From 09f39d78211952a2b5031485f70784ab5e0a38ed Mon Sep 17 00:00:00 2001 From: Greg Wilkins Date: Tue, 23 Mar 2021 09:48:12 +1100 Subject: [PATCH] Fix #6082 Reduce SSL buffer compaction Only compact when buffer is underflown. Note that BufferUtil will also do a cheap "compact" when flipping empty buffers. Signed-off-by: Greg Wilkins --- .../java/org/eclipse/jetty/io/ssl/SslConnection.java | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/jetty-io/src/main/java/org/eclipse/jetty/io/ssl/SslConnection.java b/jetty-io/src/main/java/org/eclipse/jetty/io/ssl/SslConnection.java index f85c5f788ea9..77a708884c50 100644 --- a/jetty-io/src/main/java/org/eclipse/jetty/io/ssl/SslConnection.java +++ b/jetty-io/src/main/java/org/eclipse/jetty/io/ssl/SslConnection.java @@ -654,7 +654,6 @@ public int fill(ByteBuffer buffer) throws IOException else { appIn = _decryptedInput; - BufferUtil.compact(_encryptedInput); } // Let's try reading some encrypted data... even if we have some already. @@ -712,12 +711,21 @@ public int fill(ByteBuffer buffer) throws IOException return filled = -1; case BUFFER_UNDERFLOW: + // Can we compact? + if (_encryptedInput.position() != 0) + { + BufferUtil.compact(_encryptedInput); + continue; + } + + // Are we out of space? if (BufferUtil.space(_encryptedInput) == 0) { BufferUtil.clear(_encryptedInput); throw new SSLHandshakeException("Encrypted buffer max length exceeded"); } + // if we just filled some if (netFilled > 0) continue; // try filling some more