-
Bug
-
Resolution: Fixed
-
P4
-
1.0
-
None
-
beta2
-
generic
-
generic
daniel.daugherty@Eng 1999-10-12
There appears to be a problem with the SSL_RSA_WITH_NULL_MD5 cipher
suite in just *one* of the test case configurations. When the following
test case is executed:
tcList[0] = new SessionTC(
// begin base test case elements:
"SSL_RSA_WITH_NULL_MD5", // cipher suite name
false, // disjoint cipher suites?
true, // keystore enabled?
false, // mutual authentication enabled?
EXP_PASS, // expected test result
// end base test case elements
// begin session management test case elements:
true, // server socket session creation enabled?
true, // client session creation enabled?
true, // invalidate the current session?
true); // start a new handshake?
an SSLProtocolException is thrown on the server side:
+ java -version
java version "1.3.0"
Java(TM) 2 Runtime Environment, Standard Edition (build 1.3.0-I)
Java HotSpot (TM) Client VM (build 1.3-I, interpreted mode)
+ java SessionServer -v
VERBOSE: Loop config=1 interation(s)
VERBOSE: port=32000 sessions=1
VERBOSE: 0: open connection from owjones/192.129.100.2:33196
VERBOSE: 0/0/0: tc=((SSL_RSA_WITH_NULL_MD5, false, true, false,
EXP_PASS), true, true, true, true)
ERROR: 0/0/0: Cannot read mesg data.
ERROR: 0/0/0: Unsupported SSL message version.
javax.net.ssl.SSLProtocolException: Unsupported SSL message version.
at
com.sun.net.ssl.internal.ssl.InputRecord.read([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198])
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198])
at
com.sun.net.ssl.internal.ssl.AppInputStream.read([DashoPro-V1.2-120198])
at SSLDataComm.recvMesg(SSLDataComm.java:206)
at SSLDataComm.doServerWork(SSLDataComm.java:141)
at SSLDataComm.run(SSLDataComm.java:63)
at java.lang.Thread.run(Thread.java:485)
VERBOSE: 0/0: server FAILed.
VERBOSE: 0: close connection from 192.129.100.2:33196
FINALSTATUS:SessionServer:EXIT_FAIL:1:Number of FAILURES:1:TEST FAILED
On the client side, an SSLException is thrown:
+ java -version
java version "1.3.0"
Java(TM) 2 Runtime Environment, Standard Edition (build 1.3.0-I)
Java HotSpot (TM) Client VM (build 1.3-I, interpreted mode)
+ java SessionClient -v owjones
VERBOSE: Loop config=1 interation(s)
VERBOSE: port=32000 sessions=1 server='owjones'
VERBOSE: loop #0: connecting to owjones:32000
VERBOSE: 0/0/0: tc=((SSL_RSA_WITH_NULL_MD5, false, true, false,
EXP_PASS), true, true, true, true)
ERROR: 0/0/0: expected='### The cipher suite server sends this string.
###'
ERROR: 0/0/0: received=''
ERROR: 0/0/0: Cannot write mesg data.
ERROR: 0/0/0: Received fatal alert: unexpected message
javax.net.ssl.SSLException: Received fatal alert: unexpected message
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.b([DashoPro-V1.2-120198])
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198])
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198])
at
com.sun.net.ssl.internal.ssl.AppInputStream.read([DashoPro-V1.2-120198])
at SSLDataComm.recvMesg(SSLDataComm.java:206)
at SSLDataComm.doClientWork(SSLDataComm.java:94)
at SSLDataComm.run(SSLDataComm.java:61)
at java.lang.Thread.run(Thread.java:485)
ERROR: 0/0: wrong number of SSL sessions: expect=2 actual=1
VERBOSE: 0/0: client FAILed.
VERBOSE: 0/0: server FAILed.
ERROR: 0/0: tc=((SSL_RSA_WITH_NULL_MD5, false, true, false, EXP_PASS),
true, true, true, true)
ERROR: 0/0: expected client and server to PASS.
FINALSTATUS:SessionClient:EXIT_FAIL:1:Number of FAILURES:1:TEST FAILED
This bug has been reproduced on the following configurations:
S2.6/Kestrel server with S2.6/Kestrel client
S2.6/JDK1.2.2 server with S2.6/JDK1.2.2 client (no exception on client)
S2.6/Kestrel server with S2.6/JDK1.2.2 client (no exception on client)
S2.6/Kestrel server with Win98/Kestrel client (no exception on client)
S2.6/Kestrel server with WinNT/JDK1.2.2 client (no exception on client)
Win98/Kestrel server with S2.6/Kestrel client
WinNT/JDK1.2.2 server with S2.6/Kestrel client
Kestrel version is Build FCS-I
There appears to be a problem with the SSL_RSA_WITH_NULL_MD5 cipher
suite in just *one* of the test case configurations. When the following
test case is executed:
tcList[0] = new SessionTC(
// begin base test case elements:
"SSL_RSA_WITH_NULL_MD5", // cipher suite name
false, // disjoint cipher suites?
true, // keystore enabled?
false, // mutual authentication enabled?
