[prev in list] [next in list] [prev in thread] [next in thread]
List: mina-commits
Subject: svn commit: r561232 - in /mina:
From: trustin () apache ! org
Date: 2007-07-31 5:19:40
Message-ID: 20070731051940.E3DCE1A981A () eris ! apache ! org
[Download RAW message or body]
Author: trustin
Date: Mon Jul 30 22:19:37 2007
New Revision: 561232
URL: http://svn.apache.org/viewvc?view=rev&rev=561232
Log:
Fixed a problem that SESSION_SECURED is fired on renegotiation.
Modified:
mina/branches/1.0/filter-ssl/src/main/java/org/apache/mina/filter/support/SSLHandler.java
mina/branches/1.1/filter-ssl/src/main/java/org/apache/mina/filter/support/SSLHandler.java
mina/trunk/core/src/main/java/org/apache/mina/filter/ssl/SSLHandler.java
Modified: mina/branches/1.0/filter-ssl/src/main/java/org/apache/mina/filter/support/SSLHandler.java
URL: http://svn.apache.org/viewvc/mina/branches/1.0/filter-ssl/src/main/java/org/apache/mina/filter/support/SSLHandler.java?view=diff&rev=561232&r1=561231&r2=561232
==============================================================================
--- mina/branches/1.0/filter-ssl/src/main/java/org/apache/mina/filter/support/SSLHandler.java \
(original)
+++ mina/branches/1.0/filter-ssl/src/main/java/org/apache/mina/filter/support/SSLHandler.java \
Mon Jul 30 22:19:37 2007 @@ -91,8 +91,10 @@
*/
private SSLEngineResult.HandshakeStatus handshakeStatus;
+ private boolean initialHandshakeComplete;
+
/**
- * Initial handshake complete?
+ * Handshake complete?
*/
private boolean handshakeComplete;
@@ -139,6 +141,7 @@
sslEngine.beginHandshake();
handshakeStatus = \
sslEngine.getHandshakeStatus();//SSLEngineResult.HandshakeStatus.NEED_UNWRAP; \
handshakeComplete = false; + initialHandshakeComplete = false;
SSLByteBufferPool.initiate(sslEngine);
@@ -183,7 +186,6 @@
SSLByteBufferPool.release(inNetBuffer);
SSLByteBufferPool.release(outNetBuffer);
preHandshakeEventQueue.clear();
- //postHandshakeEventQueue.clear();
}
public SSLFilter getParent() {
@@ -470,7 +472,11 @@
+ sslSession.getCipherSuite());
}
handshakeComplete = true;
- if (session.containsAttribute(SSLFilter.USE_NOTIFICATION)) {
+ if (!initialHandshakeComplete
+ && session.containsAttribute(SSLFilter.USE_NOTIFICATION)) {
+ // SESSION_SECURED is fired only when it's the first handshake.
+ // (i.e. renegotiation shouldn't trigger SESSION_SECURED.)
+ initialHandshakeComplete = true;
scheduleMessageReceived(nextFilter,
SSLFilter.SESSION_SECURED);
}
Modified: mina/branches/1.1/filter-ssl/src/main/java/org/apache/mina/filter/support/SSLHandler.java
URL: http://svn.apache.org/viewvc/mina/branches/1.1/filter-ssl/src/main/java/org/apache/mina/filter/support/SSLHandler.java?view=diff&rev=561232&r1=561231&r2=561232
==============================================================================
--- mina/branches/1.1/filter-ssl/src/main/java/org/apache/mina/filter/support/SSLHandler.java \
(original)
+++ mina/branches/1.1/filter-ssl/src/main/java/org/apache/mina/filter/support/SSLHandler.java \
Mon Jul 30 22:19:37 2007 @@ -90,8 +90,10 @@
*/
private SSLEngineResult.HandshakeStatus handshakeStatus;
+ private boolean initialHandshakeComplete;
+
/**
- * Initial handshake complete?
+ * Handshake complete?
*/
private boolean handshakeComplete;
@@ -138,6 +140,7 @@
sslEngine.beginHandshake();
handshakeStatus = \
sslEngine.getHandshakeStatus();//SSLEngineResult.HandshakeStatus.NEED_UNWRAP; \
handshakeComplete = false; + initialHandshakeComplete = false;
SSLByteBufferPool.initiate(sslEngine);
@@ -182,7 +185,6 @@
SSLByteBufferPool.release(inNetBuffer);
SSLByteBufferPool.release(outNetBuffer);
preHandshakeEventQueue.clear();
- //postHandshakeEventQueue.clear();
}
public SSLFilter getParent() {
@@ -467,7 +469,11 @@
+ sslSession.getCipherSuite());
}
handshakeComplete = true;
- if (session.containsAttribute(SSLFilter.USE_NOTIFICATION)) {
+ if (!initialHandshakeComplete
+ && session.containsAttribute(SSLFilter.USE_NOTIFICATION)) {
+ // SESSION_SECURED is fired only when it's the first handshake.
+ // (i.e. renegotiation shouldn't trigger SESSION_SECURED.)
+ initialHandshakeComplete = true;
scheduleMessageReceived(nextFilter,
SSLFilter.SESSION_SECURED);
}
Modified: mina/trunk/core/src/main/java/org/apache/mina/filter/ssl/SSLHandler.java
URL: http://svn.apache.org/viewvc/mina/trunk/core/src/main/java/org/apache/mina/filter/ssl/SSLHandler.java?view=diff&rev=561232&r1=561231&r2=561232
==============================================================================
--- mina/trunk/core/src/main/java/org/apache/mina/filter/ssl/SSLHandler.java \
(original)
+++ mina/trunk/core/src/main/java/org/apache/mina/filter/ssl/SSLHandler.java Mon Jul \
30 22:19:37 2007 @@ -93,8 +93,10 @@
*/
private SSLEngineResult.HandshakeStatus handshakeStatus;
+ private boolean initialHandshakeComplete;
+
/**
- * Initial handshake complete?
+ * Handshake complete?
*/
private boolean handshakeComplete;
@@ -147,6 +149,7 @@
sslEngine.beginHandshake();
handshakeStatus = \
sslEngine.getHandshakeStatus();//SSLEngineResult.HandshakeStatus.NEED_UNWRAP; \
handshakeComplete = false; + initialHandshakeComplete = false;
SSLByteBufferUtil.initiate(sslEngine);
@@ -188,7 +191,6 @@
sslEngine = null;
preHandshakeEventQueue.clear();
- //postHandshakeEventQueue.clear();
}
public SSLFilter getParent() {
@@ -473,7 +475,11 @@
+ sslSession.getCipherSuite());
}
handshakeComplete = true;
- if (session.containsAttribute(SSLFilter.USE_NOTIFICATION)) {
+ if (!initialHandshakeComplete
+ && session.containsAttribute(SSLFilter.USE_NOTIFICATION)) {
+ // SESSION_SECURED is fired only when it's the first handshake.
+ // (i.e. renegotiation shouldn't trigger SESSION_SECURED.)
+ initialHandshakeComplete = true;
scheduleMessageReceived(nextFilter,
SSLFilter.SESSION_SECURED);
}
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic