Socket read timeout resulting in fatal tls alert in jdk 11
Xuelei Fan
xuelei.fan at oracle.com
Mon Feb 3 17:08:06 UTC 2020
On 2/3/2020 1:30 AM, BHARATH P G wrote:
> Sorry we attached logs from OracleJRE11 run.
>
> We are attaching here logs from openjdk 11.
>
Thanks!
> Looks like there is a gap between openjdk11 and OracleJDK11, in
> openjdk11 we could see tls1.2 alert(unexpected_message) after socket
> read timeout.
>
I agreed there is a gap. OpenJDK may want to fix the issue.
Regards,
Xuelei
> Thanks,
> Bharath
>
> On Mon, 3 Feb 2020 at 11:46, Xuelei Fan <xuelei.fan at oracle.com
> <mailto:xuelei.fan at oracle.com>> wrote:
>
> Per the attached debug log, it looks like that the exception is closure
> failure, but not the timeout exception. Did I missed something?
>
> Thanks & Regards,
> Xuelei
>
> On 2/2/2020 9:48 PM, BHARATH P G wrote:
> > Hi,
> >
> > We are hitting following issue with openjdk11.
> >
> > Issue description:
> >
> > If there is socket read timeout exception, jdk11 is sending tls
> fatal
> > alert causing client to close the socket connection. This was not
> the
> > behavior with jdk8.
> >
> > Below is the ssl debug logs with jdk11(complete log is available
> in the
> > attachment):
> >
> > javax.net.ssl|ERROR|01|main|2020-01-31 11:59:34.843
> > IST|TransportContext.java:312|Fatal (UNEXPECTED_MESSAGE): Read
> timed out (
> >
> > "throwable" : {
> >
> > java.net <http://java.net>.SocketTimeoutException: Read timed out
> >
> > at java.base/java.net
> <http://java.net>.SocketInputStream.socketRead0(Native Method)
> >
> > at
> > java.base/java.net
> <http://java.net>.SocketInputStream.socketRead(SocketInputStream.java:115)
> >
> > at
> > java.base/java.net
> <http://java.net>.SocketInputStream.read(SocketInputStream.java:168)
> >
> > at
> > java.base/java.net
> <http://java.net>.SocketInputStream.read(SocketInputStream.java:140)
> >
> > at
> >
> java.base/sun.security.ssl.SSLSocketInputRecord.read(SSLSocketInputRecord.java:448)
> >
> > at
> >
> java.base/sun.security.ssl.SSLSocketInputRecord.decode(SSLSocketInputRecord.java:165)
> >
> > at
> > java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:108)
> >
> > at
> >
> java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1151)
> >
> > at
> >
> java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1062)
> >
> > at
> >
> java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:402)
> >
> > at
> >
> java.base/sun.security.ssl.SSLSocketImpl.ensureNegotiated(SSLSocketImpl.java:716)
> >
> > at
> >
> java.base/sun.security.ssl.SSLSocketImpl$AppInputStream.read(SSLSocketImpl.java:799)
> >
> > at
> > java.base/sun.nio.cs.StreamDecoder.readBytes(StreamDecoder.java:284)
> >
> > at
> > java.base/sun.nio.cs.StreamDecoder.implRead(StreamDecoder.java:326)
> >
> > at
> java.base/sun.nio.cs.StreamDecoder.read(StreamDecoder.java:178)
> >
> > at
> > java.base/java.io
> <http://java.io>.InputStreamReader.read(InputStreamReader.java:185)
> >
> > at java.base/java.io
> <http://java.io>.BufferedReader.fill(BufferedReader.java:161)
> >
> > at
> > java.base/java.io
> <http://java.io>.BufferedReader.readLine(BufferedReader.java:326)
> >
> > at
> > java.base/java.io
> <http://java.io>.BufferedReader.readLine(BufferedReader.java:392)
> >
> > at SimpleClient.startClient(SimpleClient.java:29)
> >
> > at SimpleClient.main(SimpleClient.java:36)}
> >
> > )
> >
> > javax.net.ssl|DEBUG|01|main|2020-01-31 11:59:34.846
> > IST|SSLSocketOutputRecord.java:71|WRITE: TLS12
> > alert(unexpected_message), length = 2
> >
> > For reference I have attached sample client and server to repro the
> > issue and also ssl debug in the attachment.
> >
> > Thanks,
> >
> > Bharath
> >
>
More information about the security-dev
mailing list