This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/master by this push: new 100a058 Avoid overflow with OpenSSL engine 100a058 is described below commit 100a058a2be3b172e42ba191b96f3ac1554e6f29 Author: remm <r...@apache.org> AuthorDate: Sat Mar 9 21:37:11 2019 +0100 Avoid overflow with OpenSSL engine Avoid many overflow situations with OpenSSL engine, overflow will now only occur if the destination buffers are all full when unwrap is called. Since it has an internal buffer (the bio in the native code), it doesn't have to write all the decrypted data available and can hold them until the next unwrap call. Also improve the overflow handling in the NIO2 code to give the right bytes produced and avoid some useless processing. --- java/org/apache/tomcat/util/net/SecureNio2Channel.java | 14 +++++++++++++- java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java | 2 +- webapps/docs/changelog.xml | 4 ++++ 3 files changed, 18 insertions(+), 2 deletions(-) diff --git a/java/org/apache/tomcat/util/net/SecureNio2Channel.java b/java/org/apache/tomcat/util/net/SecureNio2Channel.java index 8c70991..6eae95d 100644 --- a/java/org/apache/tomcat/util/net/SecureNio2Channel.java +++ b/java/org/apache/tomcat/util/net/SecureNio2Channel.java @@ -1012,6 +1012,10 @@ public class SecureNio2Channel extends Nio2Channel { int length2 = length; boolean processOverflow = false; do { + boolean useOverflow = false; + if (processOverflow) { + useOverflow = true; + } processOverflow = false; //prepare the buffer netInBuffer.flip(); @@ -1022,6 +1026,10 @@ public class SecureNio2Channel extends Nio2Channel { if (unwrap.getStatus() == Status.OK || unwrap.getStatus() == Status.BUFFER_UNDERFLOW) { //we did receive some data, add it to our total read += unwrap.bytesProduced(); + if (useOverflow) { + // Remove the data read into the overflow buffer + read -= dsts2[dsts.length].position(); + } //perform any tasks if needed if (unwrap.getHandshakeStatus() == HandshakeStatus.NEED_TASK) tasks(); @@ -1038,7 +1046,7 @@ public class SecureNio2Channel extends Nio2Channel { //buffer overflow can happen, if we have read data, then //empty out the dst buffer before we do another read break; - } else { + } else if (unwrap.getStatus() == Status.BUFFER_OVERFLOW) { //here we should trap BUFFER_OVERFLOW and call expand on the buffer //for now, throw an exception, as we initialized the buffers //in the constructor @@ -1062,6 +1070,10 @@ public class SecureNio2Channel extends Nio2Channel { getBufHandler().configureReadBufferForWrite(); processOverflow = true; } + } else if (unwrap.getStatus() == Status.CLOSED) { + break; + } else { + throw new IOException(sm.getString("channel.nio.ssl.unwrapFail", unwrap.getStatus())); } } while ((netInBuffer.position() != 0) || processOverflow); //continue to unwrapping as long as the input buffer has stuff int capacity = 0; diff --git a/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java b/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java index 157d332..e775168 100644 --- a/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java +++ b/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java @@ -573,7 +573,7 @@ public final class OpenSSLEngine extends SSLEngine implements SSLUtil.ProtocolIn int bytesProduced = 0; int idx = offset; // Do we have enough room in dsts to write decrypted data? - if (capacity < pendingApp) { + if (capacity == 0) { return new SSLEngineResult(SSLEngineResult.Status.BUFFER_OVERFLOW, getHandshakeStatus(), written, 0); } diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index cc21008..3dd9625 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -146,6 +146,10 @@ Verify HTTP/2 stream is still writable before assuming a timeout occurred. (remm) </fix> + <fix> + Avoid some overflow cases with OpenSSL to improve efficiency, as the + OpenSSL engine has an internal buffer. (remm) + </fix> </changelog> </subsection> <subsection name="WebSocket"> --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org