From c11b23bbc1f46116407bdc10779c4cace639ee83 Mon Sep 17 00:00:00 2001 From: Carl Mastrangelo Date: Thu, 22 Feb 2018 14:10:49 -0800 Subject: [PATCH] Close SSLEngine when connection fails. Motivation: When using the JdkSslEngine, the ALPN class is used keep a reference to the engine. In the event that the TCP connection fails, the SSLEngine is not removed from the map, creating a memory leak. Modification: Always close the SSLEngine regardless of if the channel became active. Also, record the SSLEngine was closed in all places. Result: Fixes: https://github.com/grpc/grpc-java/issues/3080 --- handler/src/main/java/io/netty/handler/ssl/SslHandler.java | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/handler/src/main/java/io/netty/handler/ssl/SslHandler.java b/handler/src/main/java/io/netty/handler/ssl/SslHandler.java index 7c52702113..c17a04445e 100644 --- a/handler/src/main/java/io/netty/handler/ssl/SslHandler.java +++ b/handler/src/main/java/io/netty/handler/ssl/SslHandler.java @@ -1527,6 +1527,7 @@ public class SslHandler extends ByteToMessageDecoder implements ChannelOutboundH try { // Release all resources such as internal buffers that SSLEngine // is managing. + outboundClosed = true; engine.closeOutbound(); if (closeInbound) { @@ -1574,6 +1575,9 @@ public class SslHandler extends ByteToMessageDecoder implements ChannelOutboundH private void closeOutboundAndChannel( final ChannelHandlerContext ctx, final ChannelPromise promise, boolean disconnect) throws Exception { + outboundClosed = true; + engine.closeOutbound(); + if (!ctx.channel().isActive()) { if (disconnect) { ctx.disconnect(promise); @@ -1583,9 +1587,6 @@ public class SslHandler extends ByteToMessageDecoder implements ChannelOutboundH return; } - outboundClosed = true; - engine.closeOutbound(); - ChannelPromise closeNotifyPromise = ctx.newPromise(); try { flush(ctx, closeNotifyPromise);