[jdk21u-dev] RFR: 8311644: Server should not send bad_certificate alert when the client does not send any certificates
Amos Shi
ashi at openjdk.org
Mon Aug 19 23:28:56 UTC 2024
On Sat, 17 Aug 2024 04:05:35 GMT, Amos Shi <ashi at openjdk.org> wrote:
> Backport of [JDK-8311644](https://bugs.openjdk.org/browse/JDK-8311644)
>
> Testing
> - Local: Test passed on `MacOS 14.6.1` on Apple M1 Max
> - `CertMsgCheck.java`: Test results: passed: 1
> - `CheckSessionContext.java`: Test results: passed: 1
> - `LegacyDHEKeyExchange.java`: Test results: passed: 1
> - `SigAlgosExtTestWithTLS12.java`: Test results: passed: 1
> - `SigAlgosExtTestWithTLS13.java`: Test results: passed: 1
> - Pipeline: All checks have passed
> - Testing Machine:
Testing Machine note on `2024-08-18`
- javax/net/ssl/SSLSession/`CertMsgCheck.jtr`
- on `linuxaarch64`
- on `linuxx86_64`
- on `linuxppc64le`
----------System.err:(73/5183)----------
Server ready on port 34603
Client connected using port 32780
(write)client(SSLSocket[hostname=localhost, port=34603, Session(1724013817426|SSL_NULL_WITH_NULL_NULL)]): Hello
javax.net.ssl.SSLHandshakeException: (certificate_required) Received fatal alert: certificate_required
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:130)
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:365)
at java.base/sun.security.ssl.Alert$AlertConsumer.consume(Alert.java:287)
at java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:204)
at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:172)
at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1509)
at java.base/sun.security.ssl.SSLSocketImpl.readApplicationRecord(SSLSocketImpl.java:1480)
at java.base/sun.security.ssl.SSLSocketImpl$AppInputStream.read(SSLSocketImpl.java:1066)
at java.base/sun.nio.cs.StreamDecoder.readBytes(StreamDecoder.java:350)
at java.base/sun.nio.cs.StreamDecoder.implRead(StreamDecoder.java:393)
at java.base/sun.nio.cs.StreamDecoder.lockedRead(StreamDecoder.java:217)
at java.base/sun.nio.cs.StreamDecoder.read(StreamDecoder.java:171)
at java.base/java.io.InputStreamReader.read(InputStreamReader.java:188)
at java.base/java.io.BufferedReader.fill(BufferedReader.java:160)
at java.base/java.io.BufferedReader.implReadLine(BufferedReader.java:370)
at java.base/java.io.BufferedReader.readLine(BufferedReader.java:347)
at java.base/java.io.BufferedReader.readLine(BufferedReader.java:436)
at TLSBase.read(TLSBase.java:82)
at TLSBase$Client.read(TLSBase.java:351)
at TLSBase$Client.connect(TLSBase.java:342)
at TLSBase$Client.<init>(TLSBase.java:328)
at CertMsgCheck.main(CertMsgCheck.java:42)
at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:103)
at java.base/java.lang.reflect.Method.invoke(Method.java:580)
at com.sun.javatest.regtest.agent.MainWrapper$MainTask.run(MainWrapper.java:138)
at java.base/java.lang.Thread.run(Thread.java:1583)
javax.net.ssl.SSLHandshakeException: (certificate_required) Empty client certificate chain
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:130)
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:365)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:321)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:312)
at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.onConsumeCertificate(CertificateMessage.java:1157)
at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.consume(CertificateMessage.java:1144)
at java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:393)
at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:476)
at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:447)
at java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:201)
at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:172)
at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1506)
at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1421)
at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:455)
at java.base/sun.security.ssl.SSLSocketImpl.ensureNegotiated(SSLSocketImpl.java:922)
at java.base/sun.security.ssl.SSLSocketImpl$AppInputStream.read(SSLSocketImpl.java:1013)
at java.base/sun.nio.cs.StreamDecoder.readBytes(StreamDecoder.java:350)
at java.base/sun.nio.cs.StreamDecoder.implRead(StreamDecoder.java:393)
at java.base/sun.nio.cs.StreamDecoder.lockedRead(StreamDecoder.java:217)
at java.base/sun.nio.cs.StreamDecoder.read(StreamDecoder.java:171)
at java.base/java.io.InputStreamReader.read(InputStreamReader.java:188)
at java.base/java.io.BufferedReader.fill(BufferedReader.java:160)
at java.base/java.io.BufferedReader.implReadLine(BufferedReader.java:370)
at java.base/java.io.BufferedReader.readLine(BufferedReader.java:347)
at java.base/java.io.BufferedReader.readLine(BufferedReader.java:436)
at TLSBase.read(TLSBase.java:82)
at TLSBase$Server.lambda$new$0(TLSBase.java:178)
at java.base/java.lang.Thread.run(Thread.java:1583)
Server ready on port 34603
java.lang.Exception: Failed to find expected alert: certificate_required
at CertMsgCheck.main(CertMsgCheck.java:56)
at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:103)
at java.base/java.lang.reflect.Method.invoke(Method.java:580)
at com.sun.javatest.regtest.agent.MainWrapper$MainTask.run(MainWrapper.java:138)
at java.base/java.lang.Thread.run(Thread.java:1583)
JavaTest Message: Test threw exception: java.lang.Exception: Failed to find expected alert: certificate_required
JavaTest Message: shutting down test
-------------
PR Comment: https://git.openjdk.org/jdk21u-dev/pull/932#issuecomment-2297684810
More information about the jdk-updates-dev
mailing list