hc-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ol...@apache.org
Subject svn commit: r1410793 - in /httpcomponents/httpcore/branches/4.2.x: RELEASE_NOTES.txt httpcore-nio/src/main/java/org/apache/http/nio/reactor/ssl/SSLIOSession.java
Date Sat, 17 Nov 2012 21:34:58 GMT
Author: olegk
Date: Sat Nov 17 21:34:57 2012
New Revision: 1410793

URL: http://svn.apache.org/viewvc?rev=1410793&view=rev
Log:
HTTPCORE-319, HTTPCORE-322: Non-blocking SSLIOSession can enter an infinite loop under special
circumstances when the remote peer terminates the session in the middle of SSL handshake
Contributed by Paul Donohue <apache-jira at PaulSD.com>

Modified:
    httpcomponents/httpcore/branches/4.2.x/RELEASE_NOTES.txt
    httpcomponents/httpcore/branches/4.2.x/httpcore-nio/src/main/java/org/apache/http/nio/reactor/ssl/SSLIOSession.java

Modified: httpcomponents/httpcore/branches/4.2.x/RELEASE_NOTES.txt
URL: http://svn.apache.org/viewvc/httpcomponents/httpcore/branches/4.2.x/RELEASE_NOTES.txt?rev=1410793&r1=1410792&r2=1410793&view=diff
==============================================================================
--- httpcomponents/httpcore/branches/4.2.x/RELEASE_NOTES.txt (original)
+++ httpcomponents/httpcore/branches/4.2.x/RELEASE_NOTES.txt Sat Nov 17 21:34:57 2012
@@ -1,6 +1,11 @@
 Changes since Release 4.2.2
 =======
 
+* [HTTPCORE-319, HTTPCORE-322] Non-blocking SSLIOSession can enter an infinite loop under

+  special circumstances when the remote peer terminates the session in the middle of SSL
handshake.
+  Contributed by Paul Donohue <apache-jira at PaulSD.com> and 
+  Oleg Kalnichevski <olegk at apache.org>
+
 * [HTTPCORE-316] HeaderGroup#clone removes headers from the original object.
   Contributed by Markus Thies <markus at dr-thies.com> 
 
@@ -16,7 +21,8 @@ Changes since Release 4.2.2
   Contributed by Scott Stanton <snstanton at gmail.com> 
 
 * [HTTPCORE-313] ContentType#parse now ignores empty and blank charset attributes. 
-  HttpEntityUtils#toString now throws checked I/O exception ifit  encounters an unsupported
charset. 
+  HttpEntityUtils#toString now throws checked I/O exception if it  encounters an unsupported

+  charset. 
   Contributed by Oleg Kalnichevski <olegk at apache.org>
 
 

Modified: httpcomponents/httpcore/branches/4.2.x/httpcore-nio/src/main/java/org/apache/http/nio/reactor/ssl/SSLIOSession.java
URL: http://svn.apache.org/viewvc/httpcomponents/httpcore/branches/4.2.x/httpcore-nio/src/main/java/org/apache/http/nio/reactor/ssl/SSLIOSession.java?rev=1410793&r1=1410792&r2=1410793&view=diff
==============================================================================
--- httpcomponents/httpcore/branches/4.2.x/httpcore-nio/src/main/java/org/apache/http/nio/reactor/ssl/SSLIOSession.java
(original)
+++ httpcomponents/httpcore/branches/4.2.x/httpcore-nio/src/main/java/org/apache/http/nio/reactor/ssl/SSLIOSession.java
Sat Nov 17 21:34:57 2012
@@ -342,15 +342,17 @@ public class SSLIOSession implements IOS
 
     private boolean decryptData() throws SSLException {
         boolean decrypted = false;
-        SSLEngineResult.Status opStatus = Status.OK;
-        while (this.inEncrypted.position() > 0 && opStatus == Status.OK) {
+        while (this.inEncrypted.position() > 0) {
             this.inEncrypted.flip();
             SSLEngineResult result = doUnwrap(this.inEncrypted, this.inPlain);
             this.inEncrypted.compact();
-
-            opStatus = result.getStatus();
-            if (opStatus == Status.OK) {
+            if (result.getStatus() == Status.OK) {
                 decrypted = true;
+            } else {
+                break;
+            }
+            if (result.getHandshakeStatus() != HandshakeStatus.NOT_HANDSHAKING) {
+                break;
             }
         }
         return decrypted;
@@ -368,7 +370,10 @@ public class SSLIOSession implements IOS
             this.endOfStream = true;
         }
         doHandshake();
-        decryptData();
+        HandshakeStatus status = this.sslEngine.getHandshakeStatus();
+        if (status == HandshakeStatus.NOT_HANDSHAKING || status == HandshakeStatus.FINISHED)
{
+            decryptData();
+        }
         // Some decrypted data is available or at the end of stream
         return (this.appEventMask & SelectionKey.OP_READ) > 0
             && (this.inPlain.position() > 0



Mime
View raw message