Integrated: 8277970: Test jdk/sun/security/ssl/SSLSessionImpl/NoInvalidateSocketException.java fails with "tag mismatch"

Daniel Jeliński djelinski at openjdk.org
Wed Oct 12 15:35:12 UTC 2022


On Tue, 11 Oct 2022 14:38:35 GMT, Daniel Jeliński <djelinski at openjdk.org> wrote:

> This patch fixes the issue where a thread doing SSLSocket.close() could destroy the read cipher while it was used by another thread doing SSLSocket.read().
> 
> The reported issue was triggered by SSLSocket.close() calling inputRecord.close() -> readCipher.dispose() -> cipher.doFinal() on an AES/GCM cipher between `updateAAD` and `doFinal`; this changed the cipher state and caused the doFinal call to fail.
> 
> The issue for AES/GCM (and all other AEAD ciphers) was fixed by JDK-8294848; this patch addresses the non-AEAD ciphers.
> 
> Tier1-3 clean. Also, no failures after 1200 repetitions of NoInvalidateSocketException.

This pull request has now been integrated.

Changeset: d1252653
Author:    Daniel Jeliński <djelinski at openjdk.org>
URL:       https://git.openjdk.org/jdk/commit/d1252653b07ee3d0347b39b96f734e45772b5b36
Stats:     9 lines in 3 files changed: 6 ins; 1 del; 2 mod

8277970: Test jdk/sun/security/ssl/SSLSessionImpl/NoInvalidateSocketException.java fails with "tag mismatch"

Reviewed-by: jnimeh, xuelei

-------------

PR: https://git.openjdk.org/jdk/pull/10657


More information about the security-dev mailing list