Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id 487EF200C05 for ; Mon, 23 Jan 2017 21:00:20 +0100 (CET) Received: by cust-asf.ponee.io (Postfix) id 47151160B49; Mon, 23 Jan 2017 20:00:20 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id 91952160B3C for ; Mon, 23 Jan 2017 21:00:19 +0100 (CET) Received: (qmail 52049 invoked by uid 500); 23 Jan 2017 20:00:18 -0000 Mailing-List: contact commits-help@hc.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "HttpComponents Project" Delivered-To: mailing list commits@hc.apache.org Received: (qmail 52032 invoked by uid 99); 23 Jan 2017 20:00:18 -0000 Received: from Unknown (HELO svn01-us-west.apache.org) (209.188.14.144) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 23 Jan 2017 20:00:18 +0000 Received: from svn01-us-west.apache.org (localhost [127.0.0.1]) by svn01-us-west.apache.org (ASF Mail Server at svn01-us-west.apache.org) with ESMTP id 332743A0EDB for ; Mon, 23 Jan 2017 20:00:18 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r1779967 - /httpcomponents/httpcore/trunk/httpcore5/src/main/java/org/apache/hc/core5/reactor/ssl/SSLIOSession.java Date: Mon, 23 Jan 2017 20:00:18 -0000 To: commits@hc.apache.org From: olegk@apache.org X-Mailer: svnmailer-1.0.9 Message-Id: <20170123200018.332743A0EDB@svn01-us-west.apache.org> archived-at: Mon, 23 Jan 2017 20:00:20 -0000 Author: olegk Date: Mon Jan 23 20:00:17 2017 New Revision: 1779967 URL: http://svn.apache.org/viewvc?rev=1779967&view=rev Log: HTTPCORE-442: Non-blocking SSL sessions fail to decrypt buffered input data in some cases if closed by the opposite endpoint Modified: httpcomponents/httpcore/trunk/httpcore5/src/main/java/org/apache/hc/core5/reactor/ssl/SSLIOSession.java Modified: httpcomponents/httpcore/trunk/httpcore5/src/main/java/org/apache/hc/core5/reactor/ssl/SSLIOSession.java URL: http://svn.apache.org/viewvc/httpcomponents/httpcore/trunk/httpcore5/src/main/java/org/apache/hc/core5/reactor/ssl/SSLIOSession.java?rev=1779967&r1=1779966&r2=1779967&view=diff ============================================================================== --- httpcomponents/httpcore/trunk/httpcore5/src/main/java/org/apache/hc/core5/reactor/ssl/SSLIOSession.java (original) +++ httpcomponents/httpcore/trunk/httpcore5/src/main/java/org/apache/hc/core5/reactor/ssl/SSLIOSession.java Mon Jan 23 20:00:17 2017 @@ -447,19 +447,20 @@ public class SSLIOSession implements IOS try { if (!inEncryptedBuf.hasRemaining() && result.getHandshakeStatus() == HandshakeStatus.NEED_UNWRAP) { - throw new SSLException("Input buffer is full"); + throw new SSLException("Unable to complete SSL handshake"); } - if (result.getStatus() == Status.OK) { + final Status status = result.getStatus(); + if (status == Status.OK) { decrypted = true; } else { + if (status == Status.BUFFER_UNDERFLOW && this.endOfStream) { + throw new SSLException("Unable to decrypt incoming data due to unexpected end of stream"); + } break; } if (result.getHandshakeStatus() != HandshakeStatus.NOT_HANDSHAKING) { break; } - if (this.endOfStream) { - break; - } } finally { // Release inEncrypted if empty if (this.inEncrypted.acquire().position() == 0) {