HTTPCORE-782: non-blocking TLS session can end up in an endless loop in case of a protocol negotiation

Author: ok2c

httpcore5/src/main/java/org/apache/hc/core5/reactor/ssl/SSLIOSession.java

@@ -620,10 +620,11 @@ private void decryptData(final IOSession protocolSession) throws IOException {
                                 inPlainBuf.clear();
                             }
                         }
-                        if (result.getStatus() != SSLEngineResult.Status.OK) {
-                            if (result.getStatus() == SSLEngineResult.Status.BUFFER_UNDERFLOW && endOfStream) {
-                                throw new SSLException("Unable to decrypt incoming data due to unexpected end of stream");
-                            }
+                        if (result.getStatus() == SSLEngineResult.Status.BUFFER_UNDERFLOW && endOfStream) {
+                            throw new SSLException("Unable to decrypt incoming data due to unexpected end of stream");
+                        }
+                        if (result.getStatus() != SSLEngineResult.Status.OK ||
+                                result.getHandshakeStatus() != HandshakeStatus.NOT_HANDSHAKING && result.getHandshakeStatus() != HandshakeStatus.FINISHED) {
                             break;
                         }
                     } finally {