SSL handshake failure causes deadlock
-------------------------------------
Key: FTPSERVER-91
URL: https://issues.apache.org/jira/browse/FTPSERVER-91
Project: FtpServer
Issue Type: Bug
Components: Core
Affects Versions: 1.0-M2
Reporter: Steve Jones
When using the Mina listener with SSL the ftp server can "deadlock" when the
SSL handshake fails.
This is easily reproducible by connecting to an implicit SSL FTPS server using
a non SSL FTP client.
Each connection attempt will permanently utilize a server connection until the
server is restarted.
The issue is that until the SSL handshake is completed all FTP responses are
buffered. This is a problem since the "MinaFtpResponseOutput" class blocks
until the response is actually written to the client (which it never is).
The "CLOSE" connection event is never processed since the worker "thread" is
blocked waiting for the handshake to complete and the initial response to be
written.
Modifying the "MinaFtpResponseOutput" class as shown below appears to fix the
issue, but I'm not sure if changing this to non-blocking will cause other
issues. An alternative approach may be to timeout the SSL handshake after a few
seconds (e.g. using join(5000))
--- core/src/java/org/apache/ftpserver/listener/mina/MinaFtpResponseOutput.java
(revision 543677)
+++ core/src/java/org/apache/ftpserver/listener/mina/MinaFtpResponseOutput.java
(working copy)
@@ -40,7 +40,7 @@
}
public void write(FtpReply response) throws IOException {
- session.write(response).join();
+ session.write(response);
}
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
