Author: trustin
Date: Wed Mar 23 18:23:20 2005
New Revision: 158861
URL: http://svn.apache.org/viewcvs?view=rev&rev=158861
Log:
Applied Janne's SSL filter patch.
Modified:
directory/network/trunk/src/java/org/apache/mina/io/filter/SSLByteBufferPool.java
directory/network/trunk/src/java/org/apache/mina/io/filter/SSLHandler.java
Modified:
directory/network/trunk/src/java/org/apache/mina/io/filter/SSLByteBufferPool.java
URL:
http://svn.apache.org/viewcvs/directory/network/trunk/src/java/org/apache/mina/io/filter/SSLByteBufferPool.java?view=diff&r1=158860&r2=158861
==============================================================================
---
directory/network/trunk/src/java/org/apache/mina/io/filter/SSLByteBufferPool.java
(original)
+++
directory/network/trunk/src/java/org/apache/mina/io/filter/SSLByteBufferPool.java
Wed Mar 23 18:23:20 2005
@@ -69,8 +69,13 @@
useDirectAllocatedBuffers = Boolean
.getBoolean( DIRECT_MEMORY_PROP );
}
+
// init buffer sizes from SSLEngine
- packetBufferSize = sslEngine.getSession().getPacketBufferSize();
+ // Janne: The problem we found is in SSLHandler.doEncrypt() or
+ // more correctly how we use sslEngine.wrap(). If the passed src
+ // ByteBuffer is larger than 16 kbytes only 16 kbytes will be
+ // encrypted!
+ packetBufferSize = sslEngine.getSession().getPacketBufferSize() *
2;
// application buffer size has been doubled because SSLEngine
// returns BUFFER_OVERFLOW even if there is enough room for the
buffer.
Modified:
directory/network/trunk/src/java/org/apache/mina/io/filter/SSLHandler.java
URL:
http://svn.apache.org/viewcvs/directory/network/trunk/src/java/org/apache/mina/io/filter/SSLHandler.java?view=diff&r1=158860&r2=158861
==============================================================================
--- directory/network/trunk/src/java/org/apache/mina/io/filter/SSLHandler.java
(original)
+++ directory/network/trunk/src/java/org/apache/mina/io/filter/SSLHandler.java
Wed Mar 23 18:23:20 2005
@@ -274,7 +274,7 @@
return status;
}
-
+
private void doEncrypt( ByteBuffer src ) throws SSLException
{
if( !initialHandshakeComplete )
@@ -282,27 +282,34 @@
throw new IllegalStateException();
}
- // The data buffer is (must be) empty, we can reuse the entire buffer.
+ // The data buffer is (must be) empty, we can reuse the entire
+ // buffer.
outNetBuffer.clear();
- SSLEngineResult result = sslEngine.wrap( src, outNetBuffer );
-
- outNetBuffer.flip();
+ SSLEngineResult result;
- if( result.getStatus() == SSLEngineResult.Status.OK )
- {
- if( result.getHandshakeStatus() ==
SSLEngineResult.HandshakeStatus.NEED_TASK )
- {
- doTasks();
- }
- }
- else
+ // Loop until there is no more data in src
+ while(src.hasRemaining())
{
- throw new SSLException( "SSLEngine error during encrypt: "
- + result.getStatus() );
+ result = sslEngine.wrap( src, outNetBuffer );
+
+ if( result.getStatus() == SSLEngineResult.Status.OK )
+ {
+ if( result.getHandshakeStatus() ==
SSLEngineResult.HandshakeStatus.NEED_TASK )
+ {
+ doTasks();
+ }
+ }
+ else
+ {
+ throw new SSLException( "SSLEngine error during encrypt: "
+ + result.getStatus() );
+ }
}
- }
+ outNetBuffer.flip();
+ }
+
/**
* Perform any handshaking processing.
*/
