
+ private void checkResult(SSLEngineResult result, boolean wrap)
+ throws SSLException {
+
+ handshakeStatus = result.getHandshakeStatus();
+ resultStatus = result.getStatus();
- if (result.getStatus() != Status.OK) {
+ if (resultStatus != Status.OK &&
+ (wrap || resultStatus != Status.BUFFER_UNDERFLOW)) {
throw new SSLException("TODO");
}
if (wrap && result.bytesConsumed() != 0) {
@@ -395,7 +404,6 @@ public class AsyncChannelWrapperSecure i
if (!wrap && result.bytesProduced() != 0) {
throw new SSLException("TODO");
}
- return result.getHandshakeStatus();
}
}
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org