[#915] [#923] Expanded scope of the handshake locks in SSLHandler to avoid possible negotiation after the first SSLEngine wrap
This commit is contained in:
parent
223209864a
commit
ca7702f38c
@ -402,6 +402,7 @@ public class SslHandler extends FrameDecoder
|
||||
* succeeds or fails.
|
||||
*/
|
||||
public ChannelFuture handshake() {
|
||||
synchronized (handshakeLock) {
|
||||
if (handshaken && !isEnableRenegotiation()) {
|
||||
throw new IllegalStateException("renegotiation disabled");
|
||||
}
|
||||
@ -411,10 +412,10 @@ public class SslHandler extends FrameDecoder
|
||||
ChannelFuture handshakeFuture;
|
||||
Exception exception = null;
|
||||
|
||||
synchronized (handshakeLock) {
|
||||
if (handshaking) {
|
||||
return this.handshakeFuture;
|
||||
} else {
|
||||
}
|
||||
|
||||
handshaking = true;
|
||||
try {
|
||||
engine.beginHandshake();
|
||||
@ -437,8 +438,6 @@ public class SslHandler extends FrameDecoder
|
||||
handshakeFuture = this.handshakeFuture = failedFuture(channel, e);
|
||||
exception = e;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (exception == null) { // Began handshake successfully.
|
||||
try {
|
||||
@ -470,9 +469,9 @@ public class SslHandler extends FrameDecoder
|
||||
Channels.close(ctx, future(channel));
|
||||
}
|
||||
}
|
||||
|
||||
return handshakeFuture;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @deprecated Use {@link #handshake()} instead.
|
||||
@ -1282,6 +1281,7 @@ public class SslHandler extends FrameDecoder
|
||||
}
|
||||
|
||||
private void handleRenegotiation(HandshakeStatus handshakeStatus) {
|
||||
synchronized (handshakeLock) {
|
||||
if (handshakeStatus == HandshakeStatus.NOT_HANDSHAKING ||
|
||||
handshakeStatus == HandshakeStatus.FINISHED) {
|
||||
// Not handshaking
|
||||
@ -1294,7 +1294,6 @@ public class SslHandler extends FrameDecoder
|
||||
}
|
||||
|
||||
final boolean renegotiate;
|
||||
synchronized (handshakeLock) {
|
||||
if (handshaking) {
|
||||
// Renegotiation in progress or failed already.
|
||||
// i.e. Renegotiation check has been done already below.
|
||||
@ -1315,7 +1314,6 @@ public class SslHandler extends FrameDecoder
|
||||
// Prevent reentrance of this method.
|
||||
handshaking = true;
|
||||
}
|
||||
}
|
||||
|
||||
if (renegotiate) {
|
||||
// Renegotiate.
|
||||
@ -1331,6 +1329,7 @@ public class SslHandler extends FrameDecoder
|
||||
Channels.close(ctx, succeededFuture(ctx.getChannel()));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
private void runDelegatedTasks() {
|
||||
for (;;) {
|
||||
|
Loading…
Reference in New Issue
Block a user