SSLEngine.wrap(...) returns NOT_HANDSHAKING even when the alert was not consumed yet in latest JDK12 release (possible regression).

Sean Mullan sean.mullan at oracle.com
Wed Mar 13 12:31:36 UTC 2019 

My best guess is that https://bugs.openjdk.java.net/browse/JDK-8214418 
is the cause.

Xuelei, would you have time to look at this?

Thanks,
Sean

On 3/13/19 2:31 AM, Norman Maurer wrote:
> Is there anything else I can do to have anyone look into this?
> 
> I just want to make sure this does not fall through before the final JDK 
> 12 release is done.
> 
> Bye
> Norman
> 
> 
>> On 4. Mar 2019, at 21:15, Norman Maurer <norman.maurer at googlemail.com 
>> <mailto:norman.maurer at googlemail.com>> wrote:
>>
>> Any comments here ?
>>
>> Bye
>> Norman
>>
>>
>>> On 28. Feb 2019, at 09:24, Norman Maurer 
>>> <norman.maurer at googlemail.com <mailto:norman.maurer at googlemail.com>> 
>>> wrote:
>>>
>>> Hi all,
>>>
>>> I think I found a possible regression / bug in the latest JDK12 
>>> release when trying to upgrade the Netty CI server to test with the 
>>> latest JDK12 release. The problem is that SSLEngine.wrap(…) returns 
>>> NOT_HANDSHAKING even when there are bytes left that should be 
>>> consumed (the alert itself). My understanding is that it should only 
>>> return “NOT_HANDSHAKING” once we also consumed the alert. Please 
>>> correct me if I wrong tho.
>>>
>>> I pushed a reproducer for this here:
>>>
>>> https://github.com/normanmaurer/jdk12_ssl_engine_unwrap_bug
>>>
>>> When running this on the latest JDK12 release (and later JDK 
>>> versions) it will fail with an AssertionError, while everything works 
>>> as expected when using earlier Java versions.
>>>
>>> Here is the Java version I used to reproduce:
>>>
>>> # java -version
>>> openjdk version "12" 2019-03-19
>>> OpenJDK Runtime Environment (build 12+33)
>>> OpenJDK 64-Bit Server VM (build 12+33, mixed mode, sharing)
>>>
>>>
>>> It seems like this was not always the case for Java12 tho, as I can 
>>> not reproduce it with this version:
>>>
>>> #java -version
>>> openjdk version "12-ea" 2019-03-19
>>> OpenJDK Runtime Environment (build 12-ea+27)
>>> OpenJDK 64-Bit Server VM (build 12-ea+27, mixed mode, sharing)
>>>
>>> I don't have all the “in between” releases on my machine atm so I can 
>>> not tell exactly on which release this “broke” :/
>>>
>>> Thanks
>>> Norman
>>>
>>>
>>>
>>
>

More information about the security-dev mailing list