Scott Stanton created HTTPCORE-319:
--------------------------------------
Summary: SSLIOSession goes into a loop if the server rejects an
invalid certificate
Key: HTTPCORE-319
URL: https://issues.apache.org/jira/browse/HTTPCORE-319
Project: HttpComponents HttpCore
Issue Type: Bug
Components: HttpCore NIO
Affects Versions: 4.2.2
Reporter: Scott Stanton
Priority: Blocker
To reproduce:
* Set up an SSL server that requests certificates from the client.
* Set up a client with an expired SSL certificate.
* Establish a connection from the client to the server using BaseNIOReactor and
SSLIOSession.
The server will proceed through the handshake until the client supplies its
certificate in response to the CertificateRequest message. At this point, the
server's certificate verification will fail and it will close the connection.
The client socket will become readable due to the EOF and the
SSLIOSession.isAppInputReady() method is called to handle the EOF. The
bytesRead gets set to -1, which sets this.endOfStream = true. Nothing ever
sets the session into the CLOSING or CLOSED state, so it keeps looping on the
readable EOF event.
I'm not sure what the best approach to fixing this should be. It appears that
if I close the session manually with the debugger from inside isAppInputReady,
the system proceeds normally from that point, however I don't know what the
implications of doing that might be.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
