jetty.project

History

Simone Bordet fc6ea06106 Fixes #346614 (HttpConnection.handle() spins in case of SSL truncation attacks). SslSelectChannelEndPoint has been modified to not override shutdownInput() (so behavior is that of the base class, like it should), and when it detects a remote close, it calls SSLEngine.closeInbound(), which throws in case of a truncation attack. The exception is handled and the endpoint closed. git-svn-id: svn+ssh://dev.eclipse.org/svnroot/rt/org.eclipse.jetty/jetty/trunk@3224 7e9141cc-0065-0410-87d8-b60c137991c4	2011-05-20 12:52:13 +00:00
..
src	Fixes #346614 (HttpConnection.handle() spins in case of SSL truncation attacks).	2011-05-20 12:52:13 +00:00
pom.xml	[maven-release-plugin] prepare for next development iteration	2011-05-17 19:57:00 +00:00

Simone Bordet fc6ea06106 Fixes #346614 (HttpConnection.handle() spins in case of SSL truncation attacks).

SslSelectChannelEndPoint has been modified to not override shutdownInput() (so behavior is that of the base class, like it should), and when it detects a remote close, it calls SSLEngine.closeInbound(), which throws in case of a truncation attack. The exception is handled and the endpoint closed.

git-svn-id: svn+ssh://dev.eclipse.org/svnroot/rt/org.eclipse.jetty/jetty/trunk@3224 7e9141cc-0065-0410-87d8-b60c137991c4

2011-05-20 12:52:13 +00:00

src

Fixes #346614 (HttpConnection.handle() spins in case of SSL truncation attacks).

2011-05-20 12:52:13 +00:00

pom.xml

[maven-release-plugin] prepare for next development iteration

2011-05-17 19:57:00 +00:00