Java 11 RC build - HTTPS handshake failure against a previously working server
Xuelei Fan
xuelei.fan at oracle.com
Sun Aug 26 13:38:02 UTC 2018
Thanks for the test!
Xuelei
On 8/26/2018 6:19 AM, Jaikiran Pai wrote:
> I have now applied the patch to the JDK11 repo on top of:
>
> hg sum
>
> parent: 51151:1ddf9a99e4ad tip
> Added tag jdk-11+28 for changeset 76072a077ee1
> branch: default
>
> and built the new images and run the testsuite against this version. The
> tests passed without any issues. Ran the sample code from my original
> mail, against this patched JDK 11 version and that too passed.
>
> -Jaikiran
>
>
> On 25/08/18 9:58 PM, Jaikiran Pai wrote:
>> Hi Xuelei,
>>
>> I had the JDK 12 repo checked out already with the latest code as of today:
>>
>> hg sum
>> parent: 51538:a716460217ed
>> 8209911: More blob types in hs_err printout
>> branch: default
>>
>> I applied the patch you had attached in this thread against this and
>> built it afresh.
>>
>> With this new image, I was able to run the Apache Ant testsuite (the one
>> which was originally and still fails with JDK 11 RC build) without any
>> issues. I even ran the sample program that I had listed in this thread
>> against this patched 12.x build and that too went fine. I verified that
>> the patch has indeed taken effect by enabling javax.net.debug logging
>> and I do indeed see the new log:
>>
>> javax.net.ssl|DEBUG|01|main|2018-08-25 21:20:57.860
>> IST|PreSharedKeyExtension.java:606|No session to resume.
>> javax.net.ssl|DEBUG|01|main|2018-08-25 21:20:57.860
>> IST|SSLExtensions.java:250|Ignore, context unavailable extension:
>> pre_shared_key
>> javax.net.ssl|DEBUG|01|main|2018-08-25 21:20:57.864
>> IST|ClientHello.java:633|Produced ClientHello handshake message (
>> "ClientHello": {
>> "client version" : "TLSv1.2",
>> ....
>> }
>> )
>> ....
>> javax.net.ssl|DEBUG|01|main|2018-08-25 21:20:57.865
>> IST|SSLSocketOutputRecord.java:241|WRITE: TLS13 handshake, length = 446
>> javax.net.ssl|DEBUG|01|main|2018-08-25 21:20:58.664
>> IST|SSLSocketInputRecord.java:213|READ: TLSv1.2 handshake, length = 99
>> javax.net.ssl|DEBUG|01|main|2018-08-25 21:20:58.664
>> IST|SSLSocketInputRecord.java:249|READ: TLSv1.2 handshake, length = 99
>> javax.net.ssl|WARNING|01|main|2018-08-25 21:20:58.665
>> IST|SSLExtensions.java:79|Buggy supported_groups in ServerHello
>> javax.net.ssl|DEBUG|01|main|2018-08-25 21:20:58.667
>> IST|ServerHello.java:862|Consuming ServerHello handshake message (
>> "ServerHello": {
>> "server version" : "TLSv1.2",
>> "random" : "4C 62 53 A1 56 4D 82 EE 3A 44 E3 25 0D 2F BD
>> CB 02 EE FD 3B 8E 4E D1 2B 52 5F AD 5B 0B B5 BC 98",
>> "session id" : "A9 BC 19 7D 36 84 25 F8 6B 77 3F 1D 93 5E B4
>> 52 DE AE 41 90 67 2B F2 80 BB 85 3B BE 36 A1 F3 1C",
>> "cipher suite" : "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384(0xC030)",
>> "compression methods" : "00",
>> "extensions" : [
>> "renegotiation_info (65,281)": {
>> "renegotiated connection": [<no renegotiated connection>]
>> },
>> "server_name (0)": {
>> <empty extension_data field>
>> },
>> "ec_point_formats (11)": {
>> "formats": [uncompressed]
>> }
>> ]
>> }
>> )
>>
>>
>> As for trying this against the JDK 11 repo, I have initiated a clone,
>> but it's going to take a while (as expected). I don't expect it to
>> finish soon, so I'm going to let it clone overnight and I will apply
>> this patch against that repo too and run this same testsuite against it.
>> I don't expect it to fail but I just want to make sure there aren't any
>> surprises. I will send out a note once that's done tomorrow.
>>
>> I'll anyway be running some more extensive testsuites, over the next few
>> days, with this patched version and see how it goes.
>>
>> Thank you very much for the quick response and the patch.
>>
>> -Jaikiran
>>
>> On 25/08/18 8:18 PM, Xuelei Fan wrote:
>>> Hi Jaikiran,
>>>
>>> Thank you very much for the help!
>>>
>>> JDK 12 repo (JDK repo):
>>> http://hg.openjdk.java.net/jdk/jdk
>>>
>>> JDK 11 repo:
>>> http://hg.openjdk.java.net/jdk/jdk11
>>>
>>> The patch should work for both repositories.
>>>
>>> Thanks,
>>> Xuelei
>>>
>>>
>>> On 8/25/2018 7:44 AM, Jaikiran Pai wrote:
>>>> Hi Xuelei,
>>>>
>>>> I can definitely build JDK 12 (jdk repo) from source and apply your
>>>> attached patch and give it a try. As for JDK 11, I haven't been
>>>> following the version control discussions/process, does it have a
>>>> separate repo now? Or is it some branch within jdk repo itself? Either
>>>> way, once I know the right repo location, I can (and in fact prefer)
>>>> building that repo with this patch to give it a try.
>>>>
>>>> -Jaikiran
>>>>
>>>>
>>>> On 25/08/18 8:10 PM, Xuelei Fan wrote:
>>>>> Hi Jaikiran,
>>>>>
>>>>> Could you build JDK 11 or JDK 12 from source code? I had a patch to
>>>>> tolerate the extension in ServerHello handshake message. Please let
>>>>> me know if it works or not.
>>>>>
>>>>> If there are any other JDK 11 TLS problems with Apache Ant project,
>>>>> I'd like to know as well.
>>>>>
>>>>> Thanks,
>>>>> Xuelei
>>>>>
>>>>> On 8/25/2018 7:04 AM, Jaikiran Pai wrote:
>>>>>> Hi Xuelei,
>>>>>>
>>>>>>
>>>>>> On 25/08/18 7:20 PM, Xuelei Fan wrote:
>>>>>>> Sending "supported_groups" in ServerHello does not comply to the
>>>>>>> extension specification.
>>>>>> Agreed. However, given that both the client and server are using
>>>>>> TLSv1.2
>>>>>> and this seems to be "working" before the newer TLSv1.3 changes,
>>>>>> even in
>>>>>> recent JDK versions, is there a way the implementation could
>>>>>> workaround
>>>>>> this so as to allow JDK 11 to communicate with such servers?
>>>>>>
>>>>>>> Is it possible the HTTPS server fix this problem?
>>>>>> I don't have access or control over that server, so don't really know
>>>>>> how it's configured or whether it can be fixed. It's a pretty
>>>>>> frequently
>>>>>> used Maven repository hosted by the JBoss (Red Hat middleware) project
>>>>>> team. I suspect, it's not just limited to this server and could be a
>>>>>> common issue with some other servers too.
>>>>>>
>>>>>>
>>>>>>> I filed a bug in OpenJDK for the tracking:
>>>>>>> https://bugs.openjdk.java.net/browse/JDK-8209965
>>>>>> Thank you.
