Some more insight:
When a exception is thrown while processing a task, the SslEngine do
close the InputBound (normal). The probelm now that we can't really call
the receive_loop() again to send back the Alert, because tghis method
first check the InputBoud status:
protected void receive_
Hi Jonathan,
we need to close the connection, but the error alert should be sent
before that. Actually, that should inform the remote peer that there was
some problem.
What I don't k now ATM is what happens when the SSLEngine fail at some
task. We should check the HS status, and I guess it w
If we close the ssl instantly then that’s a point of DDOS. Relying on the
idleness timers is important for handling connections in a bad state like
this example. What’s the exception that unit test is supposed to cause?
On Thu, Feb 24, 2022 at 4:56 PM Emmanuel Lécharny
wrote:
> So the idea is f
So the idea is first to loop on a NEED_TASK because we may need to send
the alert before closing the connection (but I need to triple check
that, it's a bit late here, and the day was a bit tough on my brain with
all the bad news...)
On 24/02/2022 19:18, Emmanuel Lécharny wrote:
On 24/02/20
On 24/02/2022 17:21, Jonathan Valliere wrote:
If we were to elevate this error in another way like an error handler
then what would you do? Close the session?
Actually, yes, we should send a Error alert (see
https://datatracker.ietf.org/doc/html/rfc8446#section-6, par. 6.2) and
close the s
If we were to elevate this error in another way like an error handler then
what would you do? Close the session?
On Thu, Feb 24, 2022 at 10:35 AM Emmanuel Lécharny
wrote:
> Understood, but here if a task fails, I'm not sure the exception will be
> handled at all. In the case of a handshake, noth
Understood, but here if a task fails, I'm not sure the exception will be
handled at all. In the case of a handshake, nothing will be written back
to the remote client, AFAICT, so the connection will remain pending forever.
On 24/02/2022 14:23, Jonathan Valliere wrote:
The reason I did this was
