directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Vinod Panicker <vino...@gmail.com>
Subject Re: [mina] SSLFilter race condition
Date Thu, 01 Sep 2005 16:10:30 GMT
On 9/1/05, Trustin Lee <trustin@gmail.com> wrote:
> Hi, 
> 
> 2005/9/1, Julien Vermillard <jvermillard@archean.fr>:
> > > Any possible solutions?  I've not opened a JIRA issue as yet coz I
> > > wanted to make sure that this cant be handled by the application and
> > > has to be done in MINA.
> > 
> > A solution whould be to install the filter, then send the ACK of the SSL 
> > installation to the client by by-passing the "just installed" SSL
> > filter, I'm not sure it's possible. Without that you will need to tweak
> > a delay before the client start the SSL handshaking for avoiding the 
> > receptino of the first SSL bytes before the IoHandler being ready :( I
> > think it should go to JIRA no ? Installing a filter should lock the
> > processing of incoming/outgoing buffers ?
> 
>  Sounds like a good quick-fix. But how can we bypass?  We'll have to make
> SSLFilter can detect ACK data and bypass it, but I think ACK data can be
> different among implementations.  So we need other way to bypass it.
>  
>  Let me think....
>  
>  We could create a wrapped ByteBuffer whose type is 'SSLBypassByteBuffer' so
> that SSLFilter can bypass it.  WDYT?

Bypassing is not an option in my case since its a standards based
implementation.  I won't be talking to a MINA implementation at the
other end.  I'm taking a look at DIRMINA-2.  If I can, I'll surely
help out.  This is a blocker for me currently.

Regards,
Vinod.

Mime
View raw message