SSL handshake failure causes deadlock

                 Key: FTPSERVER-91
             Project: FtpServer
          Issue Type: Bug
          Components: Core
    Affects Versions: 1.0-M2
            Reporter: Steve Jones

When using the Mina listener with SSL the ftp server can "deadlock" when the 
SSL handshake fails.

This is easily reproducible by connecting to an implicit SSL FTPS server using 
a non SSL FTP client.

Each connection attempt will permanently utilize a server connection until the 
server is restarted.

The issue is that until the SSL handshake is completed all FTP responses are 
buffered. This is a problem since the "MinaFtpResponseOutput" class blocks 
until the response is actually written to the client (which it never is). 

The "CLOSE" connection event is never processed since the worker "thread" is 
blocked waiting for the handshake to complete and the initial response to be 

Modifying the "MinaFtpResponseOutput" class as shown below appears to fix the 
issue, but I'm not sure if changing this to non-blocking will cause other 
issues. An alternative approach may be to timeout the SSL handshake after a few 
seconds (e.g. using join(5000))

--- core/src/java/org/apache/ftpserver/listener/mina/ 
(revision 543677)
+++ core/src/java/org/apache/ftpserver/listener/mina/ 
(working copy)
@@ -40,7 +40,7 @@
     public void write(FtpReply response) throws IOException {
-        session.write(response).join();
+        session.write(response);

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

Reply via email to