Skip to content

Commit

Permalink
[fix] jruby hang with TLS due not executing task
Browse files Browse the repository at this point in the history 
basically the use of Java SSL API was incorrect ...

and reproduced when verification is enabled - the engine needs
to execute a task but the handling code was not reached
  • Loading branch information
@kares
kares committed May 31, 2022
1 parent acfc085 commit d1731a5
Showing 1 changed file with 10 additions and 12 deletions.
22 changes: 10 additions & 12 deletions ext/puma_http11/org/jruby/puma/MiniSSL.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -355,14 +355,6 @@ private SSLEngineResult doOp(SSLOperation sslOp, MiniSSLBuffer src, MiniSSLBuffe
}
}

// after each op, run any delegated tasks if needed
if(res.getHandshakeStatus() == HandshakeStatus.NEED_TASK) {
Runnable runnable;
while ((runnable = engine.getDelegatedTask()) != null) {
runnable.run();
}
}

return res;
}

Expand All @@ -380,25 +372,31 @@ public IRubyObject read() {

HandshakeStatus handshakeStatus = engine.getHandshakeStatus();
boolean done = false;
SSLEngineResult res = null;
while (!done) {
SSLEngineResult res;
switch (handshakeStatus) {
case NEED_WRAP:
res = doOp(SSLOperation.WRAP, inboundAppData, outboundNetData);
handshakeStatus = res.getHandshakeStatus();
break;
case NEED_UNWRAP:
res = doOp(SSLOperation.UNWRAP, inboundNetData, inboundAppData);
if (res.getStatus() == Status.BUFFER_UNDERFLOW) {
// need more data before we can shake more hands
done = true;
}
handshakeStatus = res.getHandshakeStatus();
break;
case NEED_TASK:
Runnable runnable;
while ((runnable = engine.getDelegatedTask()) != null) {
runnable.run();
}
handshakeStatus = engine.getHandshakeStatus();
break;
default:
done = true;
}
if (!done) {
handshakeStatus = res.getHandshakeStatus();
}
}

if (inboundNetData.hasRemaining()) {
Expand Down

0 comments on commit d1731a5

Please sign in to comment.