Socket read timeout resulting in fatal tls alert in jdk 11
BHARATH P G
barath.pg67 at gmail.com
Mon Feb 3 09:30:38 UTC 2020
Sorry we attached logs from OracleJRE11 run.
We are attaching here logs from openjdk 11.
Looks like there is a gap between openjdk11 and OracleJDK11, in openjdk11
we could see tls1.2 alert(unexpected_message) after socket read timeout.
Thanks,
Bharath
On Mon, 3 Feb 2020 at 11:46, Xuelei Fan <xuelei.fan at oracle.com> wrote:
> Per the attached debug log, it looks like that the exception is closure
> failure, but not the timeout exception. Did I missed something?
>
> Thanks & Regards,
> Xuelei
>
> On 2/2/2020 9:48 PM, BHARATH P G wrote:
> > Hi,
> >
> > We are hitting following issue with openjdk11.
> >
> > Issue description:
> >
> > If there is socket read timeout exception, jdk11 is sending tls fatal
> > alert causing client to close the socket connection. This was not the
> > behavior with jdk8.
> >
> > Below is the ssl debug logs with jdk11(complete log is available in the
> > attachment):
> >
> > javax.net.ssl|ERROR|01|main|2020-01-31 11:59:34.843
> > IST|TransportContext.java:312|Fatal (UNEXPECTED_MESSAGE): Read timed out
> (
> >
> > "throwable" : {
> >
> > java.net.SocketTimeoutException: Read timed out
> >
> > at java.base/java.net.SocketInputStream.socketRead0(Native
> Method)
> >
> > at
> > java.base/java.net
> .SocketInputStream.socketRead(SocketInputStream.java:115)
> >
> > at
> > java.base/java.net.SocketInputStream.read(SocketInputStream.java:168)
> >
> > at
> > java.base/java.net.SocketInputStream.read(SocketInputStream.java:140)
> >
> > at
> >
> java.base/sun.security.ssl.SSLSocketInputRecord.read(SSLSocketInputRecord.java:448)
> >
> > at
> >
> java.base/sun.security.ssl.SSLSocketInputRecord.decode(SSLSocketInputRecord.java:165)
> >
> > at
> > java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:108)
> >
> > at
> > java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1151)
> >
> > at
> >
> java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1062)
> >
> > at
> >
> java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:402)
> >
> > at
> >
> java.base/sun.security.ssl.SSLSocketImpl.ensureNegotiated(SSLSocketImpl.java:716)
> >
> > at
> >
> java.base/sun.security.ssl.SSLSocketImpl$AppInputStream.read(SSLSocketImpl.java:799)
> >
> > at
> > java.base/sun.nio.cs.StreamDecoder.readBytes(StreamDecoder.java:284)
> >
> > at
> > java.base/sun.nio.cs.StreamDecoder.implRead(StreamDecoder.java:326)
> >
> > at
> java.base/sun.nio.cs.StreamDecoder.read(StreamDecoder.java:178)
> >
> > at
> > java.base/java.io.InputStreamReader.read(InputStreamReader.java:185)
> >
> > at java.base/java.io
> .BufferedReader.fill(BufferedReader.java:161)
> >
> > at
> > java.base/java.io.BufferedReader.readLine(BufferedReader.java:326)
> >
> > at
> > java.base/java.io.BufferedReader.readLine(BufferedReader.java:392)
> >
> > at SimpleClient.startClient(SimpleClient.java:29)
> >
> > at SimpleClient.main(SimpleClient.java:36)}
> >
> > )
> >
> > javax.net.ssl|DEBUG|01|main|2020-01-31 11:59:34.846
> > IST|SSLSocketOutputRecord.java:71|WRITE: TLS12
> > alert(unexpected_message), length = 2
> >
> > For reference I have attached sample client and server to repro the
> > issue and also ssl debug in the attachment.
