Go to file
Scott Mitchell 141089998f OpenSslEngine wrap may generate bad data if multiple src buffers
Motivation:
SSL_write requires a fixed amount of bytes for overhead related to the encryption process for each call. OpenSslEngine#wrap(..) will attempt to encrypt multiple input buffers until MAX_PLAINTEXT_LENGTH are consumed, but the size estimation provided by calculateOutNetBufSize may not leave enough room for each call to SSL_write. If SSL_write is not able to completely write results to the destination buffer it will keep state and attempt to write it later. Netty doesn't account for SSL_write keeping state and assumes all writes will complete synchronously (by attempting to allocate enough space to account for the overhead) and feeds the same data to SSL_write again later which results in corrupted data being generated.

Modifications:
- OpenSslEngine#wrap should only produce a single TLS packet according to the SSLEngine API specificaiton [1].
[1] https://docs.oracle.com/javase/8/docs/api/javax/net/ssl/SSLEngine.html#wrap-java.nio.ByteBuffer:A-int-int-java.nio.ByteBuffer-
- OpenSslEngine#wrap should only consider a single buffer when determining if there is enough space to write, because only a single buffer will ever be consumed.

Result:
OpenSslEngine#wrap will no longer produce corrupted data due to incorrect accounting of space required in the destination buffers.
2017-05-08 14:43:36 -07:00
.github Use GitHub Issue/PR Template Feature 2016-12-07 11:40:26 -08:00
all New native transport for kqueue 2017-05-03 09:53:22 -07:00
bom [maven-release-plugin] prepare for next development iteration 2017-04-29 14:10:00 +02:00
buffer [maven-release-plugin] prepare for next development iteration 2017-04-29 14:10:00 +02:00
codec [maven-release-plugin] prepare for next development iteration 2017-04-29 14:10:00 +02:00
codec-dns [maven-release-plugin] prepare for next development iteration 2017-04-29 14:10:00 +02:00
codec-haproxy [maven-release-plugin] prepare for next development iteration 2017-04-29 14:10:00 +02:00
codec-http HttpServerKeepAliveHandler doesn't correctly handle VoidChannelPromise 2017-05-04 14:08:18 -07:00
codec-http2 Supply a builder for Http2Codec 2017-05-05 09:32:46 -07:00
codec-memcache [maven-release-plugin] prepare for next development iteration 2017-04-29 14:10:00 +02:00
codec-mqtt [maven-release-plugin] prepare for next development iteration 2017-04-29 14:10:00 +02:00
codec-redis [maven-release-plugin] prepare for next development iteration 2017-04-29 14:10:00 +02:00
codec-smtp [maven-release-plugin] prepare for next development iteration 2017-04-29 14:10:00 +02:00
codec-socks [maven-release-plugin] prepare for next development iteration 2017-04-29 14:10:00 +02:00
codec-stomp [maven-release-plugin] prepare for next development iteration 2017-04-29 14:10:00 +02:00
codec-xml [maven-release-plugin] prepare for next development iteration 2017-04-29 14:10:00 +02:00
common Use simple volatile read for SingleThreadEventExecutor#state instead of UNSAFE(AtomicIntegerFieldUpdater#get), CAS operation still to use AtomicIntegerFieldUpdater 2017-05-08 19:36:19 +02:00
dev-tools [maven-release-plugin] prepare for next development iteration 2017-04-29 14:10:00 +02:00
example Supply a builder for Http2Codec 2017-05-05 09:32:46 -07:00
handler OpenSslEngine wrap may generate bad data if multiple src buffers 2017-05-08 14:43:36 -07:00
handler-proxy [maven-release-plugin] prepare for next development iteration 2017-04-29 14:10:00 +02:00
license Remove reference to akka code and ArrayDeque which is not part of netty anymore 2017-03-07 21:30:51 +01:00
microbench New native transport for kqueue 2017-05-03 09:53:22 -07:00
resolver [maven-release-plugin] prepare for next development iteration 2017-04-29 14:10:00 +02:00
resolver-dns Make DnsNameResolverTest pass on Java7 2017-05-05 09:27:08 -07:00
tarball New native transport for kqueue 2017-05-03 09:53:22 -07:00
testsuite New native transport for kqueue 2017-05-03 09:53:22 -07:00
testsuite-autobahn [maven-release-plugin] prepare for next development iteration 2017-04-29 14:10:00 +02:00
testsuite-osgi [maven-release-plugin] prepare for next development iteration 2017-04-29 14:10:00 +02:00
transport New native transport for kqueue 2017-05-03 09:53:22 -07:00
transport-native-epoll New native transport for kqueue 2017-05-03 09:53:22 -07:00
transport-native-kqueue New native transport for kqueue 2017-05-03 09:53:22 -07:00
transport-native-unix-common New native transport for kqueue 2017-05-03 09:53:22 -07:00
transport-native-unix-common-tests New native transport for kqueue 2017-05-03 09:53:22 -07:00
transport-rxtx [maven-release-plugin] prepare for next development iteration 2017-04-29 14:10:00 +02:00
transport-sctp [maven-release-plugin] prepare for next development iteration 2017-04-29 14:10:00 +02:00
transport-udt [maven-release-plugin] prepare for next development iteration 2017-04-29 14:10:00 +02:00
.fbprefs Updated Find Bugs configuration 2009-03-04 10:33:09 +00:00
.gitignore Use shaded dependency on JCTools instead of copy and paste 2016-06-10 13:19:45 +02:00
.travis.yml Travis CI branch whitelisting 2013-03-11 09:55:43 +09:00
CONTRIBUTING.md Move the pull request guide to the developer guide 2014-03-12 13:13:58 +09:00
LICENSE.txt Relicensed to Apache License v2 2009-08-28 07:15:49 +00:00
NOTICE.txt Remove reference to akka code and ArrayDeque which is not part of netty anymore 2017-03-07 21:30:51 +01:00
pom.xml Ensure Netty is usable on Java7 2017-05-04 14:10:53 -07:00
README.md Updating Branches to look section to match the current branching structure of the project 2016-03-10 22:08:01 +01:00
run-example.sh Add UptimeServer and adjust UptimeClient's code style. 2017-04-28 07:41:07 +02:00

Netty Project

Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients.

How to build

For the detailed information about building and developing Netty, please visit the developer guide. This page only gives very basic information.

You require the following to build Netty:

Note that this is build-time requirement. JDK 5 (for 3.x) or 6 (for 4.0+) is enough to run your Netty-based application.

Branches to look

Development of all versions takes place in each branch whose name is identical to <majorVersion>.<minorVersion>. For example, the development of 3.9 and 4.0 resides in the branch '3.9' and the branch '4.0' respectively.