You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by tr...@apache.org on 2005/12/07 06:02:40 UTC

svn commit: r354712 - in /directory/network/trunk/src/java/org/apache/mina/filter/support: SSLByteBufferPool.java SSLHandler.java

Author: trustin
Date: Tue Dec  6 21:02:35 2005
New Revision: 354712

URL: http://svn.apache.org/viewcvs?rev=354712&view=rev
Log:
DIRMINA-130 (SSLFilter has to dispose SSLEngine when the filter is removed from a chain.)
* More cleanup code for security

Modified:
    directory/network/trunk/src/java/org/apache/mina/filter/support/SSLByteBufferPool.java
    directory/network/trunk/src/java/org/apache/mina/filter/support/SSLHandler.java

Modified: directory/network/trunk/src/java/org/apache/mina/filter/support/SSLByteBufferPool.java
URL: http://svn.apache.org/viewcvs/directory/network/trunk/src/java/org/apache/mina/filter/support/SSLByteBufferPool.java?rev=354712&r1=354711&r2=354712&view=diff
==============================================================================
--- directory/network/trunk/src/java/org/apache/mina/filter/support/SSLByteBufferPool.java (original)
+++ directory/network/trunk/src/java/org/apache/mina/filter/support/SSLByteBufferPool.java Tue Dec  6 21:02:35 2005
@@ -134,6 +134,9 @@
      */
     public static void release( ByteBuffer buf )
     {
+        // Sweep buffer for security.
+        org.apache.mina.common.ByteBuffer.wrap( buf ).sweep().release();
+
         int stackIndex =getBufferStackIndex( buf.capacity() );
         if ( stackIndex >= PACKET_BUFFER_INDEX ) {
             Stack stack = bufferStacks[getBufferStackIndex( buf.capacity() )];

Modified: directory/network/trunk/src/java/org/apache/mina/filter/support/SSLHandler.java
URL: http://svn.apache.org/viewcvs/directory/network/trunk/src/java/org/apache/mina/filter/support/SSLHandler.java?rev=354712&r1=354711&r2=354712&view=diff
==============================================================================
--- directory/network/trunk/src/java/org/apache/mina/filter/support/SSLHandler.java (original)
+++ directory/network/trunk/src/java/org/apache/mina/filter/support/SSLHandler.java Tue Dec  6 21:02:35 2005
@@ -157,11 +157,30 @@
             return;
         }
 
+        // Close inbound and flush all remaining data if available.
+        try
+        {
+            sslEngine.closeInbound();
+            do
+            {
+                outNetBuffer.clear();
+            }
+            while( sslEngine.wrap( hsBB, outNetBuffer ).bytesProduced() > 0 );
+        }
+        catch( SSLException e )
+        {
+            SessionLog.warn(
+                    session,
+                    "Unexpected exception from SSLEngine.closeInbound(message).",
+                    e );
+        }
+        sslEngine.closeOutbound();
+        sslEngine = null;
+        
         SSLByteBufferPool.release( appBuffer );
         SSLByteBufferPool.release( inNetBuffer );
         SSLByteBufferPool.release( outNetBuffer );
         scheduledWrites.clear();
-        sslEngine = null;
     }
 
     public SSLFilter getParent()