changelog.xml

markt Fri, 13 Jan 2017 05:22:29 -0800

Author: markt
Date: Fri Jan 13 13:21:59 2017
New Revision: 1778582

URL: http://svn.apache.org/viewvc?rev=1778582&view=rev
Log:
Underflow when parsing the client hello means we need to do a read with the 
completion handler. Looks like a copy/paste error from NIO.


Modified:
    tomcat/trunk/java/org/apache/tomcat/util/net/SecureNio2Channel.java
    tomcat/trunk/webapps/docs/changelog.xml

Modified: tomcat/trunk/java/org/apache/tomcat/util/net/SecureNio2Channel.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/SecureNio2Channel.java?rev=1778582&r1=1778581&r2=1778582&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/util/net/SecureNio2Channel.java 
(original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/SecureNio2Channel.java Fri Jan 
13 13:21:59 2017
@@ -338,7 +338,7 @@ public class SecureNio2Channel extends N
 
         TLSClientHelloExtractor extractor = new 
TLSClientHelloExtractor(netInBuffer);
 
-        while (extractor.getResult() == ExtractorResult.UNDERFLOW &&
+        if (extractor.getResult() == ExtractorResult.UNDERFLOW &&
                 netInBuffer.capacity() < endpoint.getSniParseLimit()) {
             // extractor needed more data to process but netInBuffer was full 
so
             // expand the buffer and read some more data.
@@ -347,8 +347,8 @@ public class SecureNio2Channel extends N
                     Integer.toString(newLimit)));
 
             netInBuffer = ByteBufferUtils.expand(netInBuffer, newLimit);
-            sc.read(netInBuffer);
-            extractor = new TLSClientHelloExtractor(netInBuffer);
+            sc.read(netInBuffer, socket, handshakeReadCompletionHandler);
+            return 1;
         }
 
         String hostName = null;

Modified: tomcat/trunk/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1778582&r1=1778581&r2=1778582&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Fri Jan 13 13:21:59 2017
@@ -51,6 +51,10 @@
         Improve handling of case when an HTTP/2 client sends more data that is
         subject to flow control than the current window size allows. (markt)
       </fix>
+      <fix>
+        Improve NIO2 look-ahead parsing of TLS client hello for SNI with large
+        client hello messages. (markt) 
+      </fix>
     </changelog>
   </subsection>
   <subsection name="Tribes">



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1778582 - in /tomcat/trunk: java/org/apache/tomcat/util/net/SecureNio2Channel.java webapps/docs/changelog.xml

Reply via email to