Workaround SSLEngine.unwrap(...) bug in Android 5.0
Motivation: Android 5.0 sometimes not correctly update the bytesConsumed of the SSLEngineResult when consuming data from the input ByteBuffer. This will lead to handshake failures. Modifications: Add a workaround for Android 5.0 Result: Be able to use netty on Android 5.0 by fixing https://github.com/netty/netty/issues/7758 .
This commit is contained in:
Norman Maurer
Norman Maurer
parent
48df2f66b8
commit
bf8cac4939
|
|
@ -289,9 +289,26 @@ public class SslHandler extends ByteToMessageDecoder implements ChannelOutboundH
|
|||
SSLEngineResult unwrap(SslHandler handler, ByteBuf in, int readerIndex, int len, ByteBuf out)
|
||||
throws SSLException {
|
||||
int writerIndex = out.writerIndex();
|
||||
final SSLEngineResult result = handler.engine.unwrap(toByteBuffer(in, readerIndex, len),
|
||||
ByteBuffer inNioBuffer = toByteBuffer(in, readerIndex, len);
|
||||
int position = inNioBuffer.position();
|
||||
final SSLEngineResult result = handler.engine.unwrap(inNioBuffer,
|
||||
toByteBuffer(out, writerIndex, out.writableBytes()));
|
||||
out.writerIndex(writerIndex + result.bytesProduced());
|
||||
|
||||
// This is a workaround for a bug in Android 5.0. Android 5.0 does not correctly update the
|
||||
// SSLEngineResult.bytesConsumed() in some cases and just return 0.
|
||||
//
|
||||
// See:
|
||||
// - https://android-review.googlesource.com/c/platform/external/conscrypt/+/122080
|
||||
// - https://github.com/netty/netty/issues/7758
|
||||
if (result.bytesConsumed() == 0) {
|
||||
int consumed = inNioBuffer.position() - position;
|
||||
if (consumed != result.bytesConsumed()) {
|
||||
// Create a new SSLEngineResult with the correct bytesConsumed().
|
||||
return new SSLEngineResult(
|
||||
result.getStatus(), result.getHandshakeStatus(), consumed, result.bytesProduced());
|
||||
}
|
||||
}
|
||||
return result;
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user