subject:"Bug with TLSv1.3 session resumption \(most likely caused by concurrency bug\)"

Re: [External] : Re: Bug with TLSv1.3 session resumption (most likely caused by concurrency bug)

2021-04-26 Thread Jamil Nimeh


Hi Alexey,

I'm in the process of reviewing it.

--Jamil

On 4/26/21 4:24 AM, Alexey Bakhtin wrote:

Hi Jamil, Norman,

I’ve missed this thread discussing JDK-8241248 issue.
Recently I have suggested a fix for this issue :
https://github.com/openjdk/jdk/pull/3664

Regards
Alexey


On 26 Apr 2021, at 11:31, Norman Maurer  wrote:

Sorry for the noise but is there any update ? The bug makes it “impossible” for 
us to enable caching by default as it may cause issues on the remote peer which 
are hard to debug.

Bye
Norman



On 19. Mar 2021, at 16:34, Jamil Nimeh  wrote:

Hi Norman, I've been working a couple other bugs, but I should have some time 
to devote to it next week.

--Jamil

On 3/19/2021 6:15 AM, Norman Maurer wrote:

I was wondering if there is any update or anything I can help with ?

Bye
Norman


Am 04.03.2021 um 18:51 schrieb Jamil Nimeh :


I already replied to Norman directly (because apparently I cannot seem to find 
my Reply-all button before my morning caffeine!).  It does look quite a bit 
like 8241248 and that issue is in my bug queue.  I haven't started work on it 
yet, but now that Norman has provided me some links to a reproducer I can give 
it a spin and see if I can make the bug happen locally (Thanks Norman!)

--Jamil

On 3/4/2021 8:22 AM, Xue-Lei Fan wrote:

Forward to security-dev.

Xuelei


On Mar 4, 2021, at 6:11 AM, Norman Maurer  wrote:

Hi there,

I think I found a bug in the TLSv1.3 session cache implementation which 
sometimes can cause failures during session resumption.
The cause of this sometimes show up as NPE:

javax.net.ssl.SSLException: Session has no PSK
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:133)
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:336)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:292)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:283)
at 
java.base/sun.security.ssl.PreSharedKeyExtension.checkBinder(PreSharedKeyExtension.java:537)
at 
java.base/sun.security.ssl.PreSharedKeyExtension$CHPreSharedKeyUpdate.consume(PreSharedKeyExtension.java:528)
at java.base/sun.security.ssl.SSLExtension.consumeOnTrade(SSLExtension.java:583)
at 
java.base/sun.security.ssl.SSLExtensions.consumeOnTrade(SSLExtensions.java:222)
at 
java.base/sun.security.ssl.ServerHello$T13ServerHelloProducer.produce(ServerHello.java:539)
at java.base/sun.security.ssl.SSLHandshake.produce(SSLHandshake.java:436)
at 
java.base/sun.security.ssl.ClientHello$T13ClientHelloConsumer.goServerHello(ClientHello.java:1234)
at 
java.base/sun.security.ssl.ClientHello$T13ClientHelloConsumer.consume(ClientHello.java:1170)
at 
java.base/sun.security.ssl.ClientHello$ClientHelloConsumer.onClientHello(ClientHello.java:852)
at 
java.base/sun.security.ssl.ClientHello$ClientHelloConsumer.consume(ClientHello.java:813)
at java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:392)
at 
java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:443)
at 
java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:1074)
at 
java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:1061)
at java.base/java.security.AccessController.doPrivileged(Native Method)
at 
java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask.run(SSLEngineImpl.java:1008)
at io.netty.handler.ssl.SslHandler.runAllDelegatedTasks(SslHandler.java:1557)
at io.netty.handler.ssl.SslHandler.runDelegatedTasks(SslHandler.java:1571)
at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1455)
at io.netty.handler.ssl.SslHandler.decodeJdkCompatible(SslHandler.java:1282)
at io.netty.handler.ssl.SslHandler.decode(SslHandler.java:1329)
at 
io.netty.handler.codec.ByteToMessageDecoder.decodeRemovalReentryProtection(ByteToMessageDecoder.java:508)
at 
io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:447)
at 
io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:276)
at 
io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:379)
at 
io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:365)
at 
io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:357)
at 
io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1410)
at 
io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:379)
at 
io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:365)
at 
io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:919)
at 
io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:166)
at

Re: [External] : Re: Bug with TLSv1.3 session resumption (most likely caused by concurrency bug)

2021-04-26 Thread Alexey Bakhtin

Hi Jamil, Norman,

I’ve missed this thread discussing JDK-8241248 issue.
Recently I have suggested a fix for this issue :
https://github.com/openjdk/jdk/pull/3664

Regards
Alexey

> On 26 Apr 2021, at 11:31, Norman Maurer  wrote:
> 
> Sorry for the noise but is there any update ? The bug makes it “impossible” 
> for us to enable caching by default as it may cause issues on the remote peer 
> which are hard to debug.
> 
> Bye
> Norman
> 
> 
>> On 19. Mar 2021, at 16:34, Jamil Nimeh  wrote:
>> 
>> Hi Norman, I've been working a couple other bugs, but I should have some 
>> time to devote to it next week.
>> 
>> --Jamil
>> 
>> On 3/19/2021 6:15 AM, Norman Maurer wrote:
>>> I was wondering if there is any update or anything I can help with ?
>>> 
>>> Bye
>>> Norman
>>> 
 Am 04.03.2021 um 18:51 schrieb Jamil Nimeh :
 
 
 I already replied to Norman directly (because apparently I cannot seem to 
 find my Reply-all button before my morning caffeine!).  It does look quite 
 a bit like 8241248 and that issue is in my bug queue.  I haven't started 
 work on it yet, but now that Norman has provided me some links to a 
 reproducer I can give it a spin and see if I can make the bug happen 
 locally (Thanks Norman!)
 
 --Jamil
 
 On 3/4/2021 8:22 AM, Xue-Lei Fan wrote:
> Forward to security-dev.
> 
> Xuelei
> 
>> On Mar 4, 2021, at 6:11 AM, Norman Maurer  
>> wrote:
>> 
>> Hi there,
>> 
>> I think I found a bug in the TLSv1.3 session cache implementation which 
>> sometimes can cause failures during session resumption.
>> The cause of this sometimes show up as NPE:
>> 
>> javax.net.ssl.SSLException: Session has no PSK
>> at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:133)
>> at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117)
>> at 
>> java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:336)
>> at 
>> java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:292)
>> at 
>> java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:283)
>> at 
>> java.base/sun.security.ssl.PreSharedKeyExtension.checkBinder(PreSharedKeyExtension.java:537)
>> at 
>> java.base/sun.security.ssl.PreSharedKeyExtension$CHPreSharedKeyUpdate.consume(PreSharedKeyExtension.java:528)
>> at 
>> java.base/sun.security.ssl.SSLExtension.consumeOnTrade(SSLExtension.java:583)
>> at 
>> java.base/sun.security.ssl.SSLExtensions.consumeOnTrade(SSLExtensions.java:222)
>> at 
>> java.base/sun.security.ssl.ServerHello$T13ServerHelloProducer.produce(ServerHello.java:539)
>> at java.base/sun.security.ssl.SSLHandshake.produce(SSLHandshake.java:436)
>> at 
>> java.base/sun.security.ssl.ClientHello$T13ClientHelloConsumer.goServerHello(ClientHello.java:1234)
>> at 
>> java.base/sun.security.ssl.ClientHello$T13ClientHelloConsumer.consume(ClientHello.java:1170)
>> at 
>> java.base/sun.security.ssl.ClientHello$ClientHelloConsumer.onClientHello(ClientHello.java:852)
>> at 
>> java.base/sun.security.ssl.ClientHello$ClientHelloConsumer.consume(ClientHello.java:813)
>> at java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:392)
>> at 
>> java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:443)
>> at 
>> java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:1074)
>> at 
>> java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:1061)
>> at java.base/java.security.AccessController.doPrivileged(Native Method)
>> at 
>> java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask.run(SSLEngineImpl.java:1008)
>> at 
>> io.netty.handler.ssl.SslHandler.runAllDelegatedTasks(SslHandler.java:1557)
>> at 
>> io.netty.handler.ssl.SslHandler.runDelegatedTasks(SslHandler.java:1571)
>> at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1455)
>> at 
>> io.netty.handler.ssl.SslHandler.decodeJdkCompatible(SslHandler.java:1282)
>> at io.netty.handler.ssl.SslHandler.decode(SslHandler.java:1329)
>> at 
>> io.netty.handler.codec.ByteToMessageDecoder.decodeRemovalReentryProtection(ByteToMessageDecoder.java:508)
>> at 
>> io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:447)
>> at 
>> io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:276)
>> at 
>> io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:379)
>> at 
>> io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:365)
>> at 
>> io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:357)
>> at 
>>

