RFR: 8277970: Test jdk/sun/security/ssl/SSLSessionImpl/NoInvalidateSocketException.java fails with "tag mismatch" [v2]

Jamil Nimeh jnimeh at openjdk.org
Tue Oct 11 19:36:25 UTC 2022

On Tue, 11 Oct 2022 18:53:54 GMT, Daniel Jeliński <djelinski at openjdk.org> wrote:

>> This patch fixes the issue where a thread doing SSLSocket.close() could destroy the read cipher while it was used by another thread doing SSLSocket.read().
>> The reported issue was triggered by SSLSocket.close() calling inputRecord.close() -> readCipher.dispose() -> cipher.doFinal() on an AES/GCM cipher between `updateAAD` and `doFinal`; this changed the cipher state and caused the doFinal call to fail.
>> The issue for AES/GCM (and all other AEAD ciphers) was fixed by JDK-8294848; this patch addresses the non-AEAD ciphers.
>> Tier1-3 clean. Also, no failures after 1200 repetitions of NoInvalidateSocketException.
> Daniel Jeliński has updated the pull request incrementally with one additional commit since the last revision:
>   Add bug ID

Thanks for doing that additional focused test on the other closure/read specific test.  This looks good to me.


Marked as reviewed by jnimeh (Reviewer).

PR: https://git.openjdk.org/jdk/pull/10657

More information about the security-dev mailing list