You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by tr...@apache.org on 2005/12/07 06:02:40 UTC
svn commit: r354712 - in
/directory/network/trunk/src/java/org/apache/mina/filter/support:
SSLByteBufferPool.java SSLHandler.java
Author: trustin
Date: Tue Dec 6 21:02:35 2005
New Revision: 354712
URL: http://svn.apache.org/viewcvs?rev=354712&view=rev
Log:
DIRMINA-130 (SSLFilter has to dispose SSLEngine when the filter is removed from a chain.)
* More cleanup code for security
Modified:
directory/network/trunk/src/java/org/apache/mina/filter/support/SSLByteBufferPool.java
directory/network/trunk/src/java/org/apache/mina/filter/support/SSLHandler.java
Modified: directory/network/trunk/src/java/org/apache/mina/filter/support/SSLByteBufferPool.java
URL: http://svn.apache.org/viewcvs/directory/network/trunk/src/java/org/apache/mina/filter/support/SSLByteBufferPool.java?rev=354712&r1=354711&r2=354712&view=diff
==============================================================================
--- directory/network/trunk/src/java/org/apache/mina/filter/support/SSLByteBufferPool.java (original)
+++ directory/network/trunk/src/java/org/apache/mina/filter/support/SSLByteBufferPool.java Tue Dec 6 21:02:35 2005
@@ -134,6 +134,9 @@
*/
public static void release( ByteBuffer buf )
{
+ // Sweep buffer for security.
+ org.apache.mina.common.ByteBuffer.wrap( buf ).sweep().release();
+
int stackIndex =getBufferStackIndex( buf.capacity() );
if ( stackIndex >= PACKET_BUFFER_INDEX ) {
Stack stack = bufferStacks[getBufferStackIndex( buf.capacity() )];
Modified: directory/network/trunk/src/java/org/apache/mina/filter/support/SSLHandler.java
URL: http://svn.apache.org/viewcvs/directory/network/trunk/src/java/org/apache/mina/filter/support/SSLHandler.java?rev=354712&r1=354711&r2=354712&view=diff
==============================================================================
--- directory/network/trunk/src/java/org/apache/mina/filter/support/SSLHandler.java (original)
+++ directory/network/trunk/src/java/org/apache/mina/filter/support/SSLHandler.java Tue Dec 6 21:02:35 2005
@@ -157,11 +157,30 @@
return;
}
+ // Close inbound and flush all remaining data if available.
+ try
+ {
+ sslEngine.closeInbound();
+ do
+ {
+ outNetBuffer.clear();
+ }
+ while( sslEngine.wrap( hsBB, outNetBuffer ).bytesProduced() > 0 );
+ }
+ catch( SSLException e )
+ {
+ SessionLog.warn(
+ session,
+ "Unexpected exception from SSLEngine.closeInbound(message).",
+ e );
+ }
+ sslEngine.closeOutbound();
+ sslEngine = null;
+
SSLByteBufferPool.release( appBuffer );
SSLByteBufferPool.release( inNetBuffer );
SSLByteBufferPool.release( outNetBuffer );
scheduledWrites.clear();
- sslEngine = null;
}
public SSLFilter getParent()