Loading...

Type: Bug
Resolution: Fixed
Priority: P2
Fix Version/s: 19
Affects Version/s: 8, 11, 13, 15, 17, 18
Component/s: security-libs
Labels:

Subcomponent:
javax.net.ssl
Resolved In Build:
b10
Verification:
Verified

Issue	Fix Version	Assignee	Priority	Status	Resolution	Resolved In Build
JDK-8282949	18.0.2	Prajwal Kumaraswamy	P2	Closed	Fixed	b02
JDK-8282748	17.0.4-oracle	Prajwal Kumaraswamy	P2	Closed	Fixed	b01
JDK-8282055	17.0.3	Alexey Bakhtin	P2	Resolved	Fixed	b03
JDK-8281825	15.0.7	Alexey Bakhtin	P2	Resolved	Fixed	b02
JDK-8281821	13.0.11	Alexey Bakhtin	P2	Resolved	Fixed	b02
JDK-8282749	11.0.16-oracle	Prajwal Kumaraswamy	P2	Closed	Fixed	b01
JDK-8282052	11.0.15	Alexey Bakhtin	P2	Resolved	Fixed	b03
JDK-8282433	openjdk8u332	Alexey Bakhtin	P2	Resolved	Fixed	b04
JDK-8302902	shenandoah8u332	Alexey Bakhtin	P2	Resolved	Fixed	master
JDK-8282750	8u341	Prajwal Kumaraswamy	P2	Closed	Fixed	b01
JDK-8282437	na	Alexey Bakhtin	P2	Closed	Duplicate

JCK test api/javax_net/ssl/SSLSocket/setUseClientMode.html fails on Linux & NioSocket with "Error. test was interrupted! (timeout?)"

During TLS handshake socket read operations are not protected by readLock. Here is a stack trace of the read during handshake:
at java.base/sun.nio.ch.SocketDispatcher.read(SocketDispatcher.java:48)
at java.base/sun.nio.ch.NioSocketImpl.tryRead(NioSocketImpl.java:261)
at java.base/sun.nio.ch.NioSocketImpl.implRead(NioSocketImpl.java:312)
at java.base/sun.nio.ch.NioSocketImpl.read(NioSocketImpl.java:350)
at java.base/sun.nio.ch.NioSocketImpl$1.read(NioSocketImpl.java:803)
at java.base/java.net.Socket$SocketInputStream.read(Socket.java:981)
at java.base/sun.security.ssl.SSLSocketInputRecord.read(SSLSocketInputRecord.java:478)
at java.base/sun.security.ssl.SSLSocketInputRecord.readFully(SSLSocketInputRecord.java:461)
at java.base/sun.security.ssl.SSLSocketInputRecord.decodeInputRecord(SSLSocketInputRecord.java:243)
at java.base/sun.security.ssl.SSLSocketInputRecord.decode(SSLSocketInputRecord.java:181)
at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:110)
at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1491)
at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1397)
at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:444)
at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:415)

SSLSocket.close() also reads from socket after ~~JDK-8268965~~:
at java.base/sun.nio.ch.SocketDispatcher.read(SocketDispatcher.java:48)
at java.base/sun.nio.ch.NioSocketImpl.tryRead(NioSocketImpl.java:261)
at java.base/sun.nio.ch.NioSocketImpl.implRead(NioSocketImpl.java:312)
at java.base/sun.nio.ch.NioSocketImpl.read(NioSocketImpl.java:350)
at java.base/sun.nio.ch.NioSocketImpl$1.read(NioSocketImpl.java:803)
at java.base/java.net.Socket$SocketInputStream.read(Socket.java:981)
at java.base/java.io.InputStream.skip(InputStream.java:544)
at java.base/sun.security.ssl.SSLSocketInputRecord.deplete(SSLSocketInputRecord.java:504)
at java.base/sun.security.ssl.SSLSocketImpl.closeSocket(SSLSocketImpl.java:1762)
at java.base/sun.security.ssl.SSLSocketImpl.shutdown(SSLSocketImpl.java:1739)
at java.base/sun.security.ssl.SSLSocketImpl.bruteForceCloseInput(SSLSocketImpl.java:773)
at java.base/sun.security.ssl.SSLSocketImpl.duplexCloseOutput(SSLSocketImpl.java:638)
at java.base/sun.security.ssl.SSLSocketImpl.close(SSLSocketImpl.java:570)

InputStream.skip() is implemented as a simple read from NIO socket without any locks. It is implemented as a loop of read(available()) As result, in case of called concurrently, SSLSocket.close() could hangs trying to read available bytes from socket, while startHandshake() already read them

The issue does not affect concurrent SSLSocket.close() and application input stream because of SSLSocketInputRecord.deplete() is protected by Application Input Stream read lock.

- - Sort By Name
  - Sort By Date
  - Ascending
  - Descending
  - Thumbnails
  - List
  - Download All

ClientSocketCloseHang.jtr
88 kB
2022-01-28 06:36
jstack.log
12 kB
2022-01-28 06:37

backported by

JDK-8281821 SSLSocket.close() hangs if it is called during the ssl handshake

Resolved

JDK-8281825 SSLSocket.close() hangs if it is called during the ssl handshake

Resolved

JDK-8282052 SSLSocket.close() hangs if it is called during the ssl handshake

Resolved

JDK-8282055 SSLSocket.close() hangs if it is called during the ssl handshake

Resolved

JDK-8282433 SSLSocket.close() hangs if it is called during the ssl handshake

Resolved

JDK-8302902 SSLSocket.close() hangs if it is called during the ssl handshake

Resolved

JDK-8282437 SSLSocket.close() hangs if it is called during the ssl handshake

Closed

JDK-8282748 SSLSocket.close() hangs if it is called during the ssl handshake

Closed

JDK-8282749 SSLSocket.close() hangs if it is called during the ssl handshake

Closed

JDK-8282750 SSLSocket.close() hangs if it is called during the ssl handshake

Closed

JDK-8282949 SSLSocket.close() hangs if it is called during the ssl handshake

Closed

is blocked by

JDK-8315422 getSoTimeout() would be in try block in SSLSocketImpl

Resolved

relates to

JDK-8268965 TCP Connection Reset when connecting simple socket to SSL server

Closed

JDK-8274736 Concurrent read/close of SSLSockets causes SSLSessions to be invalidated unnecessarily

Closed

JDK-8315422 getSoTimeout() would be in try block in SSLSocketImpl

Resolved

links to

Commit openjdk/jdk11u-dev/57003eea

Commit openjdk/jdk13u-dev/d7b8c97f

Commit openjdk/jdk15u-dev/8d25af47

Commit openjdk/jdk17u-dev/d54675be

Commit openjdk/jdk18u/afae4921

Commit openjdk/jdk/58dae60d

Review openjdk/jdk11u-dev/823

Review openjdk/jdk13u-dev/326

Review openjdk/jdk15u-dev/176

Review openjdk/jdk17u-dev/161

Review openjdk/jdk18u/33

Review openjdk/jdk/5760

Review openjdk/jdk/7432

(6 backported by, 1 is blocked by, 3 relates to, 13 links to)

Details

Backports

Description

Attachments

Attachments

Issue Links

Activity

People

Dates