Re: SSLSocket weird behavior in JDK 11+27

Thu, 23 Aug 2018 07:15:34 -0700 

Good catch!  I filed a bug for the tracking and further evaluation.
  https://bugs.openjdk.java.net/browse/JDK-8209893

Thanks,
Xuelei

On 8/23/2018 7:04 AM, Simone Bordet wrote:

Hi,

SSLSocket is behaving weird in 11+27.
In particular:

* Setup a SSLServerSocket.
* Connect with a normal Socket (rawClient).
* Wrap rawClient into a SSLSocket (sslClient).
* sslClient.startHandshake()

Now a few cases:

A) immediate rawClient.close()
If the server is reading via InputStream.read(), then it reads -1.
But if the server reads via InputStream.read(byte[]), then
SSLProtocolException is thrown.
I believe the second behavior is correct, as the client does not send
the close_notify, so the server should throw?

B) sslClient writes data + rawClient.close()
The server reads correctly the data, then reads -1, both with read()
and read(byte[]).
I believe this is wrong as close_notify is not sent by the client.

Running the example with JDK 10 always produces no exceptions and
always reads -1.

Below you can find a reproducible case.

Thanks!

----

     public static void main(String[] args) throws Exception
     {
         SSLContext sslContext = __sslCtxFactory.getSslContext();
         int port = 8443;
         try (SSLServerSocket sslServer =
(SSLServerSocket)sslContext.getServerSocketFactory().createServerSocket(port))
         {
             Socket rawClient = new Socket("localhost", port);
             SSLSocket sslClient =
(SSLSocket)sslContext.getSocketFactory().createSocket(rawClient,
"localhost", port, false);

             SSLSocket socket = (SSLSocket)sslServer.accept();

             CountDownLatch latch = new CountDownLatch(1);
             new Thread(() ->
             {
                 try
                 {
                     while (true)
                     {
//                        byte[] buffer = new byte[1024];
//                        int read = socket.getInputStream().read(buffer);
                         int read = socket.getInputStream().read();
                         System.err.println("read = " + read);
                         if (read < 0)
                             break;
                     }
                 }
                 catch (IOException x)
                 {
                     x.printStackTrace();
                 }
                 finally
                 {
                     latch.countDown();
                 }
             }).start();

             sslClient.startHandshake();

//            OutputStream output = sslClient.getOutputStream();
//            output.write(0);
//            output.flush();

             // Raw close.
             rawClient.close();

             latch.await(10, TimeUnit.SECONDS);
         }
     }

Reply via email to