>>>>>>
>>>>>> -Jaikiran
>>>>>>
>>>>>>> Thanks,
>>>>>>> Xuelei
>>>>>>>
>>>>>>> On 8/25/2018 5:03 AM, Jaikiran Pai wrote:
>>>>>>>> As noted in that exception message, it appears that the server is
>>>>>>>> sending a "supported_groups" extension in its ServerHello message
>>>>>>>> (TLSv1.2). Reading about it, this seems to be a common issue with
>>>>>>>> certain servers and certain SSL implementations have added support
>>>>>>>> to be
>>>>>>>> lenient with such servers
>>>>>>>> https://github.com/openssl/openssl/pull/4463/files
>>>>>>>>
>>>>>>>> -Jaikiran
>>>>>>>>
>>>>>>>>
>>>>>>>> On 25/08/18 11:58 AM, Jaikiran Pai wrote:
>>>>>>>>> While testing the recently released RC of JDK11 against the Apache
>>>>>>>>> Ant
>>>>>>>>> project, I happened to run into an odd error. I have now been
>>>>>>>>> able to
>>>>>>>>> reproduce this using the following, pretty trivial code:
>>>>>>>>>
>>>>>>>>> import java.net.URL;
>>>>>>>>> import java.io.InputStream;
>>>>>>>>>
>>>>>>>>> public class Fetch {
>>>>>>>>> public static void main(final String[] args) throws
>>>>>>>>> Exception {
>>>>>>>>> final URL targetURL = new
>>>>>>>>> URL("https://repository.jboss.org/nexus/content/groups/public/javax/media/jai-core/1.1.3/jai-core-1.1.3.pom");
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> try (final InputStream is =
>>>>>>>>> targetURL.openConnection().getInputStream()) {
>>>>>>>>> is.read();
>>>>>>>>> }
>>>>>>>>> System.out.println("Done");
>>>>>>>>> }
>>>>>>>>> }
>>>>>>>>>
>>>>>>>>> All it does is opens a (HTTPS) connection against an endpoint to
>>>>>>>>> read
>>>>>>>>> some content. This code works fine in Java 8 and even Java 10. I'm
>>>>>>>>> pretty sure this was working fine even in Java 11 early access
>>>>>>>>> builds,
>>>>>>>>> but I don't have any such build/binary at hand to be certain.
>>>>>>>>>
>>>>>>>>> However, using the latest (OpenJDK) RC of Java 11 (both on Mac
>>>>>>>>> OS and
>>>>>>>>> Linux) downloaded from[1]:
>>>>>>>>>
>>>>>>>>> openjdk version "11" 2018-09-25
>>>>>>>>> OpenJDK Runtime Environment 18.9 (build 11+28)
>>>>>>>>> OpenJDK 64-Bit Server VM 18.9 (build 11+28, mixed mode)
>>>>>>>>>
>>>>>>>>> it fails with:
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Exception in thread "main" javax.net.ssl.SSLHandshakeException:
>>>>>>>>> extension (10) should not be presented in server_hello
>>>>>>>>> at
>>>>>>>>> java.base/sun.security.ssl.Alert.createSSLException(Alert.java:128)
>>>>>>>>> at
>>>>>>>>> java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117)
>>>>>>>>> at
>>>>>>>>> java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:308)
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> at
>>>>>>>>> java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:264)
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> at
>>>>>>>>> java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:255)
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> at
>>>>>>>>> java.base/sun.security.ssl.SSLExtensions.<init>(SSLExtensions.java:71)
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> at
>>>>>>>>> java.base/sun.security.ssl.ServerHello$ServerHelloMessage.<init>(ServerHello.java:173)
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> at
>>>>>>>>> java.base/sun.security.ssl.ServerHello$ServerHelloConsumer.consume(ServerHello.java:864)
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> at
>>>>>>>>> java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:392)
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> at
>>>>>>>>> java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:444)
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> at
>>>>>>>>> java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:421)
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> at
>>>>>>>>> java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:178)
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> at
>>>>>>>>> java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:164)
>>>>>>>>>
>>>>>>>>> at
>>>>>>>>> java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1152)
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> at
>>>>>>>>> java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1063)
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> at
>>>>>>>>> java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:402)
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> at
>>>>>>>>> java.base/sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:567)
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> at
>>>>>>>>> java.base/sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> at
>>>>>>>>> java.base/sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1581)
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> at
>>>>>>>>> java.base/sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1509)
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> at
>>>>>>>>> java.base/sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:245)
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> at Fetch.main(Fetch.java:7)
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> [1] http://jdk.java.net/11/
>>>>>>>>>
>>>>>>>>> -Jaikiran
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>
>>
>
More information about the security-dev
mailing list