[jira] [Created] (DIRMINA-1082) SSLHandler calling wrap method after closeOutBound() on SSLEngine

Tue, 27 Mar 2018 07:40:23 -0700 

Kamal Rathod created DIRMINA-1082:
-------------------------------------

             Summary: SSLHandler calling wrap method after closeOutBound() on 
SSLEngine
                 Key: DIRMINA-1082
                 URL: https://issues.apache.org/jira/browse/DIRMINA-1082
             Project: MINA
          Issue Type: Bug
          Components: Core
    Affects Versions: 2.0.16
            Reporter: Kamal Rathod


Hi,

I am trying to connect through SSL and Proxy and getting below error.

_ERROR quickfix.mina.initiator.InitiatorIoHandler - Socket : 
javax.net.ssl.SSLException: Improper close state: Status = OK HandshakeStatus = 
NEED_WRAP_
_bytesConsumed = 0 bytesProduced = 87_
_javax.net.ssl.SSLException: Improper close state: Status = OK HandshakeStatus 
= NEED_WRAP_
_bytesConsumed = 0 bytesProduced = 87_
 _at org.apache.mina.filter.ssl.SslHandler.closeOutbound(SslHandler.java:500) 
~[mina-core.jar:?]_
 _at org.apache.mina.filter.ssl.SslFilter.initiateClosure(SslFilter.java:742) 
~[mina-core.jar:?]_
 _at org.apache.mina.filter.ssl.SslFilter.filterClose(SslFilter.java:677) 
~[mina-core.jar:?]_
 _at 
org.apache.mina.core.filterchain.DefaultIoFilterChain.callPreviousFilterClose(DefaultIoFilterChain.java:648)
 ~[mina-core.jar:?]_

 

I had a look at closeOutBound() method of SslHandler.java and suspect bug there.

Line 484: sslEngine.closeOutBound()

Line 490: sslEngine.wrap(emptyBuffer.buf(), outNetBuffer.buf());

 

In the scenario the sslEngine is closed first and then the wrap method is 
called. 

As per java docs:

 _In all cases, closure handshake messages are generated by the engine, and 
{{wrap()}} should be repeatedly called until the resulting 
{{SSLEngineResult}}'s status returns "CLOSED", or 
[{{isOutboundDone()}}|https://docs.oracle.com/javase/7/docs/api/javax/net/ssl/SSLEngine.html#isOutboundDone()]
 returns true. All data obtained from the {{wrap()}} method should be sent to 
the peer._

_[{{closeOutbound()}}|https://docs.oracle.com/javase/7/docs/api/javax/net/ssl/SSLEngine.html#closeOutbound()]
 is used to signal the engine that the application will not be sending any more 
data._

So as per docs, wrap should be called repeatedly and then closeOutbound() 
method, but in code its reverse, after closeOutbound wrap is called.

Can someone please check and comment on this?



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to