EXP_PASS, // expected test result
// end base test case elements
// begin session management test case elements:
true, // server socket session creation enabled?
true, // client session creation enabled?
true, // invalidate the current session?
true); // start a new handshake?
an SSLProtocolException is thrown on the server side:
+ java -version
java version "1.3.0"
Java(TM) 2 Runtime Environment, Standard Edition (build 1.3.0-I)
Java HotSpot (TM) Client VM (build 1.3-I, interpreted mode)
+ java SessionServer -v
VERBOSE: Loop config=1 interation(s)
VERBOSE: port=32000 sessions=1
VERBOSE: 0: open connection from owjones/192.129.100.2:33196
VERBOSE: 0/0/0: tc=((SSL_RSA_WITH_NULL_MD5, false, true, false,
EXP_PASS), true, true, true, true)
ERROR: 0/0/0: Cannot read mesg data.
ERROR: 0/0/0: Unsupported SSL message version.
javax.net.ssl.SSLProtocolException: Unsupported SSL message version.
at
com.sun.net.ssl.internal.ssl.InputRecord.read([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198])
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198])
at
com.sun.net.ssl.internal.ssl.AppInputStream.read([DashoPro-V1.2-120198])
at SSLDataComm.recvMesg(SSLDataComm.java:206)
at SSLDataComm.doServerWork(SSLDataComm.java:141)
at SSLDataComm.run(SSLDataComm.java:63)
at java.lang.Thread.run(Thread.java:485)
VERBOSE: 0/0: server FAILed.
VERBOSE: 0: close connection from 192.129.100.2:33196
FINALSTATUS:SessionServer:EXIT_FAIL:1:Number of FAILURES:1:TEST FAILED
On the client side, an SSLException is thrown:
+ java -version
java version "1.3.0"
Java(TM) 2 Runtime Environment, Standard Edition (build 1.3.0-I)
Java HotSpot (TM) Client VM (build 1.3-I, interpreted mode)
+ java SessionClient -v owjones
VERBOSE: Loop config=1 interation(s)
VERBOSE: port=32000 sessions=1 server='owjones'
VERBOSE: loop #0: connecting to owjones:32000
VERBOSE: 0/0/0: tc=((SSL_RSA_WITH_NULL_MD5, false, true, false,
EXP_PASS), true, true, true, true)
ERROR: 0/0/0: expected='### The cipher suite server sends this string.
###'
ERROR: 0/0/0: received=''
ERROR: 0/0/0: Cannot write mesg data.
ERROR: 0/0/0: Received fatal alert: unexpected message
javax.net.ssl.SSLException: Received fatal alert: unexpected message
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.b([DashoPro-V1.2-120198])
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198])
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198])
at
com.sun.net.ssl.internal.ssl.AppInputStream.read([DashoPro-V1.2-120198])
at SSLDataComm.recvMesg(SSLDataComm.java:206)
at SSLDataComm.doClientWork(SSLDataComm.java:94)
at SSLDataComm.run(SSLDataComm.java:61)
at java.lang.Thread.run(Thread.java:485)
ERROR: 0/0: wrong number of SSL sessions: expect=2 actual=1
VERBOSE: 0/0: client FAILed.
VERBOSE: 0/0: server FAILed.
ERROR: 0/0: tc=((SSL_RSA_WITH_NULL_MD5, false, true, false, EXP_PASS),
true, true, true, true)
ERROR: 0/0: expected client and server to PASS.
FINALSTATUS:SessionClient:EXIT_FAIL:1:Number of FAILURES:1:TEST FAILED
This bug has been reproduced on the following configurations:
S2.6/Kestrel server with S2.6/Kestrel client
S2.6/JDK1.2.2 server with S2.6/JDK1.2.2 client (no exception on client)
S2.6/Kestrel server with S2.6/JDK1.2.2 client (no exception on client)
S2.6/Kestrel server with Win98/Kestrel client (no exception on client)
S2.6/Kestrel server with WinNT/JDK1.2.2 client (no exception on client)
Win98/Kestrel server with S2.6/Kestrel client
WinNT/JDK1.2.2 server with S2.6/Kestrel client
Kestrel version is Build FCS-I