Uploaded image for project: 'XNIO'
  1. XNIO
  2. XNIO-338

Avoid infinite loop in JsseSslConduitEngine#handleHandshake when the SSLEngineResult.HandshakeStatus is NEED_WRAP and the SSLEngineResult.Status is CLOSED

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • Major
    • 3.7.1.Final
    • None
    • api
    • None

    Description

      Due to the new half-close policy in TLS 1.3, an infinite loop can occur in JsseSslConduitEngine#handleHandshake when the SSLEngineResult.HandshakeStatus is NEED_WRAP and the SSLEngineResult.Status is CLOSED. In particular, after this state is reached, the SSLEngineResult.HandshakeStatus will always be NEED_WRAP and the SSLEngineResult.Status will always be OK and so the for loop will never terminate.

      Attachments

        Issue Links

          blocks

          Feature Request - Feature requests from customers and/or users WFCORE-4172 Add support for TLS 1.3

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed

          Activity

            People

              fjuma1@redhat.com Farah Juma
              fjuma1@redhat.com Farah Juma
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: