-
Bug
-
Resolution: Delivered
-
P2
-
9
DTLS client usually sends three messages in flight #5:
ClientKeyExchange
ChangeCipherSpec
Finished
See https://tools.ietf.org/html/rfc4347 for details.
DTLS can be used over UDP connection which may result to packets lost. If a ClientKeyExchange message was lost while DTLS handshaking then it results to "ChangeCipherSpec message sequence violation" error because server tries to handle ChangeCipherSpec:
javax.net.ssl.SSLProtocolException: ChangeCipherSpec message sequence violation
at sun.security.ssl.HandshakeStateManager.changeCipherSpec(java.base@9-internal/HandshakeStateManager.java:891)
at sun.security.ssl.Handshaker.receiveChangeCipherSpec(java.base@9-internal/Handshaker.java:1137)
at sun.security.ssl.SSLEngineImpl.processInputRecord(java.base@9-internal/SSLEngineImpl.java:1142)
at sun.security.ssl.SSLEngineImpl.readRecord(java.base@9-internal/SSLEngineImpl.java:998)
at sun.security.ssl.SSLEngineImpl.readNetRecord(java.base@9-internal/SSLEngineImpl.java:895)
at sun.security.ssl.SSLEngineImpl.unwrap(java.base@9-internal/SSLEngineImpl.java:673)
at javax.net.ssl.SSLEngine.unwrap(java.base@9-internal/SSLEngine.java:624)
at DTLSOverDatagram.handshake(DTLSOverDatagram.java:255)
at DTLSOverDatagram.doServerSide(DTLSOverDatagram.java:116)
at DTLSOverDatagram$Server.run(DTLSOverDatagram.java:678)
at java.lang.Thread.run(java.base@9-internal/Thread.java:843)
It might be better if a server handshaker could recognize such a situation, and let client re-send missing packets, so that handshaking may be successfully finished.
ClientKeyExchange
ChangeCipherSpec
Finished
See https://tools.ietf.org/html/rfc4347 for details.
DTLS can be used over UDP connection which may result to packets lost. If a ClientKeyExchange message was lost while DTLS handshaking then it results to "ChangeCipherSpec message sequence violation" error because server tries to handle ChangeCipherSpec:
javax.net.ssl.SSLProtocolException: ChangeCipherSpec message sequence violation
at sun.security.ssl.HandshakeStateManager.changeCipherSpec(java.base@9-internal/HandshakeStateManager.java:891)
at sun.security.ssl.Handshaker.receiveChangeCipherSpec(java.base@9-internal/Handshaker.java:1137)
at sun.security.ssl.SSLEngineImpl.processInputRecord(java.base@9-internal/SSLEngineImpl.java:1142)
at sun.security.ssl.SSLEngineImpl.readRecord(java.base@9-internal/SSLEngineImpl.java:998)
at sun.security.ssl.SSLEngineImpl.readNetRecord(java.base@9-internal/SSLEngineImpl.java:895)
at sun.security.ssl.SSLEngineImpl.unwrap(java.base@9-internal/SSLEngineImpl.java:673)
at javax.net.ssl.SSLEngine.unwrap(java.base@9-internal/SSLEngine.java:624)
at DTLSOverDatagram.handshake(DTLSOverDatagram.java:255)
at DTLSOverDatagram.doServerSide(DTLSOverDatagram.java:116)
at DTLSOverDatagram$Server.run(DTLSOverDatagram.java:678)
at java.lang.Thread.run(java.base@9-internal/Thread.java:843)
It might be better if a server handshaker could recognize such a situation, and let client re-send missing packets, so that handshaking may be successfully finished.
- blocks
-
JDK-8159416 javax/net/ssl/DTLS/CipherSuite.java failed on timeout
-
- Closed
-
- duplicates
-
JDK-8163419 Final CCS and Finished DTLS messages can't be re-transmitted
-
- Closed
-
-
JDK-8167680 DTLS implementation bugs
-
- Closed
-
- relates to
-
JDK-8167680 DTLS implementation bugs
-
- Closed
-