jetty.project/jetty-io
Simone Bordet fc6ea06106 Fixes #346614 (HttpConnection.handle() spins in case of SSL truncation attacks).
SslSelectChannelEndPoint has been modified to not override shutdownInput() (so behavior is that of the base class, like it should), and when it detects a remote close, it calls SSLEngine.closeInbound(), which throws in case of a truncation attack. The exception is handled and the endpoint closed.

git-svn-id: svn+ssh://dev.eclipse.org/svnroot/rt/org.eclipse.jetty/jetty/trunk@3224 7e9141cc-0065-0410-87d8-b60c137991c4
2011-05-20 12:52:13 +00:00
..
src Fixes #346614 (HttpConnection.handle() spins in case of SSL truncation attacks). 2011-05-20 12:52:13 +00:00
pom.xml [maven-release-plugin] prepare for next development iteration 2011-05-17 19:57:00 +00:00