Re: [External] : Re: Bug with TLSv1.3 session resumption (most likely caused by concurrency bug)

2021-04-26 Thread Norman Maurer

Sorry for the noise but is there any update ? The bug makes it “impossible” for 
us to enable caching by default as it may cause issues on the remote peer which 
are hard to debug.

Bye
Norman


> On 19. Mar 2021, at 16:34, Jamil Nimeh  wrote:
> 
> Hi Norman, I've been working a couple other bugs, but I should have some time 
> to devote to it next week.
> 
> --Jamil
> 
> On 3/19/2021 6:15 AM, Norman Maurer wrote:
>> I was wondering if there is any update or anything I can help with ?
>> 
>> Bye
>> Norman 
>> 
>>> Am 04.03.2021 um 18:51 schrieb Jamil Nimeh  
>>> :
>>> 
>>> 
>>> I already replied to Norman directly (because apparently I cannot seem to 
>>> find my Reply-all button before my morning caffeine!).  It does look quite 
>>> a bit like 8241248 and that issue is in my bug queue.  I haven't started 
>>> work on it yet, but now that Norman has provided me some links to a 
>>> reproducer I can give it a spin and see if I can make the bug happen 
>>> locally (Thanks Norman!)
>>> 
>>> --Jamil
>>> 
>>> On 3/4/2021 8:22 AM, Xue-Lei Fan wrote:
 Forward to security-dev.
 
 Xuelei
 
> On Mar 4, 2021, at 6:11 AM, Norman Maurer  > wrote:
> 
> Hi there,
> 
> I think I found a bug in the TLSv1.3 session cache implementation which 
> sometimes can cause failures during session resumption. 
> The cause of this sometimes show up as NPE:
> 
> javax.net.ssl.SSLException: Session has no PSK
> at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:133)
> at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117)
> at 
> java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:336)
> at 
> java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:292)
> at 
> java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:283)
> at 
> java.base/sun.security.ssl.PreSharedKeyExtension.checkBinder(PreSharedKeyExtension.java:537)
> at 
> java.base/sun.security.ssl.PreSharedKeyExtension$CHPreSharedKeyUpdate.consume(PreSharedKeyExtension.java:528)
> at 
> java.base/sun.security.ssl.SSLExtension.consumeOnTrade(SSLExtension.java:583)
> at 
> java.base/sun.security.ssl.SSLExtensions.consumeOnTrade(SSLExtensions.java:222)
> at 
> java.base/sun.security.ssl.ServerHello$T13ServerHelloProducer.produce(ServerHello.java:539)
> at java.base/sun.security.ssl.SSLHandshake.produce(SSLHandshake.java:436)
> at 
> java.base/sun.security.ssl.ClientHello$T13ClientHelloConsumer.goServerHello(ClientHello.java:1234)
> at 
> java.base/sun.security.ssl.ClientHello$T13ClientHelloConsumer.consume(ClientHello.java:1170)
> at 
> java.base/sun.security.ssl.ClientHello$ClientHelloConsumer.onClientHello(ClientHello.java:852)
> at 
> java.base/sun.security.ssl.ClientHello$ClientHelloConsumer.consume(ClientHello.java:813)
> at java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:392)
> at 
> java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:443)
> at 
> java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:1074)
> at 
> java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:1061)
> at java.base/java.security.AccessController.doPrivileged(Native Method)
> at 
> java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask.run(SSLEngineImpl.java:1008)
> at 
> io.netty.handler.ssl.SslHandler.runAllDelegatedTasks(SslHandler.java:1557)
> at io.netty.handler.ssl.SslHandler.runDelegatedTasks(SslHandler.java:1571)
> at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1455)
> at 
> io.netty.handler.ssl.SslHandler.decodeJdkCompatible(SslHandler.java:1282)
> at io.netty.handler.ssl.SslHandler.decode(SslHandler.java:1329)
> at 
> io.netty.handler.codec.ByteToMessageDecoder.decodeRemovalReentryProtection(ByteToMessageDecoder.java:508)
> at 
> io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:447)
> at 
> io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:276)
> at 
> io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:379)
> at 
> io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:365)
> at 
> io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:357)
> at 
> io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1410)
> at 
> io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:379)
> at 
>

