diff options
Diffstat (limited to 'jrt')
| -rw-r--r-- | jrt/src/com/yahoo/jrt/TlsCryptoSocket.java | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/jrt/src/com/yahoo/jrt/TlsCryptoSocket.java b/jrt/src/com/yahoo/jrt/TlsCryptoSocket.java index 6bc70ca12f0..08c9d1138dd 100644 --- a/jrt/src/com/yahoo/jrt/TlsCryptoSocket.java +++ b/jrt/src/com/yahoo/jrt/TlsCryptoSocket.java @@ -52,8 +52,8 @@ public class TlsCryptoSocket implements CryptoSocket { this.channel = channel; this.sslEngine = sslEngine; SSLSession nullSession = sslEngine.getSession(); - this.wrapBuffer = new Buffer(nullSession.getPacketBufferSize() * 2); - this.unwrapBuffer = new Buffer(nullSession.getPacketBufferSize() * 2); + this.wrapBuffer = new Buffer(Math.max(0x10000, nullSession.getPacketBufferSize() * 2)); + this.unwrapBuffer = new Buffer(Math.max(0x10000, nullSession.getPacketBufferSize() * 2)); // Note: Dummy buffer as unwrap requires a full size application buffer even though no application data is unwrapped this.handshakeDummyBuffer = ByteBuffer.allocate(nullSession.getApplicationBufferSize()); this.handshakeState = HandshakeState.NOT_STARTED; @@ -239,6 +239,8 @@ public class TlsCryptoSocket implements CryptoSocket { case OK: return true; case BUFFER_OVERFLOW: + // This is to ensure we have large enough buffer during handshake phase too. + sessionPacketBufferSize = sslEngine.getSession().getPacketBufferSize(); return false; default: throw unexpectedStatusException(result.getStatus()); |