> >
> > Thanks,
> >
> > Bharath
> >
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20200203/0aaad995/attachment.htm>
-------------- next part --------------
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.211 IST|SSLContextImpl.java:428|System property jdk.tls.client.cipherSuites is set to 'null'
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.234 IST|SSLContextImpl.java:428|System property jdk.tls.server.cipherSuites is set to 'null'
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.281 IST|SSLCipher.java:464|jdk.tls.keyLimits: entry = AES/GCM/NoPadding KeyUpdate 2^37. AES/GCM/NOPADDING:KEYUPDATE = 137438953472
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.297 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.297 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.298 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.298 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.299 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.299 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.299 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.301 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.301 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.302 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.302 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.302 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.303 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: SSL_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.304 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: SSL_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.305 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: TLS_DH_anon_WITH_AES_256_GCM_SHA384
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.306 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: TLS_DH_anon_WITH_AES_256_GCM_SHA384
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.306 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: TLS_DH_anon_WITH_AES_128_GCM_SHA256
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.307 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: TLS_DH_anon_WITH_AES_128_GCM_SHA256
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.307 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: TLS_DH_anon_WITH_AES_256_CBC_SHA256
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.308 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: TLS_DH_anon_WITH_AES_256_CBC_SHA256
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.309 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: TLS_ECDH_anon_WITH_AES_256_CBC_SHA
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.310 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: TLS_ECDH_anon_WITH_AES_256_CBC_SHA
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.312 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: TLS_DH_anon_WITH_AES_256_CBC_SHA
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.313 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: TLS_DH_anon_WITH_AES_256_CBC_SHA
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.314 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: TLS_DH_anon_WITH_AES_128_CBC_SHA256
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.315 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: TLS_DH_anon_WITH_AES_128_CBC_SHA256
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.316 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: TLS_ECDH_anon_WITH_AES_128_CBC_SHA
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.317 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: TLS_ECDH_anon_WITH_AES_128_CBC_SHA
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.318 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: TLS_DH_anon_WITH_AES_128_CBC_SHA
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.318 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: TLS_DH_anon_WITH_AES_128_CBC_SHA
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.319 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.320 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.320 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: SSL_DH_anon_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.323 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: SSL_DH_anon_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.324 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.324 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.325 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: TLS_ECDHE_RSA_WITH_RC4_128_SHA
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.326 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: TLS_ECDHE_RSA_WITH_RC4_128_SHA
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.328 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: SSL_RSA_WITH_RC4_128_SHA
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.328 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: SSL_RSA_WITH_RC4_128_SHA
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.329 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: TLS_ECDH_ECDSA_WITH_RC4_128_SHA
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.329 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: TLS_ECDH_ECDSA_WITH_RC4_128_SHA
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.330 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: TLS_ECDH_RSA_WITH_RC4_128_SHA
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.330 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: TLS_ECDH_RSA_WITH_RC4_128_SHA
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.333 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: SSL_RSA_WITH_RC4_128_MD5
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.333 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: SSL_RSA_WITH_RC4_128_MD5
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.334 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: TLS_ECDH_anon_WITH_RC4_128_SHA
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.335 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: TLS_ECDH_anon_WITH_RC4_128_SHA
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.335 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: SSL_DH_anon_WITH_RC4_128_MD5
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.336 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: SSL_DH_anon_WITH_RC4_128_MD5
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.337 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: SSL_RSA_WITH_DES_CBC_SHA
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.337 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: SSL_RSA_WITH_DES_CBC_SHA
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.338 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: SSL_DHE_RSA_WITH_DES_CBC_SHA
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.339 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: SSL_DHE_RSA_WITH_DES_CBC_SHA
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.339 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: SSL_DHE_DSS_WITH_DES_CBC_SHA
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.340 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: SSL_DHE_DSS_WITH_DES_CBC_SHA
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.340 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: SSL_DH_anon_WITH_DES_CBC_SHA
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.341 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: SSL_DH_anon_WITH_DES_CBC_SHA
