Ensure we always wrap if there is something left to be send to the remote peer (#11535)

Motivation:

We need to ensure we call wrap as long as there is something left to be send to the remote peer in cases of non-application data (like for example alerts).

Modifications:

Check the pending data and based on it return NEED_WRAP even when the handshake was done.

Result:

Always produce alerts etc
This commit is contained in:
Norman Maurer 2021-08-02 10:12:35 +02:00 committed by Chris Vest
parent 7d1de8c970
commit 202aee34c4

View File

@ -1970,10 +1970,16 @@ public class ReferenceCountedOpenSslEngine extends SSLEngine implements Referenc
private SSLEngineResult.HandshakeStatus mayFinishHandshake(SSLEngineResult.HandshakeStatus status)
throws SSLException {
if (status == NOT_HANDSHAKING && handshakeState != HandshakeState.FINISHED) {
// If the status was NOT_HANDSHAKING and we not finished the handshake we need to call
// SSL_do_handshake() again
return handshake();
if (status == NOT_HANDSHAKING) {
if (handshakeState != HandshakeState.FINISHED) {
// If the status was NOT_HANDSHAKING and we not finished the handshake we need to call
// SSL_do_handshake() again
return handshake();
}
if (!isDestroyed() && SSL.bioLengthNonApplication(networkBIO) > 0) {
// We have something left that needs to be wrapped.
return NEED_WRAP;
}
}
return status;
}