From da9c5fcae20a8440ac26cff5c10f155d114ffd6d Mon Sep 17 00:00:00 2001
From: Simone Bordet <simone.bordet@gmail.com>
Date: Mon, 6 Aug 2018 12:41:44 +0200
Subject: [PATCH] Fixes #2777 - Workaround for Conscrypt's ssl == null.

Isolated SSLEngine method calls and wrapped them into try/catch
blocks to ignore the NullPointerException thrown by Conscrypt.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
---
 .../eclipse/jetty/io/ssl/SslConnection.java   | 48 +++++++++++++++++--
 1 file changed, 43 insertions(+), 5 deletions(-)

diff --git a/jetty-io/src/main/java/org/eclipse/jetty/io/ssl/SslConnection.java b/jetty-io/src/main/java/org/eclipse/jetty/io/ssl/SslConnection.java
index c82d6e37a8c..9cb3cf94bda 100644
--- a/jetty-io/src/main/java/org/eclipse/jetty/io/ssl/SslConnection.java
+++ b/jetty-io/src/main/java/org/eclipse/jetty/io/ssl/SslConnection.java
@@ -705,7 +705,19 @@ public class SslConnection extends AbstractConnection
             {
                 _sslEngine.closeInbound();
             }
-            catch (SSLException x)
+            catch (Throwable x)
+            {
+                LOG.ignore(x);
+            }
+        }
+
+        private void closeOutbound()
+        {
+            try
+            {
+                _sslEngine.closeOutbound();
+            }
+            catch (Throwable x)
             {
                 LOG.ignore(x);
             }
@@ -728,7 +740,7 @@ public class SslConnection extends AbstractConnection
             {
                 if (_cannotAcceptMoreAppDataToFlush)
                 {
-                    if (_sslEngine.isOutboundDone())
+                    if (isOutboundDone())
                         throw new EofException(new ClosedChannelException());
                     return false;
                 }
@@ -897,7 +909,7 @@ public class SslConnection extends AbstractConnection
             {
                 try
                 {
-                    _sslEngine.closeOutbound();
+                    closeOutbound();
                     flush(BufferUtil.EMPTY_BUFFER); // Send close handshake
                     SslConnection.this.fillInterested(); // seek reply FIN or RST or close handshake
                 }
@@ -912,7 +924,7 @@ public class SslConnection extends AbstractConnection
         @Override
         public boolean isOutputShutdown()
         {
-            return _sslEngine.isOutboundDone() || getEndPoint().isOutputShutdown();
+            return isOutboundDone() || getEndPoint().isOutputShutdown();
         }
 
         @Override
@@ -939,7 +951,33 @@ public class SslConnection extends AbstractConnection
         @Override
         public boolean isInputShutdown()
         {
-            return _sslEngine.isInboundDone();
+            return isInboundDone();
+        }
+
+        private boolean isOutboundDone()
+        {
+            try
+            {
+                return _sslEngine.isOutboundDone();
+            }
+            catch (Throwable x)
+            {
+                LOG.ignore(x);
+                return true;
+            }
+        }
+
+        private boolean isInboundDone()
+        {
+            try
+            {
+                return _sslEngine.isInboundDone();
+            }
+            catch (Throwable x)
+            {
+                LOG.ignore(x);
+                return true;
+            }
         }
 
         @Override