netty5

History

Scott Mitchell 9e2c400f89 OpenSslEngine writePlaintextData WANT_READ with no data in BIO buffer Motivation: CVE-2016-4970 OpenSslEngine.wrap calls SSL_write which may return SSL_ERROR_WANT_READ, and if in this condition there is nothing to read from the BIO the OpenSslEngine and SslHandler will enter an infinite loop. Modifications: - Use the error code provided by OpenSSL and go back to the EventLoop selector to detect if the socket is closed Result: OpenSslEngine correctly handles the return codes from OpenSSL and does not enter an infinite loop.	2016-06-07 08:59:13 -07:00
..
src	OpenSslEngine writePlaintextData WANT_READ with no data in BIO buffer	2016-06-07 08:59:13 -07:00
pom.xml	[maven-release-plugin] prepare for next development iteration	2016-05-25 19:16:44 +02:00

Scott Mitchell 9e2c400f89 OpenSslEngine writePlaintextData WANT_READ with no data in BIO buffer

Motivation:
CVE-2016-4970

OpenSslEngine.wrap calls SSL_write which may return SSL_ERROR_WANT_READ, and if in this condition there is nothing to read from the BIO the OpenSslEngine and SslHandler will enter an infinite loop.

Modifications:
- Use the error code provided by OpenSSL and go back to the EventLoop selector to detect if the socket is closed

Result:
OpenSslEngine correctly handles the return codes from OpenSSL and does not enter an infinite loop.

2016-06-07 08:59:13 -07:00

src

OpenSslEngine writePlaintextData WANT_READ with no data in BIO buffer

2016-06-07 08:59:13 -07:00

pom.xml

[maven-release-plugin] prepare for next development iteration

2016-05-25 19:16:44 +02:00