Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8274524

SSLSocket.close() hangs if it is called during the ssl handshake

    XMLWordPrintable

Details

    • b10
    • Verified

    Backports

      Description

        JCK test api/javax_net/ssl/SSLSocket/setUseClientMode.html fails on Linux & NioSocket with "Error. test was interrupted! (timeout?)"

        During TLS handshake socket read operations are not protected by readLock. Here is a stack trace of the read during handshake:
        at java.base/sun.nio.ch.SocketDispatcher.read(SocketDispatcher.java:48)
        at java.base/sun.nio.ch.NioSocketImpl.tryRead(NioSocketImpl.java:261)
        at java.base/sun.nio.ch.NioSocketImpl.implRead(NioSocketImpl.java:312)
        at java.base/sun.nio.ch.NioSocketImpl.read(NioSocketImpl.java:350)
        at java.base/sun.nio.ch.NioSocketImpl$1.read(NioSocketImpl.java:803)
        at java.base/java.net.Socket$SocketInputStream.read(Socket.java:981)
        at java.base/sun.security.ssl.SSLSocketInputRecord.read(SSLSocketInputRecord.java:478)
        at java.base/sun.security.ssl.SSLSocketInputRecord.readFully(SSLSocketInputRecord.java:461)
        at java.base/sun.security.ssl.SSLSocketInputRecord.decodeInputRecord(SSLSocketInputRecord.java:243)
        at java.base/sun.security.ssl.SSLSocketInputRecord.decode(SSLSocketInputRecord.java:181)
        at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:110)
        at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1491)
        at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1397)
        at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:444)
        at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:415)

        SSLSocket.close() also reads from socket after JDK-8268965:
        at java.base/sun.nio.ch.SocketDispatcher.read(SocketDispatcher.java:48)
        at java.base/sun.nio.ch.NioSocketImpl.tryRead(NioSocketImpl.java:261)
        at java.base/sun.nio.ch.NioSocketImpl.implRead(NioSocketImpl.java:312)
        at java.base/sun.nio.ch.NioSocketImpl.read(NioSocketImpl.java:350)
        at java.base/sun.nio.ch.NioSocketImpl$1.read(NioSocketImpl.java:803)
        at java.base/java.net.Socket$SocketInputStream.read(Socket.java:981)
        at java.base/java.io.InputStream.skip(InputStream.java:544)
        at java.base/sun.security.ssl.SSLSocketInputRecord.deplete(SSLSocketInputRecord.java:504)
        at java.base/sun.security.ssl.SSLSocketImpl.closeSocket(SSLSocketImpl.java:1762)
        at java.base/sun.security.ssl.SSLSocketImpl.shutdown(SSLSocketImpl.java:1739)
        at java.base/sun.security.ssl.SSLSocketImpl.bruteForceCloseInput(SSLSocketImpl.java:773)
        at java.base/sun.security.ssl.SSLSocketImpl.duplexCloseOutput(SSLSocketImpl.java:638)
        at java.base/sun.security.ssl.SSLSocketImpl.close(SSLSocketImpl.java:570)

        InputStream.skip() is implemented as a simple read from NIO socket without any locks. It is implemented as a loop of read(available()) As result, in case of called concurrently, SSLSocket.close() could hangs trying to read available bytes from socket, while startHandshake() already read them

        The issue does not affect concurrent SSLSocket.close() and application input stream because of SSLSocketInputRecord.deplete() is protected by Application Input Stream read lock.

        Attachments

          Issue Links

            backported by

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8281821 SSLSocket.close() hangs if it is called during the ssl handshake

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8281825 SSLSocket.close() hangs if it is called during the ssl handshake

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8282052 SSLSocket.close() hangs if it is called during the ssl handshake

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8282055 SSLSocket.close() hangs if it is called during the ssl handshake

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8282433 SSLSocket.close() hangs if it is called during the ssl handshake

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8282437 SSLSocket.close() hangs if it is called during the ssl handshake

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8302902 SSLSocket.close() hangs if it is called during the ssl handshake

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8282748 SSLSocket.close() hangs if it is called during the ssl handshake

            • P2 - Crashes, loss of data, severe memory leak.
            • Closed

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8282749 SSLSocket.close() hangs if it is called during the ssl handshake

            • P2 - Crashes, loss of data, severe memory leak.
            • Closed

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8282750 SSLSocket.close() hangs if it is called during the ssl handshake

            • P2 - Crashes, loss of data, severe memory leak.
            • Closed

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8282949 SSLSocket.close() hangs if it is called during the ssl handshake

            • P2 - Crashes, loss of data, severe memory leak.
            • Closed
            relates to

            Bug - A problem which impairs or prevents the functions of the product. JDK-8268965 TCP Connection Reset when connecting simple socket to SSL server

            • P3 - Major loss of function.
            • Closed

            Bug - A problem which impairs or prevents the functions of the product. JDK-8274736 Concurrent read/close of SSLSockets causes SSLSessions to be invalidated unnecessarily

            • P3 - Major loss of function.
            • Closed

            Bug - A problem which impairs or prevents the functions of the product. JDK-8315422 getSoTimeout() would be in try block in SSLSocketImpl

            • P4 - Minor loss of function, or other problem where easy workaround is present.
            • Resolved
            links to

            Commit Commit openjdk/jdk11u-dev/57003eea

            Commit Commit openjdk/jdk13u-dev/d7b8c97f

            Commit Commit openjdk/jdk15u-dev/8d25af47

            Commit Commit openjdk/jdk17u-dev/d54675be

            Commit Commit openjdk/jdk18u/afae4921

            Commit Commit openjdk/jdk/58dae60d

            Review Review openjdk/jdk11u-dev/823

            Review Review openjdk/jdk13u-dev/326

            Review Review openjdk/jdk15u-dev/176

            Review Review openjdk/jdk17u-dev/161

            Review Review openjdk/jdk18u/33

            Review Review openjdk/jdk/5760

            Review Review openjdk/jdk/7432

            Activity

              People

                abakhtin Alexey Bakhtin
                abakhtin Alexey Bakhtin
                Votes:
                0 Vote for this issue
                Watchers:
                11 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved: