You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by tr...@apache.org on 2005/03/25 02:54:19 UTC
svn commit: r158978 -
directory/network/trunk/src/java/org/apache/mina/io/filter/SSLByteBufferPool.java
directory/network/trunk/src/java/org/apache/mina/io/filter/SSLFilter.java
directory/network/trunk/src/java/org/apache/mina/io/filter/SSLHandler.java
Author: trustin
Date: Thu Mar 24 17:54:19 2005
New Revision: 158978
URL: http://svn.apache.org/viewcvs?view=rev&rev=158978
Log:
Applied Janne's SSLFilter fixes
Modified:
directory/network/trunk/src/java/org/apache/mina/io/filter/SSLByteBufferPool.java
directory/network/trunk/src/java/org/apache/mina/io/filter/SSLFilter.java
directory/network/trunk/src/java/org/apache/mina/io/filter/SSLHandler.java
Modified: directory/network/trunk/src/java/org/apache/mina/io/filter/SSLByteBufferPool.java
URL: http://svn.apache.org/viewcvs/directory/network/trunk/src/java/org/apache/mina/io/filter/SSLByteBufferPool.java?view=diff&r1=158977&r2=158978
==============================================================================
--- directory/network/trunk/src/java/org/apache/mina/io/filter/SSLByteBufferPool.java (original)
+++ directory/network/trunk/src/java/org/apache/mina/io/filter/SSLByteBufferPool.java Thu Mar 24 17:54:19 2005
@@ -71,12 +71,8 @@
}
// init buffer sizes from SSLEngine
- // Janne: The problem we found is in SSLHandler.doEncrypt() or
- // more correctly how we use sslEngine.wrap(). If the passed src
- // ByteBuffer is larger than 16 kbytes only 16 kbytes will be
- // encrypted!
- packetBufferSize = sslEngine.getSession().getPacketBufferSize() * 2;
-
+ packetBufferSize = sslEngine.getSession().getPacketBufferSize();
+
// application buffer size has been doubled because SSLEngine
// returns BUFFER_OVERFLOW even if there is enough room for the buffer.
// So I doubled the size as a workaround.
@@ -96,7 +92,7 @@
{
throw new IllegalStateException( "Not initialized" );
}
- return get( PACKET_BUFFER_INDEX );
+ return allocate( PACKET_BUFFER_INDEX );
}
/**
@@ -109,13 +105,13 @@
{
throw new IllegalStateException( "Not initialized" );
}
- return get( APPLICATION_BUFFER_INDEX );
+ return allocate( APPLICATION_BUFFER_INDEX );
}
/**
- * Get the buffer which is capable of the specified size.
+ * Allocate or get the buffer which is capable of the specified size.
*/
- private static ByteBuffer get( int idx )
+ private static ByteBuffer allocate( int idx )
{
Stack stack = bufferStacks[ idx ];
@@ -134,17 +130,33 @@
}
/**
- * Returns the specified buffer to buffer pool.
+ * Releases the specified buffer to buffer pool.
*/
- public static void put( ByteBuffer buf )
+ public static void release( ByteBuffer buf )
{
- Stack stack = bufferStacks[ getBufferStackIndex( buf.capacity() ) ];
- synchronized( stack )
- {
- stack.push( buf );
+ int stackIndex =getBufferStackIndex( buf.capacity() );
+ if ( stackIndex >= PACKET_BUFFER_INDEX ) {
+ Stack stack = bufferStacks[getBufferStackIndex( buf.capacity() )];
+ synchronized ( stack ) {
+ stack.push( buf );
+ }
}
}
+ /**
+ * Expand size of provided buffer
+ * @param buf buffer to be expande
+ * @param newCapacity new capacity
+ */
+ public static ByteBuffer expandBuffer( ByteBuffer buf, int newCapacity )
+ {
+ ByteBuffer newBuf = createBuffer( newCapacity );
+ buf.flip();
+ newBuf.put( buf );
+ release(buf);
+ return newBuf;
+ }
+
private static void initiateBufferStacks()
{
bufferStackSizes = new int[ 2 ];
@@ -158,7 +170,7 @@
return PACKET_BUFFER_INDEX;
if( size == appBufferSize )
return APPLICATION_BUFFER_INDEX;
- throw new IllegalArgumentException( "Unknown buffer size: " + size );
