Skip to content

Commit

Permalink
Fixes #6072 - jetty server high CPU when client send data length > 17…
Browse files Browse the repository at this point in the history 
…408.

Updates after review.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
  • Loading branch information
@sbordet
sbordet committed Mar 22, 2021
1 parent 5925b48 commit 040124b
Showing 1 changed file with 6 additions and 7 deletions.
13 changes: 6 additions & 7 deletions jetty-io/src/main/java/org/eclipse/jetty/io/ssl/SslConnection.java
View file
Expand Up @@ -712,13 +712,15 @@ public int fill(ByteBuffer buffer) throws IOException
return filled = -1;

case BUFFER_UNDERFLOW:
if (netFilled > 0)
if (BufferUtil.space(_encryptedInput) == 0)
{
if (BufferUtil.space(_encryptedInput) > 0)
continue; // try filling some more
BufferUtil.clear(_encryptedInput);
throw new SSLHandshakeException("Encrypted buffer max length exceeded");
}

if (netFilled > 0)
continue; // try filling some more

_underflown = true;
if (netFilled < 0 && _sslEngine.getUseClientMode())
{
Expand Down Expand Up @@ -1423,9 +1425,7 @@ private boolean isRenegotiating()
return false;
if (isTLS13())
return false;
if (_sslEngine.getHandshakeStatus() == HandshakeStatus.NOT_HANDSHAKING)
return false;
return true;
return _sslEngine.getHandshakeStatus() != HandshakeStatus.NOT_HANDSHAKING;
}

private boolean allowRenegotiate()
Expand Down Expand Up @@ -1559,6 +1559,5 @@ public String toString()
return String.format("SSL@%h.DEP.writeCallback", SslConnection.this);
}
}

}
}

0 comments on commit 040124b

Please sign in to comment.