Details
-
Bug
-
Status: Closed
-
Critical
-
Resolution: Fixed
-
4.0-alpha6
-
None
-
jre1.5.0_06, apache2
Description
In case of 'Connection: close' connections to https web server the connection might be terminated on server side before data has reached the client application. Step by step scenario.
1. SSLIOSession.isAppInputReady receives encrypted data and sees end of stream (status = CLOSED);
2. SSLIOSession.decryptData decypted the received data and puts into inPlain buffer;
3. NHttpClientHandler.inputReady is called. App calls decoder.read, but decoder will not get the data in SSLIOSession.inPLain, because of the check in SSLIOSession.unwrap:
if (this.status != ACTIVE)
{ return -1; }Moving this after inPlain.position() > 0 check would quickfix the problem, but maybe it not the best way of doing it.
Index: SSLIOSession.java
===================================================================
— SSLIOSession.java (revision 582811)
+++ SSLIOSession.java (working copy)
@@ -298,9 +298,6 @@
if (dst == null)
- if (this.status != ACTIVE)
{
- return -1;
- }
if (this.inPlain.position() > 0)
{ this.inPlain.flip(); int n = Math.min(this.inPlain.remaining(), dst.remaining()); @@ -309,6 +306,8 @@ }this.inPlain.compact();
{ + return -1; }
return n;
+ } else if (this.status != ACTIVE)else
{ return 0; }