Re: [External] : Re: Bug with TLSv1.3 session resumption (most likely caused by concurrency bug)

2021-03-19 Thread Jamil Nimeh

Hi Norman, I've been working a couple other bugs, but I should have some 
time to devote to it next week.


--Jamil

On 3/19/2021 6:15 AM, Norman Maurer wrote:

I was wondering if there is any update or anything I can help with ?

Bye
Norman


Am 04.03.2021 um 18:51 schrieb Jamil Nimeh :



I already replied to Norman directly (because apparently I cannot 
seem to find my Reply-all button before my morning caffeine!).  It 
does look quite a bit like 8241248 and that issue is in my bug 
queue.  I haven't started work on it yet, but now that Norman has 
provided me some links to a reproducer I can give it a spin and see 
if I can make the bug happen locally (Thanks Norman!)


--Jamil

On 3/4/2021 8:22 AM, Xue-Lei Fan wrote:

Forward to security-dev.

Xuelei

On Mar 4, 2021, at 6:11 AM, Norman Maurer 
> wrote:


Hi there,

I think I found a bug in the TLSv1.3 session cache implementation 
which sometimes can cause failures during session resumption.

The cause of this sometimes show up as NPE:

javax.net.ssl.SSLException: Session has no PSK
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:133)
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117)
at 
java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:336)
at 
java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:292)
at 
java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:283)
at 
java.base/sun.security.ssl.PreSharedKeyExtension.checkBinder(PreSharedKeyExtension.java:537)
at 
java.base/sun.security.ssl.PreSharedKeyExtension$CHPreSharedKeyUpdate.consume(PreSharedKeyExtension.java:528)
at 
java.base/sun.security.ssl.SSLExtension.consumeOnTrade(SSLExtension.java:583)
at 
java.base/sun.security.ssl.SSLExtensions.consumeOnTrade(SSLExtensions.java:222)
at 
java.base/sun.security.ssl.ServerHello$T13ServerHelloProducer.produce(ServerHello.java:539)
at 
java.base/sun.security.ssl.SSLHandshake.produce(SSLHandshake.java:436)
at 
java.base/sun.security.ssl.ClientHello$T13ClientHelloConsumer.goServerHello(ClientHello.java:1234)
at 
java.base/sun.security.ssl.ClientHello$T13ClientHelloConsumer.consume(ClientHello.java:1170)
at 
java.base/sun.security.ssl.ClientHello$ClientHelloConsumer.onClientHello(ClientHello.java:852)
at 
java.base/sun.security.ssl.ClientHello$ClientHelloConsumer.consume(ClientHello.java:813)
at 
java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:392)
at 
java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:443)
at 
java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:1074)
at 
java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:1061)