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.341 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: SSL_RSA_EXPORT_WITH_DES40_CBC_SHA
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.344 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: SSL_RSA_EXPORT_WITH_DES40_CBC_SHA
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.345 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.345 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.346 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.346 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.347 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.347 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.348 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: SSL_RSA_EXPORT_WITH_RC4_40_MD5
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.348 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: SSL_RSA_EXPORT_WITH_RC4_40_MD5
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.349 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: SSL_DH_anon_EXPORT_WITH_RC4_40_MD5
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.350 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: SSL_DH_anon_EXPORT_WITH_RC4_40_MD5
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.350 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: TLS_RSA_WITH_NULL_SHA256
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.351 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: TLS_RSA_WITH_NULL_SHA256
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.351 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: TLS_ECDHE_ECDSA_WITH_NULL_SHA
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.352 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_NULL_SHA
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.352 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: TLS_ECDHE_RSA_WITH_NULL_SHA
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.355 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: TLS_ECDHE_RSA_WITH_NULL_SHA
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.356 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: SSL_RSA_WITH_NULL_SHA
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.357 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: SSL_RSA_WITH_NULL_SHA
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.357 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: TLS_ECDH_ECDSA_WITH_NULL_SHA
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.357 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: TLS_ECDH_ECDSA_WITH_NULL_SHA
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.358 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: TLS_ECDH_RSA_WITH_NULL_SHA
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.358 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: TLS_ECDH_RSA_WITH_NULL_SHA
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.359 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: TLS_ECDH_anon_WITH_NULL_SHA
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.360 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: TLS_ECDH_anon_WITH_NULL_SHA
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.361 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: SSL_RSA_WITH_NULL_MD5
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.361 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: SSL_RSA_WITH_NULL_MD5
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.365 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.366 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.366 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.367 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.367 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.368 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.369 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.369 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.370 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.370 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.371 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.372 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.373 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: SSL_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.373 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: SSL_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.378 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.379 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.380 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.380 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.381 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.381 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.382 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.382 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.383 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.383 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.384 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.384 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.385 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: SSL_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.385 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: SSL_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.389 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.389 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.390 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.390 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.391 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.391 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.392 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.392 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.393 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.394 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.395 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.395 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.396 IST|SSLContextImpl.java:402|Ignore disabled cipher suite: SSL_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.396 IST|SSLContextImpl.java:411|Ignore unsupported cipher suite: SSL_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.400 IST|TrustStoreManager.java:112|trustStore is: clientTrustStore.key
trustStore type is: pkcs12
trustStore provider is:
the last modified time is: Fri Jan 31 00:22:52 IST 2020
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.401 IST|TrustStoreManager.java:311|Reload the trust store
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.422 IST|TrustStoreManager.java:318|Reload trust certs
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.423 IST|TrustStoreManager.java:323|Reloaded 1 trust certs
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.431 IST|X509TrustManagerImpl.java:79|adding as trusted certificates (
"certificate" : {
"version" : "v3",
"serial number" : "23 54 3E 06",
"signature algorithm": "SHA256withDSA",
"issuer" : "CN=localhost, OU=localhost, O=localhost, L=localhost, ST=localhost, C=in",
"not before" : "2020-01-31 24:22:29.000 IST",
"not after" : "2020-04-30 24:22:29.000 IST",
"subject" : "CN=localhost, OU=localhost, O=localhost, L=localhost, ST=localhost, C=in",
"subject public key" : "DSA",
"extensions" : [
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 01 7D 37 9D AD 53 AB 56 D6 AA A2 9D C7 A9 96 72 ..7..S.V.......r
0010: AF 50 40 FE .P at .
