tomaswolf opened a new pull request, #217: URL: https://github.com/apache/mina-sshd/pull/217
Previous code flushed them synchronously before setting KEX state to DONE. This could lead to deadlocks if there were exceptions and the session got closed while flushing. Moreover, AbstractSession.writePacket() had a race condition: after having determined the kex state, it was still possible that an incoming SSH_MSG_KEX_INIT would change the KEX state and then get the encodeLock and send back its answer before the first thread. In that case the client might have received a high-level message during KEX, which is forbidden by RFC 4253. Change the code to flush pending packets asynchronously. In writePackets, keep enqueuing packets if KEX is DONE but we're still flushing. To avoid keeping the flushing thread busy forever, we block new writes, unless they are direct replies to SSH protocol messages. I.e., channel data messages block the calling thread while flushing is still in progress. Some care has to be exercised to avoid new deadlocks. First, obviously a thread holding the decodeLock must not be blocked. Second, threads holding the futureLock must never block. Additionally, the code never blocks writes that occur inside a future listener. Note that while KEX is in progress (not DONE yet), an application may put arbitrarily many packets onto the queue (for instance, if the remote's channel window is large, and there's an asynchronous application thread pumping data through a channel). This was the case already before this change, and it is still the case. If there is so much data in the queue that a new KEX will be triggered, the new code will actually initiate a new KEX, flushing stops, and is resumed once the new KEX finishes. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org For additional commands, e-mail: dev-h...@mina.apache.org