at java.base/java.security.AccessController.doPrivileged(Native Method)
at 
java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask.run(SSLEngineImpl.java:1008)
at 
io.netty.handler.ssl.SslHandler.runAllDelegatedTasks(SslHandler.java:1557)
at 
io.netty.handler.ssl.SslHandler.runDelegatedTasks(SslHandler.java:1571)

at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1455)
at 
io.netty.handler.ssl.SslHandler.decodeJdkCompatible(SslHandler.java:1282)

at io.netty.handler.ssl.SslHandler.decode(SslHandler.java:1329)
at 
io.netty.handler.codec.ByteToMessageDecoder.decodeRemovalReentryProtection(ByteToMessageDecoder.java:508)
at 
io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:447)
at 
io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:276)
at 
io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:379)
at 
io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:365)
at 
io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:357)
at 
io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1410)
at 
io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:379)
at 
io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:365)
at 
io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:919)
at 
io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:166)
at 
io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:719)
at 
io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimized(NioEventLoop.java:655)
at 
io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:581)

at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:493)
at 
io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:989)
at 
io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74)
at

Re: Bug with TLSv1.3 session resumption (most likely caused by concurrency bug)

2021-03-19 Thread Norman Maurer

I was wondering if there is any update or anything I can help with ?

Bye
Norman 

> Am 04.03.2021 um 18:51 schrieb Jamil Nimeh :
> 
> 
> I already replied to Norman directly (because apparently I cannot seem to 
> find my Reply-all button before my morning caffeine!).  It does look quite a 
> bit like 8241248 and that issue is in my bug queue.  I haven't started work 
> on it yet, but now that Norman has provided me some links to a reproducer I 
> can give it a spin and see if I can make the bug happen locally (Thanks 
> Norman!)
> 
> --Jamil
> 
>> On 3/4/2021 8:22 AM, Xue-Lei Fan wrote:
>> Forward to security-dev.
>> 
>> Xuelei
>> 
>>> On Mar 4, 2021, at 6:11 AM, Norman Maurer  
>>> wrote:
>>> 
>>> Hi there,
>>> 
>>> I think I found a bug in the TLSv1.3 session cache implementation which 
>>> sometimes can cause failures during session resumption. 
>>> The cause of this sometimes show up as NPE:
>>> 
>>> javax.net.ssl.SSLException: Session has no PSK
>>> at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:133)
>>> at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117)
>>> at 
>>> java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:336)
>>> at 
>>> java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:292)
>>> at 
>>> java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:283)
>>> at 
>>> java.base/sun.security.ssl.PreSharedKeyExtension.checkBinder(PreSharedKeyExtension.java:537)
>>> at 
>>> java.base/sun.security.ssl.PreSharedKeyExtension$CHPreSharedKeyUpdate.consume(PreSharedKeyExtension.java:528)
>>> at 
>>> java.base/sun.security.ssl.SSLExtension.consumeOnTrade(SSLExtension.java:583)
>>> at 
>>> java.base/sun.security.ssl.SSLExtensions.consumeOnTrade(SSLExtensions.java:222)
>>> at 
>>> java.base/sun.security.ssl.ServerHello$T13ServerHelloProducer.produce(ServerHello.java:539)
>>> at java.base/sun.security.ssl.SSLHandshake.produce(SSLHandshake.java:436)
>>> at 
>>> java.base/sun.security.ssl.ClientHello$T13ClientHelloConsumer.goServerHello(ClientHello.java:1234)
>>> at 
>>> java.base/sun.security.ssl.ClientHello$T13ClientHelloConsumer.consume(ClientHello.java:1170)
>>> at 
>>> java.base/sun.security.ssl.ClientHello$ClientHelloConsumer.onClientHello(ClientHello.java:852)
>>> at 
>>> java.base/sun.security.ssl.ClientHello$ClientHelloConsumer.consume(ClientHello.java:813)
>>> at java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:392)
>>> at 
>>> java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:443)
>>> at 
>>> java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:1074)
>>> at 
>>> java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:1061)
>>> at java.base/java.security.AccessController.doPrivileged(Native Method)
>>> at 
>>> java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask.run(SSLEngineImpl.java:1008)
>>> at 
>>> io.netty.handler.ssl.SslHandler.runAllDelegatedTasks(SslHandler.java:1557)
>>> at io.netty.handler.ssl.SslHandler.runDelegatedTasks(SslHandler.java:1571)
>>> at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1455)
>>> at io.netty.handler.ssl.SslHandler.decodeJdkCompatible(SslHandler.java:1282)
>>> at io.netty.handler.ssl.SslHandler.decode(SslHandler.java:1329)
>>> at 
>>> io.netty.handler.codec.ByteToMessageDecoder.decodeRemovalReentryProtection(ByteToMessageDecoder.java:508)
>>> at 
>>> io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:447)
>>> at 
>>> io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:276)
>>> at 
>>> io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:379)
>>> at 
>>> io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:365)
>>> at 
>>> io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:357)
>>> at 
>>> io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1410)
>>> at 
>>> io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:379)
>>> at 
>>> io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:365)
>>> at 
>>> io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:919)
>>> at 
>>> io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:166)
>>> at 
>>> io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:719)
>>> at 
>>> io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimized(NioEventLoop.java:655)
>>> at 
>>> io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:581)
>>> at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:493)
>>> at 
>>>

