0ef2f05373
Motivation: SslHandler invokes channel.read() during the handshake process. For some channel implementations (e.g. LocalChannel) this may result in re-entry conditions into unwrap. Unwrap currently defers updating the input buffer indexes until the unwrap method returns to avoid intermediate updates if not necessary, but this may result in unwrapping the same contents multiple times which leads to handshake failures [1][2]. [1] ssl3_get_record:decryption failed or bad record mac [2] ssl3_read_bytes:sslv3 alert bad record mac Modifications: - SslHandler#unwrap updates buffer indexes on each iteration so that if reentry scenario happens the correct indexes will be visible. Result: Fixes https://github.com/netty/netty/issues/11146 |
||
---|---|---|
.. | ||
src | ||
pom.xml |