]
]
}
]}
)
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.432 IST|SSLContextImpl.java:1088|keyStore is :
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.434 IST|SSLContextImpl.java:1089|keyStore type is : pkcs12
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.434 IST|SSLContextImpl.java:1091|keyStore provider is :
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.435 IST|SSLContextImpl.java:1126|init keystore
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:15.436 IST|SSLContextImpl.java:1149|init keymanager of type SunX509
javax.net.ssl|ALL|01|main|2020-02-03 14:44:15.437 IST|SSLContextImpl.java:115|trigger seeding of SecureRandom
javax.net.ssl|ALL|01|main|2020-02-03 14:44:16.340 IST|SSLContextImpl.java:119|done seeding of SecureRandom
javax.net.ssl|WARNING|01|main|2020-02-03 14:44:16.403 IST|ServerNameExtension.java:261|Unable to indicate server name
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:16.403 IST|SSLExtensions.java:257|Ignore, context unavailable extension: server_name
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:16.405 IST|SupportedGroupsExtension.java:877|Ignore inactive or disabled named group: secp256r1
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:16.405 IST|SupportedGroupsExtension.java:877|Ignore inactive or disabled named group: secp384r1
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:16.405 IST|SupportedGroupsExtension.java:877|Ignore inactive or disabled named group: secp521r1
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:16.406 IST|ECPointFormatsExtension.java:195|Need no ec_point_formats extension
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:16.406 IST|SSLExtensions.java:257|Ignore, context unavailable extension: ec_point_formats
javax.net.ssl|WARNING|01|main|2020-02-03 14:44:16.408 IST|SignatureScheme.java:296|Signature algorithm, ed25519, is not supported by the underlying providers
javax.net.ssl|WARNING|01|main|2020-02-03 14:44:16.408 IST|SignatureScheme.java:296|Signature algorithm, ed448, is not supported by the underlying providers
javax.net.ssl|ALL|01|main|2020-02-03 14:44:16.414 IST|SignatureScheme.java:373|Ignore disabled signature scheme: rsa_md5
javax.net.ssl|INFO|01|main|2020-02-03 14:44:16.415 IST|AlpnExtension.java:161|No available application protocols
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:16.415 IST|SSLExtensions.java:257|Ignore, context unavailable extension: application_layer_protocol_negotiation
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:16.419 IST|ClientHello.java:653|Produced ClientHello handshake message (
"ClientHello": {
"client version" : "TLSv1.2",
"random" : "C7 35 75 4D A7 39 75 A9 DE C8 F8 90 53 B3 77 A7 9C 2F 67 1A 70 D2 CB 18 1A 02 8E 31 CB CD 2E 2C",
"session id" : "",
"cipher suites" : "[TLS_DHE_DSS_WITH_AES_256_CBC_SHA256(0x006A)]",
"compression methods" : "00",
"extensions" : [
"status_request (5)": {
"certificate status type": ocsp
"OCSP status request": {
"responder_id": <empty>
"request extensions": {
<empty>
}
}
},
"supported_groups (10)": {
"versions": [ffdhe2048, ffdhe3072, ffdhe4096, ffdhe6144, ffdhe8192]
},
"signature_algorithms (13)": {
"signature schemes": [ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, ecdsa_secp521r1_sha512, rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, dsa_sha256, ecdsa_sha1, rsa_pkcs1_sha1, dsa_sha1]
},
"signature_algorithms_cert (50)": {
"signature schemes": [ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, ecdsa_secp521r1_sha512, rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, dsa_sha256, ecdsa_sha1, rsa_pkcs1_sha1, dsa_sha1]
},
"status_request_v2 (17)": {
"cert status request": {
"certificate status type": ocsp_multi
"OCSP status request": {
"responder_id": <empty>
"request extensions": {
<empty>
}
}
}
},
"extended_master_secret (23)": {
<empty>
},
"supported_versions (43)": {
"versions": [TLSv1.2]
},
"renegotiation_info (65,281)": {
"renegotiated connection": [<no renegotiated connection>]
}
]
}
)
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:16.420 IST|SSLSocketOutputRecord.java:241|WRITE: TLS12 handshake, length = 177
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:16.438 IST|SSLSocketOutputRecord.java:255|Raw write (
0000: 16 03 03 00 B1 01 00 00 AD 03 03 C7 35 75 4D A7 ............5uM.
0010: 39 75 A9 DE C8 F8 90 53 B3 77 A7 9C 2F 67 1A 70 9u.....S.w../g.p
0020: D2 CB 18 1A 02 8E 31 CB CD 2E 2C 00 00 02 00 6A ......1...,....j
0030: 01 00 00 82 00 05 00 05 01 00 00 00 00 00 0A 00 ................
0040: 0C 00 0A 01 00 01 01 01 02 01 03 01 04 00 0D 00 ................
0050: 22 00 20 04 03 05 03 06 03 08 04 08 05 08 06 08 ". .............
0060: 09 08 0A 08 0B 04 01 05 01 06 01 04 02 02 03 02 ................
0070: 01 02 02 00 32 00 22 00 20 04 03 05 03 06 03 08 ....2.". .......
0080: 04 08 05 08 06 08 09 08 0A 08 0B 04 01 05 01 06 ................
0090: 01 04 02 02 03 02 01 02 02 00 11 00 09 00 07 02 ................
00A0: 00 04 00 00 00 00 00 17 00 00 00 2B 00 03 02 03 ...........+....
00B0: 03 FF 01 00 01 00 ......
)
javax.net.ssl|ERROR|01|main|2020-02-03 14:44:16.445 IST|TransportContext.java:312|Fatal (UNEXPECTED_MESSAGE): Read timed out (
"throwable" : {
java.net.SocketTimeoutException: Read timed out
at java.base/java.net.SocketInputStream.socketRead0(Native Method)
at java.base/java.net.SocketInputStream.socketRead(SocketInputStream.java:115)
at java.base/java.net.SocketInputStream.read(SocketInputStream.java:168)
at java.base/java.net.SocketInputStream.read(SocketInputStream.java:140)
at java.base/sun.security.ssl.SSLSocketInputRecord.read(SSLSocketInputRecord.java:448)
at java.base/sun.security.ssl.SSLSocketInputRecord.decode(SSLSocketInputRecord.java:165)
at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:108)
at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1151)
at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1062)
at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:402)
at java.base/sun.security.ssl.SSLSocketImpl.ensureNegotiated(SSLSocketImpl.java:716)
at java.base/sun.security.ssl.SSLSocketImpl$AppInputStream.read(SSLSocketImpl.java:799)
at java.base/sun.nio.cs.StreamDecoder.readBytes(StreamDecoder.java:284)
at java.base/sun.nio.cs.StreamDecoder.implRead(StreamDecoder.java:326)
at java.base/sun.nio.cs.StreamDecoder.read(StreamDecoder.java:178)
at java.base/java.io.InputStreamReader.read(InputStreamReader.java:185)
at java.base/java.io.BufferedReader.fill(BufferedReader.java:161)
at java.base/java.io.BufferedReader.readLine(BufferedReader.java:326)
at java.base/java.io.BufferedReader.readLine(BufferedReader.java:392)
at SimpleClient.startClient(SimpleClient.java:29)
at SimpleClient.main(SimpleClient.java:36)}
)
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:16.446 IST|SSLSocketOutputRecord.java:71|WRITE: TLS12 alert(unexpected_message), length = 2
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:16.447 IST|SSLSocketOutputRecord.java:85|Raw write (
0000: 15 03 03 00 02 02 0A .......
)
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:16.448 IST|SSLSocketImpl.java:1360|close the underlying socket
javax.net.ssl|DEBUG|01|main|2020-02-03 14:44:16.449 IST|SSLSocketImpl.java:1379|close the SSL connection (initiative)
Exception in thread "main" javax.net.ssl.SSLException: Read timed out
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:127)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:320)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:263)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:258)
at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:137)
at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1151)
at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1062)
at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:402)
at java.base/sun.security.ssl.SSLSocketImpl.ensureNegotiated(SSLSocketImpl.java:716)
at java.base/sun.security.ssl.SSLSocketImpl$AppInputStream.read(SSLSocketImpl.java:799)
at java.base/sun.nio.cs.StreamDecoder.readBytes(StreamDecoder.java:284)
at java.base/sun.nio.cs.StreamDecoder.implRead(StreamDecoder.java:326)
at java.base/sun.nio.cs.StreamDecoder.read(StreamDecoder.java:178)
at java.base/java.io.InputStreamReader.read(InputStreamReader.java:185)
at java.base/java.io.BufferedReader.fill(BufferedReader.java:161)
at java.base/java.io.BufferedReader.readLine(BufferedReader.java:326)
at java.base/java.io.BufferedReader.readLine(BufferedReader.java:392)
at SimpleClient.startClient(SimpleClient.java:29)
at SimpleClient.main(SimpleClient.java:36)
Caused by: java.net.SocketTimeoutException: Read timed out
at java.base/java.net.SocketInputStream.socketRead0(Native Method)
at java.base/java.net.SocketInputStream.socketRead(SocketInputStream.java:115)
at java.base/java.net.SocketInputStream.read(SocketInputStream.java:168)
at java.base/java.net.SocketInputStream.read(SocketInputStream.java:140)
at java.base/sun.security.ssl.SSLSocketInputRecord.read(SSLSocketInputRecord.java:448)
at java.base/sun.security.ssl.SSLSocketInputRecord.decode(SSLSocketInputRecord.java:165)
at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:108)
... 14 more
More information about the security-dev
mailing list