Re: Bug with TLSv1.3 session resumption (most likely caused by concurrency bug)

2021-03-04 Thread Jamil Nimeh

I already replied to Norman directly (because apparently I cannot seem 
to find my Reply-all button before my morning caffeine!).  It does look 
quite a bit like 8241248 and that issue is in my bug queue.  I haven't 
started work on it yet, but now that Norman has provided me some links 
to a reproducer I can give it a spin and see if I can make the bug 
happen locally (Thanks Norman!)


--Jamil

On 3/4/2021 8:22 AM, Xue-Lei Fan wrote:

Forward to security-dev.

Xuelei

On Mar 4, 2021, at 6:11 AM, Norman Maurer 
mailto:norman.mau...@googlemail.com>> 
wrote:


Hi there,

I think I found a bug in the TLSv1.3 session cache implementation 
which sometimes can cause failures during session resumption.

The cause of this sometimes show up as NPE:

javax.net.ssl.SSLException: Session has no PSK
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:133)
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117)
at 
java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:336)
at 
java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:292)
at 
java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:283)
at 
java.base/sun.security.ssl.PreSharedKeyExtension.checkBinder(PreSharedKeyExtension.java:537)
at 
java.base/sun.security.ssl.PreSharedKeyExtension$CHPreSharedKeyUpdate.consume(PreSharedKeyExtension.java:528)
at 
java.base/sun.security.ssl.SSLExtension.consumeOnTrade(SSLExtension.java:583)
at 
java.base/sun.security.ssl.SSLExtensions.consumeOnTrade(SSLExtensions.java:222)
at 
java.base/sun.security.ssl.ServerHello$T13ServerHelloProducer.produce(ServerHello.java:539)

at java.base/sun.security.ssl.SSLHandshake.produce(SSLHandshake.java:436)
at 
java.base/sun.security.ssl.ClientHello$T13ClientHelloConsumer.goServerHello(ClientHello.java:1234)
at 
java.base/sun.security.ssl.ClientHello$T13ClientHelloConsumer.consume(ClientHello.java:1170)
at 
java.base/sun.security.ssl.ClientHello$ClientHelloConsumer.onClientHello(ClientHello.java:852)
at 
java.base/sun.security.ssl.ClientHello$ClientHelloConsumer.consume(ClientHello.java:813)

at java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:392)
at 
java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:443)
at 
java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:1074)
at 
java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:1061)

at java.base/java.security.AccessController.doPrivileged(Native Method)
at 
java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask.run(SSLEngineImpl.java:1008)
at 
io.netty.handler.ssl.SslHandler.runAllDelegatedTasks(SslHandler.java:1557)
at 
io.netty.handler.ssl.SslHandler.runDelegatedTasks(SslHandler.java:1571)

