Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8259662

Don't wrap SocketExceptions into SSLExceptions in SSLSocketImpl

    XMLWordPrintable

Details

    Backports

      Description

        Redo JDK-8237578 Fixing the effected tests

        OpenJDK8u 265 had the following contract with the client


              * . if there is an IOException (SocketException) when accessing the
              * underlying Socket, pass it through
              *
              * . do not throw IOExceptions, throw SSLExceptions (or a subclass)
              *

        SSLSocketImpl.java#l69 (http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/file/9204e03217f7/src/share/classes/sun/security/ssl/SSLSocketImpl.java#l69)

        The TLS stack would pass through SocketException. It would wrap other IOExceptions into an SSLException. However, The implementation of TLS1.3 stack changed this behavior [JDK-8196584 (https://bugs.openjdk.java.net/browse/JDK-8196584)]. It now started wrapping All IOExceptions including SocketException into an SSLException.

        The error handling guidelines present in OpenJDK8u265 and previous versions were used by the application layer to determine how to react to the exception. The application layer would consider SocketExceptions to be retry-able and would retry the request or have other special handling. This issue was also reported by ApacheHTTPClient in HTTPCLIENT-2032 (https://issues.apache.org/jira/browse/HTTPCLIENT-2032). The application started seeing SSLException: Broken Pipe. this was due to the SocketException being converted to an SSLException. JDK-8214339 (https://bugs.openjdk.java.net/browse/JDK-8214339) attempted to fix this issue, however, it was still suppressing the SocketException and passing to the application layer an SSLException.

        The application now was unable to determine if the failure was due to a retry-able socket exception or a more permanent SSLException.

        Attachments

          Issue Links

            Activity

              People

                cverghese Clive Verghese
                cverghese Clive Verghese
                Votes:
                0 Vote for this issue
                Watchers:
                7 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved: