Hi,
some update.
It's getting weirder. I have tried the same test which Java 8, and here
is what I get in the middle of the transmission of a 50Kb encrypted packet:
javax.net.ssl|FINE|11|NioProcessor-7|2025-02-12 07:18:50.106
CET|SSLEngineInputRecord.java:214|READ: TLSv1.2 application_data, length
= 16408
javax.net.ssl|SEVERE|11|NioProcessor-7|2025-02-12 07:18:50.107
CET|TransportContext.java:316|Fatal (BAD_RECORD_MAC): Tag mismatch! (
"throwable" : {
javax.crypto.AEADBadTagException: Tag mismatch!
at
com.sun.crypto.provider.GaloisCounterMode.decryptFinal(GaloisCounterMode.java:620)
at
com.sun.crypto.provider.CipherCore.finalNoPadding(CipherCore.java:1116)
at
com.sun.crypto.provider.CipherCore.fillOutputBuffer(CipherCore.java:1053)
at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:941)
at com.sun.crypto.provider.AESCipher.engineDoFinal(AESCipher.java:491)
at javax.crypto.CipherSpi.bufferCrypt(CipherSpi.java:779)
at javax.crypto.CipherSpi.engineDoFinal(CipherSpi.java:730)
at javax.crypto.Cipher.doFinal(Cipher.java:2463)
at
sun.security.ssl.SSLCipher$T12GcmReadCipherGenerator$GcmReadCipher.decrypt(SSLCipher.java:1606)
at
sun.security.ssl.SSLEngineInputRecord.decodeInputRecord(SSLEngineInputRecord.java:240)
at
sun.security.ssl.SSLEngineInputRecord.decode(SSLEngineInputRecord.java:197)
at
sun.security.ssl.SSLEngineInputRecord.decode(SSLEngineInputRecord.java:160)
at sun.security.ssl.SSLTransport.decode(SSLTransport.java:109)
at sun.security.ssl.SSLEngineImpl.decode(SSLEngineImpl.java:588)
at sun.security.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:544)
at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:411)
at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:390)
at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:626)
at
org.apache.mina.filter.ssl.SSLHandlerG1.receive_loop(SSLHandlerG1.java:250)
at
org.apache.mina.filter.ssl.SSLHandlerG1.receive_loop(SSLHandlerG1.java:311)
at
org.apache.mina.filter.ssl.SSLHandlerG1.receive_start(SSLHandlerG1.java:201)
at
org.apache.mina.filter.ssl.SSLHandlerG1.receive(SSLHandlerG1.java:179)
at
org.apache.mina.filter.ssl.SslFilter.messageReceived(SslFilter.java:441)
at
org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:650)
at
org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1300(DefaultIoFilterChain.java:49)
at
org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.messageReceived(DefaultIoFilterChain.java:1128)
at
org.apache.mina.core.filterchain.IoFilterAdapter.messageReceived(IoFilterAdapter.java:122)
at
org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:650)
at
org.apache.mina.core.filterchain.DefaultIoFilterChain.fireMessageReceived(DefaultIoFilterChain.java:643)
at
org.apache.mina.core.polling.AbstractPollingIoProcessor.read(AbstractPollingIoProcessor.java:539)
at
org.apache.mina.core.polling.AbstractPollingIoProcessor.access$1200(AbstractPollingIoProcessor.java:68)
at
org.apache.mina.core.polling.AbstractPollingIoProcessor$Processor.process(AbstractPollingIoProcessor.java:1224)
at
org.apache.mina.core.polling.AbstractPollingIoProcessor$Processor.process(AbstractPollingIoProcessor.java:1213)
at
org.apache.mina.core.polling.AbstractPollingIoProcessor$Processor.run(AbstractPollingIoProcessor.java:683)
at
org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:64)
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)}
)
javax.net.ssl|ALL|11|NioProcessor-7|2025-02-12 07:18:50.107
CET|SSLSessionImpl.java:823|Invalidated session:
Session(1739341129546|TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384)
javax.net.ssl|FINE|12|NioProcessor-2|2025-02-12 07:18:50.120
CET|SSLEngineOutputRecord.java:266|WRITE: TLS12 application_data, length
= 101
I had to run the atomic test 5 times to get this failure with Java 8
Temurin 1.8.9_312, or AdoptOpenJDK 1.8.0_292.
And I see this:
https://bugs.openjdk.org/browse/JDK-8313084?page=com.atlassian.jira.plugin.system.issuetabpanels%3Aall-tabpanel
On 11/02/2025 14:48, Emmanuel Lécharny wrote:
To be clear:
I have some randomly failing SaslBindIT tests filing when using LDAPs
out StartTLS, and when transfering big chunk of data (like 500kb).
Which makes it hard to debug...
On 11/02/2025 08:50, Emmanuel Lecharny wrote:
Hi,
I'd like to suspend the vote to take the time to check that the lib
works with Java 21. It seems we get some breakage when using TLS on a
Java 21 JVM (and it's random). It may be caused by MINA 2.2.4.
I'll keep you informed.
Le 10/02/2025 à 05:57, Colm O hEigeartaigh a écrit :
+1.
Colm.
On Sat, Feb 8, 2025 at 3:45 PM Shawn McKinney <smckin...@apache.org>
wrote:
On Feb 7, 2025, at 10:25 PM, Emmanuel Lecharny
<elecha...@apache.org> wrote:
Please cast your votes:
[ ] +1 Release Apache LDAP API 2.1.8
[ ] 0 abstain
[ ] -1 Do not release Apache LDAP API 2.1.8
+ 1 Release Apache LDAP 2.1.8
Built source, ran tests, compiled and ran w/ fortress integration
tests. Everything good on Java 17/Maven 3.9.9.
Nice work Emmanuel!
—
Shawn
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org
For additional commands, e-mail: dev-h...@directory.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org
For additional commands, e-mail: dev-h...@directory.apache.org
--
------------------------ Emmanuel Lécharny emm...@worteks.com
elecha...@apache.org ------------------------
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org
For additional commands, e-mail: dev-h...@directory.apache.org
