[prev in list] [next in list] [prev in thread] [next in thread]
List: openjdk-security-dev
Subject: SSLEngine.wrap(...) returns NOT_HANDSHAKING even when the alert was not consumed yet in latest JDK12
From: Norman Maurer <norman.maurer () googlemail ! com>
Date: 2019-02-28 8:24:49
Message-ID: F2454990-F28C-4295-93EB-149A1F392F06 () googlemail ! com
[Download RAW message or body]
Hi all,
I think I found a possible regression / bug in the latest JDK12 release when trying \
to upgrade the Netty CI server to test with the latest JDK12 release. The problem is \
that SSLEngine.wrap(…) returns NOT_HANDSHAKING even when there are bytes left that \
should be consumed (the alert itself). My understanding is that it should only return \
"NOT_HANDSHAKING" once we also consumed the alert. Please correct me if I wrong tho.
I pushed a reproducer for this here:
https://github.com/normanmaurer/jdk12_ssl_engine_unwrap_bug \
<https://github.com/normanmaurer/jdk12_ssl_engine_unwrap_bug>
When running this on the latest JDK12 release (and later JDK versions) it will fail \
with an AssertionError, while everything works as expected when using earlier Java \
versions.
Here is the Java version I used to reproduce:
# java -version
openjdk version "12" 2019-03-19
OpenJDK Runtime Environment (build 12+33)
OpenJDK 64-Bit Server VM (build 12+33, mixed mode, sharing)
It seems like this was not always the case for Java12 tho, as I can not reproduce it \
with this version:
#java -version
openjdk version "12-ea" 2019-03-19
OpenJDK Runtime Environment (build 12-ea+27)
OpenJDK 64-Bit Server VM (build 12-ea+27, mixed mode, sharing)
I don't have all the "in between" releases on my machine atm so I can not tell \
exactly on which release this "broke" :/
Thanks
Norman
[Attachment #3 (unknown)]
<html><head><meta http-equiv="Content-Type" content="text/html; \
charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; \
line-break: after-white-space;" class="">Hi all,<div class=""><br class=""></div><div \
class="">I think I found a possible regression / bug in the latest JDK12 release when \
trying to upgrade the Netty CI server to test with the latest JDK12 release. The \
problem is that SSLEngine.wrap(…) returns NOT_HANDSHAKING even when there are bytes \
left that should be consumed (the alert itself). My understanding is that it should \
only return "NOT_HANDSHAKING" once we also consumed the alert. Please correct me if I \
wrong tho.</div><div class=""><br class=""></div><div class="">I pushed a reproducer \
for this here:</div><div class=""><br class=""></div><div class=""><a \
href="https://github.com/normanmaurer/jdk12_ssl_engine_unwrap_bug" \
class="">https://github.com/normanmaurer/jdk12_ssl_engine_unwrap_bug</a></div><div \
class=""><br class=""></div><div class="">When running this on the latest JDK12 \
release (and later JDK versions) it will fail with an AssertionError, while \
everything works as expected when using earlier Java versions.</div><div class=""><br \
class=""></div><div class="">Here is the Java version I used to reproduce:</div><div \
class=""><br class=""></div><div class=""><div class=""># java -version</div><div \
class="">openjdk version "12" 2019-03-19</div><div class="">OpenJDK Runtime \
Environment (build 12+33)</div><div class="">OpenJDK 64-Bit Server VM (build 12+33, \
mixed mode, sharing)</div></div><div class=""><br class=""></div><div class=""><br \
class=""></div><div class="">It seems like this was not always the case for Java12 \
tho, as I can not reproduce it with this version:</div><div class=""><br \
class=""></div><div class=""><div class="">#java -version</div><div class="">openjdk \
version "12-ea" 2019-03-19</div><div class="">OpenJDK Runtime Environment (build \
12-ea+27)</div><div class="">OpenJDK 64-Bit Server VM (build 12-ea+27, mixed mode, \
sharing)</div></div><div class=""><br class=""></div><div class="">I don't have all \
the "in between" releases on my machine atm so I can not tell exactly on which \
release this "broke" :/</div><div class=""><br class=""></div><div \
class="">Thanks</div><div class="">Norman</div><div class=""><br class=""></div><div \
class=""><br class=""></div><div class=""><br class=""></div></body></html>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic