hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Paul Donohue (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HTTPCORE-322) SSLIOSession infinite loop after alert during handshake
Date Thu, 15 Nov 2012 17:20:12 GMT

    [ https://issues.apache.org/jira/browse/HTTPCORE-322?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13498146#comment-13498146
] 

Paul Donohue commented on HTTPCORE-322:
---------------------------------------

I believe the following patch would correct this issue.
diff -Naur httpcomponents-core-4.2.2.orig/httpcore-nio/src/main/java/org/apache/http/nio/reactor/ssl/SSLIOSession.java
httpcomponents-core-4.2.2/httpcore-nio/src/main/java/org/apache/http/nio/reactor/ssl/SSLIOSession.java
--- httpcomponents-core-4.2.2.orig/httpcore-nio/src/main/java/org/apache/http/nio/reactor/ssl/SSLIOSession.java
2012-11-14 20:12:09.000000000 -0500
+++ httpcomponents-core-4.2.2/httpcore-nio/src/main/java/org/apache/http/nio/reactor/ssl/SSLIOSession.java
     2012-11-15 12:14:21.000000000 -0500
@@ -367,8 +367,11 @@
         if (bytesRead == -1) {
             this.endOfStream = true;
         }
-        doHandshake();
-        decryptData();
+        if(this.sslEngine.getHandshakeStatus() != NOT_HANDSHAKING) {
+          doHandshake();
+        } else {
+          decryptData();
+        }
         // Some decrypted data is available or at the end of stream
         return (this.appEventMask & SelectionKey.OP_READ) > 0
             && (this.inPlain.position() > 0

                
> SSLIOSession infinite loop after alert during handshake
> -------------------------------------------------------
>
>                 Key: HTTPCORE-322
>                 URL: https://issues.apache.org/jira/browse/HTTPCORE-322
>             Project: HttpComponents HttpCore
>          Issue Type: Bug
>          Components: HttpCore NIO
>            Reporter: Paul Donohue
>            Priority: Critical
>
> I have an application using httpcore-nio that occasionally gets stuck in an infinite
loop in SSLIOSession:
> "I/O dispatcher 1" prio=10 tid=0x00002aaab82da000 nid=0x5448 runnable [0x000000004271c000]
>    java.lang.Thread.State: RUNNABLE
>         at sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:767)
>         - locked <0x00000000a4f03420> (a sun.security.ssl.SSLEngineImpl)
>         at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:719)
>         - locked <0x00000000a51faaa0> (a java.lang.Object)
>         at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624)
>         at org.apache.http.nio.reactor.ssl.SSLIOSession.doUnwrap(SSLIOSession.java:228)
>         at org.apache.http.nio.reactor.ssl.SSLIOSession.decryptData(SSLIOSession.java:348)
>         at org.apache.http.nio.reactor.ssl.SSLIOSession.isAppInputReady(SSLIOSession.java:371)
>         - locked <0x00000000a4f03498> (a org.apache.http.nio.reactor.ssl.SSLIOSession)
>         at org.apache.http.impl.nio.reactor.AbstractIODispatch.inputReady(AbstractIODispatch.java:118)
>         at org.apache.http.impl.nio.reactor.BaseIOReactor.readable(BaseIOReactor.java:160)
>         at org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvent(AbstractIOReactor.java:342)
>         at org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvents(AbstractIOReactor.java:320)
>         at org.apache.http.impl.nio.reactor.AbstractIOReactor.execute(AbstractIOReactor.java:280)
>         at org.apache.http.impl.nio.reactor.BaseIOReactor.execute(BaseIOReactor.java:106)
>         at org.apache.http.impl.nio.reactor.AbstractMultiworkerIOReactor$Worker.run(AbstractMultiworkerIOReactor.java:604)
>         at java.lang.Thread.run(Thread.java:636)
> In the above example, I was able to determine that this behavior was caused by a client
sending a ClientHello that resumed an established session, immediately followed by a CloseNotify
Alert.  This sequence only sometimes triggers the infinite loop, so the problem appears to
be timing related.  I get the feeling that there are other sequences that may trigger this,
but I don't have any other concrete examples at the moment.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org


Mime
View raw message