[tomcat] branch master updated: Avoid overflow with OpenSSL engine

Sat, 09 Mar 2019 12:38:44 -0800 

This is an automated email from the ASF dual-hosted git repository.

remm pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/master by this push:
     new 100a058  Avoid overflow with OpenSSL engine
100a058 is described below

commit 100a058a2be3b172e42ba191b96f3ac1554e6f29
Author: remm <r...@apache.org>
AuthorDate: Sat Mar 9 21:37:11 2019 +0100

    Avoid overflow with OpenSSL engine
    
    Avoid many overflow situations with OpenSSL engine, overflow will now
    only occur if the destination buffers are all full when unwrap is
    called. Since it has an internal buffer (the bio in the native code), it
    doesn't have to write all the decrypted data available and can hold them
    until the next unwrap call. Also improve the overflow handling in the
    NIO2 code to give the right bytes produced and avoid some useless
    processing.
---
 java/org/apache/tomcat/util/net/SecureNio2Channel.java     | 14 +++++++++++++-
 java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java |  2 +-
 webapps/docs/changelog.xml                                 |  4 ++++
 3 files changed, 18 insertions(+), 2 deletions(-)

diff --git a/java/org/apache/tomcat/util/net/SecureNio2Channel.java 
b/java/org/apache/tomcat/util/net/SecureNio2Channel.java
index 8c70991..6eae95d 100644
--- a/java/org/apache/tomcat/util/net/SecureNio2Channel.java
+++ b/java/org/apache/tomcat/util/net/SecureNio2Channel.java
@@ -1012,6 +1012,10 @@ public class SecureNio2Channel extends Nio2Channel  {
                         int length2 = length;
                         boolean processOverflow = false;
                         do {
+                            boolean useOverflow = false;
+                            if (processOverflow) {
+                                useOverflow = true;
+                            }
                             processOverflow = false;
                             //prepare the buffer
                             netInBuffer.flip();
@@ -1022,6 +1026,10 @@ public class SecureNio2Channel extends Nio2Channel  {
                             if (unwrap.getStatus() == Status.OK || 
unwrap.getStatus() == Status.BUFFER_UNDERFLOW) {
                                 //we did receive some data, add it to our total
                                 read += unwrap.bytesProduced();
+                                if (useOverflow) {
+                                    // Remove the data read into the overflow 
buffer
+                                    read -= dsts2[dsts.length].position();
+                                }
                                 //perform any tasks if needed
                                 if (unwrap.getHandshakeStatus() == 
HandshakeStatus.NEED_TASK)
                                     tasks();
@@ -1038,7 +1046,7 @@ public class SecureNio2Channel extends Nio2Channel  {
                                 //buffer overflow can happen, if we have read 
data, then
                                 //empty out the dst buffer before we do 
another read
                                 break;
-                            } else {
+                            } else if (unwrap.getStatus() == 
Status.BUFFER_OVERFLOW) {
                                 //here we should trap BUFFER_OVERFLOW and call 
expand on the buffer
                                 //for now, throw an exception, as we 
initialized the buffers
                                 //in the constructor
@@ -1062,6 +1070,10 @@ public class SecureNio2Channel extends Nio2Channel  {
                                     
getBufHandler().configureReadBufferForWrite();
                                     processOverflow = true;
                                 }
+                            } else if (unwrap.getStatus() == Status.CLOSED) {
+                                break;
+                            } else {
+                                throw new 
IOException(sm.getString("channel.nio.ssl.unwrapFail", unwrap.getStatus()));
                             }
                         } while ((netInBuffer.position() != 0) || 
processOverflow); //continue to unwrapping as long as the input buffer has stuff
                         int capacity = 0;
diff --git a/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java 
b/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java
index 157d332..e775168 100644
--- a/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java
+++ b/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java
@@ -573,7 +573,7 @@ public final class OpenSSLEngine extends SSLEngine 
implements SSLUtil.ProtocolIn
         int bytesProduced = 0;
         int idx = offset;
         // Do we have enough room in dsts to write decrypted data?
-        if (capacity < pendingApp) {
+        if (capacity == 0) {
             return new SSLEngineResult(SSLEngineResult.Status.BUFFER_OVERFLOW, 
getHandshakeStatus(), written, 0);
         }
 
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index cc21008..3dd9625 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -146,6 +146,10 @@
         Verify HTTP/2 stream is still writable before assuming a timeout
         occurred. (remm)
       </fix>
+      <fix>
+        Avoid some overflow cases with OpenSSL to improve efficiency, as the
+        OpenSSL engine has an internal buffer. (remm)
+      </fix>
     </changelog>
   </subsection>
   <subsection name="WebSocket">


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to