Uploaded image for project: 'XNIO'
  1. XNIO
  2. XNIO-327

Increase bufferSize for org.xnio.ssl.JsseXnioSsl.bufferPool to avoid issues with the socket buffer being too small when the BouncyCastle JSSE provider is used

    Details

      Description

      When attempting to connect to WildFly via the CLI with the remote+https protocol when using the BouncyCastle JSSE provider, a ConnectException occurs (see ELY-1624). It turns out that the underlying issue occurs in the org.xnio.ssl.JsseSslConduitEngine constructor:

      JsseSslConduitEngine(final JsseSslStreamConnection connection, final StreamSinkConduit sinkConduit, final StreamSourceConduit sourceConduit, final SSLEngine engine, final Pool<ByteBuffer> socketBufferPool, final Pool<ByteBuffer> applicationBufferPool) {
      ...
          if (receiveBuffer.getResource().capacity() < packetBufferSize || sendBuffer.getResource().capacity() < packetBufferSize) {
              throw msg.socketBufferTooSmall();
          }
      ...
      }
      

      In particular, when using the BC JSSE provider, SSLSession.getPacketBufferSize() returns a larger value (20491) than when using the Sun JSSE provider (16921). The values of receiveBuffer and sendBuffer above are set using the org.xnio.ssl.JsseXnioSsl.bufferPool variable which sets the bufferSize to 17408. Since this value is greater than SSLSession.getPacketBufferSize() when the Sun JSSE provider is used, no exception occurs. However, since 17408 < 20491, an IllegalArgumentException occurs when the BC JSSE provider is used.

      If we increase the bufferSize that gets set by org.xnio.ssl.JsseXnioSsl.bufferPool, the above code executes successfully and it is possible to successfully connect to WildFly via the CLI using the remote+https protocol when the BC JSSE provider is used.

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  fjuma Farah Juma
                  Reporter:
                  fjuma Farah Juma
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  3 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: