Add Test case for truncated SSL packets

- Related issue: #1534 - Also made sure ByteToMessageDecoder does not wrap EncoderException.
2013-07-07 11:52:34 +09:00 · 2013-07-07 11:52:34 +09:00 · da5a5af520
commit da5a5af520
parent 5010fe0a61
3 changed files with 57 additions and 2 deletions
--- a/codec/src/main/java/io/netty/handler/codec/ByteToMessageDecoder.java
+++ b/codec/src/main/java/io/netty/handler/codec/ByteToMessageDecoder.java
@ -248,7 +248,7 @@ public abstract class ByteToMessageDecoder extends ChannelInboundHandlerAdapter
                    break;
                }
            }
-        } catch (CodecException e) {
+        } catch (DecoderException e) {
            throw e;
        } catch (Throwable cause) {
            throw new DecoderException(cause);
--- a/handler/src/main/java/io/netty/handler/ssl/SslHandler.java
+++ b/handler/src/main/java/io/netty/handler/ssl/SslHandler.java
@ -956,7 +956,7 @@ public class SslHandler extends ByteToMessageDecoder implements ChannelOutboundH
    private void notifyHandshakeFailure(Throwable cause) {
        if (handshakePromise.tryFailure(cause)) {
            ctx.fireUserEventTriggered(new SslHandshakeCompletionEvent(cause));
-            ctx.pipeline().fireExceptionCaught(cause);
+            ctx.close();
        }
    }

--- a/handler/src/test/java/io/netty/handler/ssl/SslHandlerTest.java
+++ b/handler/src/test/java/io/netty/handler/ssl/SslHandlerTest.java
@ -0,0 +1,55 @@
+/*
+ * Copyright 2013 The Netty Project
+ *
+ * The Netty Project licenses this file to you under the Apache License,
+ * version 2.0 (the "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at:
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ */
+
+package io.netty.handler.ssl;
+
+import io.netty.buffer.Unpooled;
+import io.netty.channel.embedded.EmbeddedChannel;
+import io.netty.handler.codec.DecoderException;
+import org.junit.Test;
+
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLEngine;
+import javax.net.ssl.SSLProtocolException;
+
+import static org.hamcrest.CoreMatchers.*;
+import static org.junit.Assert.*;
+
+public class SslHandlerTest {
+
+    @Test
+    public void testTruncatedPacket() throws Exception {
+        SSLEngine engine = SSLContext.getDefault().createSSLEngine();
+        engine.setUseClientMode(false);
+
+        EmbeddedChannel ch = new EmbeddedChannel(new SslHandler(engine));
+
+        // Push the first part of a 5-byte handshake message.
+        ch.writeInbound(Unpooled.wrappedBuffer(new byte[] { 22, 3, 1, 0, 5 }));
+
+        // Should decode nothing yet.
+        assertThat(ch.readInbound(), is(nullValue()));
+
+        try {
+            // Push the second part of the 5-byte handshake message.
+            ch.writeInbound(Unpooled.wrappedBuffer(new byte[]{2, 0, 0, 1, 0}));
+            fail();
+        } catch (DecoderException e) {
+            // The pushed message is invalid, so it should raise an exception if it decoded the message correctly.
+            assertThat(e.getCause(), is(instanceOf(SSLProtocolException.class)));
+        }
+    }
+}