Andrea Cosentino created CAMEL-23259:
----------------------------------------
Summary: Camel-netty: Close channel on SSL/TLS handshake failure
Key: CAMEL-23259
URL: https://issues.apache.org/jira/browse/CAMEL-23259
Project: Camel
Issue Type: Improvement
Reporter: Andrea Cosentino
Assignee: Andrea Cosentino
Multiple TODO comments in camel-netty and camel-netty-http indicate that SSL
exceptions are not properly handled in the channel pipeline initializer
factories. The commented-out code references
SslHandler.setCloseOnSSLException(true), an API that was removed when migrating
from Netty 3.x to 4.x. Without this, failed SSL connections may remain open — a
security concern.
This fix introduces a SslHandshakeFailureHandler that listens for Netty 4.x
SslHandshakeCompletionEvent user events and closes the channel on handshake
failure. The handler is added to the pipeline immediately after the SslHandler
in all four initializer factories.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
