An Unexpected I/O exception with AsyncHttpClient while performing SSL requests

Shlomi Abramoviz s.abramoviz at emergecds.com
Wed Dec 21 19:43:28 UTC 2016 

Hi everyone,
I was referred to this group and I hope this is the right place and would
really appreciate if you could share your opinion with me.

My company works with Play framework and Scala as our backend server.
Lately we've been having problems with the server. While making a secured
(SSL) request to a remote API, we're getting the exception below. Seems to
be a problem regarding to the SSL, but I'm not sure. We had a similar
problem a month ago, and setting the flag:

-J-XX:-UseAESIntrinsics -DXX:-UseAESIntrinsics

seemed to help. Now the problem is back.

Some more information: - Play 2.5.9 - Scala 2.11.8 - Server OS: Centos 6.8
- JVM 1.8.0_25

The Exception:

   - AsyncHttpClient-2-4 - 2016-12-21 03:59:17,434 - [debug] - from
   org.asynchttpclient.netty.handler.HttpHandler - Unexpected I/O exception on
   channel [id: 0x9ad15e31, L:/[IP_ADDRESS:PORT - R:SERVER/IP_ADDRESS:443]
   java.lang.NullPointerException: null at java.lang.System.arraycopy(Native
   Method) at com.sun.crypto.provider.GCTR.reset(GCTR.java:125) at
   com.sun.crypto.provider.GCTR.doFinal(GCTR.java:116) at
   com.sun.crypto.provider.GaloisCounterMode.doLastBlock(GaloisCounterMode.java:343)
   at
   com.sun.crypto.provider.GaloisCounterMode.decryptFinal(GaloisCounterMode.java:511)
   at com.sun.crypto.provider.CipherCore.finalNoPadding(CipherCore.java:1023)
   at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:960) at
   com.sun.crypto.provider.AESCipher.engineDoFinal(AESCipher.java:479) at
   javax.crypto.CipherSpi.bufferCrypt(CipherSpi.java:830) at
   javax.crypto.CipherSpi.engineDoFinal(CipherSpi.java:730) at
   javax.crypto.Cipher.doFinal(Cipher.java:2416) at
   sun.security.ssl.CipherBox.decrypt(CipherBox.java:535) at
   sun.security.ssl.EngineInputRecord.decrypt(EngineInputRecord.java:200) at
   sun.security.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:968) at
   sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:901) at
   sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:775) at
   javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624) at
   io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1094) at
   io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:966) at
   io.netty.handler.ssl.SslHandler.decode(SslHandler.java:900) at
   io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:411)
   at
   io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:248)
   at
   io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:366)
   at
   io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:352)
   at
   io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:345)
   at
   io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1294)
   at
   io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:366)
   at
   io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:352)
   at
   io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:911)
   at
   io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:131)
   at
   io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:611)
   at
   io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimized(NioEventLoop.java:552)
   at
   io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:466)
   at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:438) at
   io.netty.util.concurrent.SingleThreadEventExecutor$2.run(SingleThreadEventExecutor.java:140)
   at
   io.netty.util.concurrent.DefaultThreadFactory$DefaultRunnableDecorator.run(DefaultThreadFactory.java:144)
   at java.lang.Thread.run(Thread.java:745)

Does anyone have an idea what the problem could be and how can we fix it?

Also, is there any other place you know where I could get help about this
topic?

Thanks in advance,

Shlomi.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20161221/5bf0de9f/attachment.htm>

More information about the security-dev mailing list