incubator-ftpserver-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Steve Jones (JIRA)" <j...@apache.org>
Subject [jira] Created: (FTPSERVER-91) SSL handshake failure causes deadlock
Date Tue, 05 Jun 2007 01:37:26 GMT
SSL handshake failure causes deadlock
-------------------------------------

                 Key: FTPSERVER-91
                 URL: https://issues.apache.org/jira/browse/FTPSERVER-91
             Project: FtpServer
          Issue Type: Bug
          Components: Core
    Affects Versions: 1.0-M2
            Reporter: Steve Jones


When using the Mina listener with SSL the ftp server can "deadlock" when the SSL handshake
fails.

This is easily reproducible by connecting to an implicit SSL FTPS server using a non SSL FTP
client.

Each connection attempt will permanently utilize a server connection until the server is restarted.

The issue is that until the SSL handshake is completed all FTP responses are buffered. This
is a problem since the "MinaFtpResponseOutput" class blocks until the response is actually
written to the client (which it never is). 

The "CLOSE" connection event is never processed since the worker "thread" is blocked waiting
for the handshake to complete and the initial response to be written.

Modifying the "MinaFtpResponseOutput" class as shown below appears to fix the issue, but I'm
not sure if changing this to non-blocking will cause other issues. An alternative approach
may be to timeout the SSL handshake after a few seconds (e.g. using join(5000))

--- core/src/java/org/apache/ftpserver/listener/mina/MinaFtpResponseOutput.java (revision
543677)
+++ core/src/java/org/apache/ftpserver/listener/mina/MinaFtpResponseOutput.java (working copy)
@@ -40,7 +40,7 @@
     }
 
     public void write(FtpReply response) throws IOException {
-        session.write(response).join();
+        session.write(response);
     }



-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message