directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rodrigo Kumpera <kump...@gmail.com>
Subject Re: [mina] SSLFilter race condition: Take #2
Date Thu, 13 Oct 2005 14:07:53 GMT
I think this kind of problem will be present in many more situations
than just SSL. The situation, if I understand correctly, it's a state
transition in the way the stream must be processed.

The scenario is the following:

1-client send start-tls
2-server receive the packet
3-server install a ssl filter and send tls-ok back to client

The problems are that 'tls-ok' must be sent unencrypted and if the
client is pipelining* requests the tls handshare

*I stole the term pipelining from http, meaning the client sends a
request even if the server response for the request before it has not
yet been received.

I think mina ether need a filter passthrou schema (eg, 'tls-ok'
ignores the ssl-filter) or a way to have proper ordering of events so
the ssl-filter will onyl apply to packets after 'tls-ok' and
'start-tls'.

About packet ordering, what about a way to say that a filter have a
boundary of when to start working:

public void messageReceived(IoSession session, Object message) {
    if (message instanceof MyStartTLSRequest) {
        Object reply = new MyStartTLSResponse(OK);
        // insert SSLFilter to start handshaking, it will work on all
packet after message and reply.
        session.getFilterChain().addFirst(sslFilter, message, reply);

        // Disable encryption temporarilly.  This attribute will be
cleared after Session.write()
        session.setAttribute( SSLFilter.DISABLE_ENCRYPTION , Boolean.TRUE );

        // write StartTLSResponse
        session.write(reply);
    }
}


On 10/13/05, Trustin Lee <trustin@gmail.com> wrote:
> 2005/10/13, Julien Vermillard <jvermillard@archean.fr>:
> > Why not :
> >
> > public void messageReceived(IoSession session, Object message) {
> >     if (message instanceof MyStartTLSRequest) {
> >         // insert SSLFilter to start handshaking
> >         session.getFilterChain().addFirst(sslFilter);
> >
> >         // Disable encryption
> >         sslFilter.setEnabled(false); // SSLfilter is bypassing
> >
> >         // write StartTLSResponse
> >         session.write(new MyStartTLSResponse(OK));
> >
> >         // Enable encryption
> >         sslFilter.setEnabled(true); // SSLfilter is crypting
> >     }
> > }
>
> What if a client initiates TLS handshake process before we call
> sslFilter.setEnable(true).  I know this won't happen easily, but it has
> possibility of race condition yet.
>
> I talked with Emmanuel and here's another option:
>
> public void messageReceived(IoSession session, Object message) {
>     if (message instanceof MyStartTLSRequest) {
>         // insert SSLFilter to start handshaking
>         session.getFilterChain().addFirst(sslFilter);
>
>         // Disable encryption temporarilly.  This attribute will be cleared
> after Session.write()
>         session.setAttribute( SSLFilter.DISABLE_ENCRYPTION , Boolean.TRUE );
>
>         // write StartTLSResponse
>         session.write(new MyStartTLSResponse(OK));
>     }
> }
>
> Trustin
> --
> what we call human nature is actually human habit
> --
> http://gleamynode.net/

Mime
View raw message