+ return -1; // not reused
}
private static ByteBuffer createBuffer( int capacity )
Modified: directory/network/trunk/src/java/org/apache/mina/io/filter/SSLFilter.java
URL: http://svn.apache.org/viewcvs/directory/network/trunk/src/java/org/apache/mina/io/filter/SSLFilter.java?view=diff&r1=158977&r2=158978
==============================================================================
--- directory/network/trunk/src/java/org/apache/mina/io/filter/SSLFilter.java (original)
+++ directory/network/trunk/src/java/org/apache/mina/io/filter/SSLFilter.java Thu Mar 24 17:54:19 2005
@@ -157,8 +157,7 @@
{
if( debug != null )
{
- debug.print( "Data Read: " + sslHandler + " ("
- + buf.getHexDump() + ')' );
+ debug.print( "Data Read: " + sslHandler + " (" + buf+ ')' );
}
synchronized( sslHandler )
{
@@ -243,8 +242,7 @@
if( debug != null )
{
- debug.print( "encrypted data: "
- + encryptedBuffer.getHexDump() );
+ debug.print( "encrypted buf: " + encryptedBuffer);
}
buf.release();
nextFilter.filterWrite( session, encryptedBuffer, marker );
Modified: directory/network/trunk/src/java/org/apache/mina/io/filter/SSLHandler.java
URL: http://svn.apache.org/viewcvs/directory/network/trunk/src/java/org/apache/mina/io/filter/SSLHandler.java?view=diff&r1=158977&r2=158978
==============================================================================
--- directory/network/trunk/src/java/org/apache/mina/io/filter/SSLHandler.java (original)
+++ directory/network/trunk/src/java/org/apache/mina/io/filter/SSLHandler.java Thu Mar 24 17:54:19 2005
@@ -156,6 +156,16 @@
*/
public void dataRead( ByteBuffer buf ) throws SSLException
{
+ if ( buf.limit() > inNetBuffer.remaining() ) {
+ // We have to expand inNetBuffer
+ inNetBuffer = SSLByteBufferPool.expandBuffer( inNetBuffer,
+ 2 * (inNetBuffer.position() + buf.limit()) );
+ if( parent.debug != null )
+ {
+ parent.debug.print("expanded inNetBuffer:" + inNetBuffer);
+ }
+ }
+
// append buf to inNetBuffer
inNetBuffer.put( buf );
if( !initialHandshakeComplete )
@@ -231,9 +241,9 @@
*/
public void release()
{
- SSLByteBufferPool.put( appBuffer );
- SSLByteBufferPool.put( inNetBuffer );
- SSLByteBufferPool.put( outNetBuffer );
+ SSLByteBufferPool.release( appBuffer );
+ SSLByteBufferPool.release( inNetBuffer );
+ SSLByteBufferPool.release( outNetBuffer );
}
/**
@@ -289,22 +299,31 @@
SSLEngineResult result;
// Loop until there is no more data in src
- while(src.hasRemaining())
- {
- result = sslEngine.wrap( src, outNetBuffer );
+ while ( src.hasRemaining() ) {
- if( result.getStatus() == SSLEngineResult.Status.OK )
- {
- if( result.getHandshakeStatus() == SSLEngineResult.HandshakeStatus.NEED_TASK )
- {
- doTasks();
- }
- }
- else
- {
- throw new SSLException( "SSLEngine error during encrypt: "
- + result.getStatus() );
- }
+ if ( src.limit() > ( outNetBuffer.remaining() / 2 ) ) {
+ // We have to expand outNetBuffer
+ // Note: there is no way to know the exact size required, but enrypted data
+ // shouln't need to be larger than twice the source data size?
+ outNetBuffer = SSLByteBufferPool.expandBuffer( outNetBuffer, src.limit() * 2 );
+ if ( parent.debug != null ) {
+ parent.debug.print( "expanded outNetBuffer:" + outNetBuffer );
+ }
+ }
+
+ result = sslEngine.wrap( src, outNetBuffer );
+ if ( parent.debug != null ) {
+ parent.debug.print( "Wrap res:" + result );
+ }
+
+ if ( result.getStatus() == SSLEngineResult.Status.OK ) {
+ if ( result.getHandshakeStatus() == SSLEngineResult.HandshakeStatus.NEED_TASK ) {
+ doTasks();
+ }
+ } else {
+ throw new SSLException( "SSLEngine error during encrypt: "
+ + result.getStatus() );
+ }
}
outNetBuffer.flip();