"Blocking operation" during SSLEngineImpl.unwrap()

Anthony Scarpino anthony.scarpino at oracle.com
Fri Aug 7 17:27:09 UTC 2020


Well if there were a bug it's with NativePRNG as the operation is 
suppose to be non-blocking.  Even so, /dev/urandom is nonblocking.  The 
only reason this looks to have been detected by the tool is because it's 
a blocking read op.  This all seems like an extremely unlikely 
situation.  I don't see this as something SSLEngine should be 
compensating for.

Tony

On 8/7/20 9:16 AM, Norman Maurer wrote:
> I think the possibility that it may block should be enough to signal and so offload to a task.
> 
> If it never blocks then it’s not a bug... that’s why I asked the question in the first place .
> 
> Bye
> Norman
>> Am 07.08.2020 um 18:13 schrieb Alan Bateman <Alan.Bateman at oracle.com>:
>>
>> On 07/08/2020 16:00, Xuelei Fan wrote:
>>> Hm, it's an interesting bug.  I filed the issue on the Java Bug System.
>>>     https://bugs.openjdk.java.net/browse/JDK-8251304
>> It is a bug that a new random cookie is needed or it has from read from /dev/urandom? I don't think the stack trace is enough to know if read is really blocked.
>>
>> -Alan




More information about the security-dev mailing list