SSLSocket weird behavior in JDK 11+27

Thu Aug 23 14:14:32 UTC 2018

Good catch!  I filed a bug for the tracking and further evaluation.
   https://bugs.openjdk.java.net/browse/JDK-8209893

Thanks,
Xuelei

On 8/23/2018 7:04 AM, Simone Bordet wrote:
> Hi,
> 
> SSLSocket is behaving weird in 11+27.
> In particular:
> 
> * Setup a SSLServerSocket.
> * Connect with a normal Socket (rawClient).
> * Wrap rawClient into a SSLSocket (sslClient).
> * sslClient.startHandshake()
> 
> Now a few cases:
> 
> A) immediate rawClient.close()
> If the server is reading via InputStream.read(), then it reads -1.
> But if the server reads via InputStream.read(byte[]), then
> SSLProtocolException is thrown.
> I believe the second behavior is correct, as the client does not send
> the close_notify, so the server should throw?
> 
> B) sslClient writes data + rawClient.close()
> The server reads correctly the data, then reads -1, both with read()
> and read(byte[]).
> I believe this is wrong as close_notify is not sent by the client.
> 
> Running the example with JDK 10 always produces no exceptions and
> always reads -1.
> 
> Below you can find a reproducible case.
> 
> Thanks!
> 
> ----
> 
>      public static void main(String[] args) throws Exception
>      {
>          SSLContext sslContext = __sslCtxFactory.getSslContext();
>          int port = 8443;
>          try (SSLServerSocket sslServer =
> (SSLServerSocket)sslContext.getServerSocketFactory().createServerSocket(port))
>          {
>              Socket rawClient = new Socket("localhost", port);
>              SSLSocket sslClient =
> (SSLSocket)sslContext.getSocketFactory().createSocket(rawClient,
> "localhost", port, false);
> 
>              SSLSocket socket = (SSLSocket)sslServer.accept();
> 
>              CountDownLatch latch = new CountDownLatch(1);
>              new Thread(() ->
>              {
>                  try
>                  {
>                      while (true)
>                      {
> //                        byte[] buffer = new byte[1024];
> //                        int read = socket.getInputStream().read(buffer);
>                          int read = socket.getInputStream().read();
>                          System.err.println("read = " + read);
>                          if (read < 0)
>                              break;
>                      }
>                  }
>                  catch (IOException x)
>                  {
>                      x.printStackTrace();
>                  }
>                  finally
>                  {
>                      latch.countDown();
>                  }
>              }).start();
> 
>              sslClient.startHandshake();
> 
> //            OutputStream output = sslClient.getOutputStream();
> //            output.write(0);
> //            output.flush();
> 
>              // Raw close.
>              rawClient.close();
> 
>              latch.await(10, TimeUnit.SECONDS);
>          }
>      }
> 