From 7cb885d39d1bda97e32574c9d65a494c3fcbf4b8 Mon Sep 17 00:00:00 2001
From: boli <boli@localhost>
Date: Wed, 29 Jul 2009 22:19:52 +0000
Subject: [PATCH] Fix for issue 4156. 

---
 opends/src/server/org/opends/server/extensions/TLSByteChannel.java           |   13 ++++++++-----
 opends/src/server/org/opends/server/protocols/ldap/LDAPClientConnection.java |    4 ++--
 2 files changed, 10 insertions(+), 7 deletions(-)

diff --git a/opends/src/server/org/opends/server/extensions/TLSByteChannel.java b/opends/src/server/org/opends/server/extensions/TLSByteChannel.java
index 4437367..d0283eb 100644
--- a/opends/src/server/org/opends/server/extensions/TLSByteChannel.java
+++ b/opends/src/server/org/opends/server/extensions/TLSByteChannel.java
@@ -35,11 +35,8 @@
 import java.util.LinkedHashMap;
 import java.util.Map;
 import java.util.Set;
-import javax.net.ssl.SSLContext;
-import javax.net.ssl.SSLEngine;
-import javax.net.ssl.SSLEngineResult;
-import javax.net.ssl.SSLPeerUnverifiedException;
-import javax.net.ssl.SSLSession;
+import javax.net.ssl.*;
+
 import org.opends.server.admin.std.server.LDAPConnectionHandlerCfg;
 import org.opends.server.api.ClientConnection;
 import org.opends.server.loggers.debug.DebugTracer;
@@ -359,6 +356,12 @@
             netData.clear();
             SSLEngineResult res = sslEngine.wrap(clearData, netData);
             netData.flip();
+            if(netData.remaining() == 0)
+            {
+              // wrap didn't produce any data from our clear buffer.
+              // Throw exception to prevent looping.
+              throw new SSLException("SSLEngine.wrap produced 0 bytes");
+            }
             if(res.getStatus() != SSLEngineResult.Status.OK)
                 throw new ClosedChannelException();
             if (hsStatus == SSLEngineResult.HandshakeStatus.NEED_TASK ||
diff --git a/opends/src/server/org/opends/server/protocols/ldap/LDAPClientConnection.java b/opends/src/server/org/opends/server/protocols/ldap/LDAPClientConnection.java
index e28d51a..b73b946 100644
--- a/opends/src/server/org/opends/server/protocols/ldap/LDAPClientConnection.java
+++ b/opends/src/server/org/opends/server/protocols/ldap/LDAPClientConnection.java
@@ -845,7 +845,7 @@
       }
 
       // FIXME -- Log a message or something
-      disconnect(DisconnectReason.SERVER_ERROR, true, null);
+      disconnect(DisconnectReason.SERVER_ERROR, false, null);
       return;
     }
   }
@@ -1469,7 +1469,7 @@
         Message m =
             ERR_LDAP_CLIENT_DECODE_LDAP_MESSAGE_FAILED.get(String
                 .valueOf(e));
-        disconnect(DisconnectReason.PROTOCOL_ERROR, true, m);
+        disconnect(DisconnectReason.PROTOCOL_ERROR, false, m);
         return false;
       }
     }

--
Gitblit v1.10.0