[jira] [Assigned] (AMQ-8288) Review NIOSSLTransport thread safety

Jira Thu, 03 Jun 2021 21:26:05 -0700


     [ 
https://issues.apache.org/jira/browse/AMQ-8288?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Jean-Baptiste Onofré reassigned AMQ-8288:
-----------------------------------------

    Assignee: Jean-Baptiste Onofré

> Review NIOSSLTransport thread safety
> ------------------------------------
>
>                 Key: AMQ-8288
>                 URL: https://issues.apache.org/jira/browse/AMQ-8288
>             Project: ActiveMQ
>          Issue Type: Task
>    Affects Versions: 5.17.0
>            Reporter: Matt Pavlovich
>            Assignee: Jean-Baptiste Onofré
>            Priority: Major
>
> Moving the synchronized down to secureRead() removes a pseudo-de-facto 
> synchronization on doHandshake() which is the only place handshakeInProgress 
> = true (L424) appears to be assigned. Then finishHandshake() assigns the 
> sslSession (L242). 
> There is a -minor- tiny risk that the sslSession is swapped out from 
> underneath doHandshake. If the getApplicationBufferSize() changes to result 
> in a BUFFER_OVERFLOW. 
> Investigate the need to improve the concurrency of the sslSession pointer 
> assignment b/w doHandshake() and finishHandshake(), given secureRead() has a 
> condition where it can invoke finishHandshake()
> ref: 
> [SSLSesssionImpl.getApplicationBufferSize()](https://github.com/openjdk/jdk/blob/476775808f82a4b0d42ac58fdb801812b54e01a1/src/java.base/share/classes/sun/security/ssl/SSLSessionImpl.java#L1399)
>  has deterministic logic of the size based on various factors.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Assigned] (AMQ-8288) Review NIOSSLTransport thread safety

Reply via email to