[
https://issues.apache.org/jira/browse/DIRMINA-580?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12596190#action_12596190
]
janardhanan vembunarayanan commented on DIRMINA-580:
----------------------------------------------------
The better way to fix this issue is having the following code in the
handshake() after the for(;;) I am setting the handshakeComplete = true if the
handshake status is FINISHED.
The code is given below.
What is actually happening is this
1. Client has sent packet 1 and handshake is not completed
2. Client sent packet 2 and handshake status is FINISHED and since in the
unwrapHandshake method res = unwrap0() is called for the second
time and which pushes the state to NOT_HANDSHAKING and BUFFER_UNDERFLOW
3. Client sent packet 3 and it gets into the handshake() for(;;) it sets the
handshakeComplete = true and does nothting.
Had the client sent one more packet then you would not have any issue. But we
cannot assume a client to send one more packet after handshakeComplete = true
and I am taking care of this outside the for loop
public void handshake(NextFilter nextFilter) throws SSLException {
for (;;) {
...
}
if(handshakeStatus == SSLEngineResult.HandshakeStatus.FINISHED &&
!handshakeComplete){
handshakeComplete = true;
if (!initialHandshakeComplete
&& session.containsAttribute(SSLFilter.USE_NOTIFICATION)) {
// SESSION_SECURED is fired only when it's the
first handshake.
// (i.e. renegotiation shouldn't trigger
SESSION_SECURED.)
initialHandshakeComplete = true;
scheduleMessageReceived(nextFilter,
SSLFilter.SESSION_SECURED);
}
}
}
> Session Idle times out when SSL is enabled
> ------------------------------------------
>
> Key: DIRMINA-580
> URL: https://issues.apache.org/jira/browse/DIRMINA-580
> Project: MINA
> Issue Type: Bug
> Components: Filter
> Affects Versions: 1.0.9
> Environment: Sun Solaris
> Reporter: janardhanan vembunarayanan
> Priority: Blocker
> Attachments: session82.txt
>
>
> I have developed an HTTP Routing server using Mina 1.0.9 and I am using
> SSLFilter for handling SSL Connections.
> 1. Using Jmeter as the client I am sending HTTPS requests to this server with
> 5 threads.
> 2. For some of the requests(10%) the sessionCreated method on the Handler is
> getting called and the data from the client is not read by the server.
> 3. sessionIdle() gets triggered and we close the connection.
> This happens for the ssl connections only and when the server is trying to
> resume the cached session.
> I enabled ssl debug using -Djavax.net.debug=all on the server and I got the
> following logs for the failed sessions
> 0240: EB 3E 28 AD 97 20 36 B7 C0 35 4E 3E 80 71 88 99 %% Created:
> [Session-17, SSL_RSA_WITH_RC4_128_MD5]
> 9uTWV0aG961 58 4Dk%% Cached server session: [Session-17,
> SSL_RSA_WITH_RC4_128_MD5]
> 10 7A 0F 37 59C 66 D3 18 2A 2B 3144 1F 5 D9 16A EB 1 1F%% Resuming
> [Session-17, SSL_RSA_WITH_RC4_128_MD5]
> org.apache.mina.filter.SSLFilter.SSLSession=[Session-17,
> SSL_RSA_WITH_RC4_128_MD5]
> %% Invalidated: [Session-17, SSL_RSA_WITH_RC4_128_MD5]
> Any ideas why this could happen?
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