at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1455)
at 
io.netty.handler.ssl.SslHandler.decodeJdkCompatible(SslHandler.java:1282)

at io.netty.handler.ssl.SslHandler.decode(SslHandler.java:1329)
at 
io.netty.handler.codec.ByteToMessageDecoder.decodeRemovalReentryProtection(ByteToMessageDecoder.java:508)
at 
io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:447)
at 
io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:276)
at 
io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:379)
at 
io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:365)
at 
io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:357)
at 
io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1410)
at 
io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:379)
at 
io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:365)
at 
io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:919)
at 
io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:166)
at 
io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:719)
at 
io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimized(NioEventLoop.java:655)
at 
io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:581)

at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:493)
at 
io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:989)
at 
io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74)
at 
io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30)

at java.base/java.lang.Thread.run(Thread.java:834)
java.lang.NullPointerException
at java.base/sun.security.ssl.HKDF.extract(HKDF.java:93)
at java.base/sun.security.ssl.HKDF.extract(HKDF.java:119)
at

Re: Bug with TLSv1.3 session resumption (most likely caused by concurrency bug)

2021-03-04 Thread Xue-Lei Fan

Forward to security-dev.

Xuelei

On Mar 4, 2021, at 6:11 AM, Norman Maurer 
mailto:norman.mau...@googlemail.com>> wrote:

Hi there,

I think I found a bug in the TLSv1.3 session cache implementation which 
sometimes can cause failures during session resumption.
The cause of this sometimes show up as NPE:

javax.net.ssl.SSLException: Session has no PSK
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:133)
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:336)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:292)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:283)
at 
java.base/sun.security.ssl.PreSharedKeyExtension.checkBinder(PreSharedKeyExtension.java:537)
at 
java.base/sun.security.ssl.PreSharedKeyExtension$CHPreSharedKeyUpdate.consume(PreSharedKeyExtension.java:528)
at java.base/sun.security.ssl.SSLExtension.consumeOnTrade(SSLExtension.java:583)
at 
java.base/sun.security.ssl.SSLExtensions.consumeOnTrade(SSLExtensions.java:222)
at 
java.base/sun.security.ssl.ServerHello$T13ServerHelloProducer.produce(ServerHello.java:539)
at java.base/sun.security.ssl.SSLHandshake.produce(SSLHandshake.java:436)
at 
java.base/sun.security.ssl.ClientHello$T13ClientHelloConsumer.goServerHello(ClientHello.java:1234)
at 
java.base/sun.security.ssl.ClientHello$T13ClientHelloConsumer.consume(ClientHello.java:1170)
at 
java.base/sun.security.ssl.ClientHello$ClientHelloConsumer.onClientHello(ClientHello.java:852)
at 
java.base/sun.security.ssl.ClientHello$ClientHelloConsumer.consume(ClientHello.java:813)
at java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:392)
at 
java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:443)
at 
java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:1074)
at 
java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:1061)
at java.base/java.security.AccessController.doPrivileged(Native Method)
at 
java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask.run(SSLEngineImpl.java:1008)
at io.netty.handler.ssl.SslHandler.runAllDelegatedTasks(SslHandler.java:1557)
at io.netty.handler.ssl.SslHandler.runDelegatedTasks(SslHandler.java:1571)
at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1455)
at io.netty.handler.ssl.SslHandler.decodeJdkCompatible(SslHandler.java:1282)
at io.netty.handler.ssl.SslHandler.decode(SslHandler.java:1329)
at 
io.netty.handler.codec.ByteToMessageDecoder.decodeRemovalReentryProtection(ByteToMessageDecoder.java:508)
at 
io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:447)
at 
io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:276)
at 
io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:379)
at 
io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:365)
at 
io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:357)
at 
io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1410)
at 
io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:379)
at 
io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:365)
at 
io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:919)
at 
io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:166)
at io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:719)
at 
io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimized(NioEventLoop.java:655)
at io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:581)
at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:493)
at 
io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:989)
at io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74)
at 
io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30)
at java.base/java.lang.Thread.run(Thread.java:834)
java.lang.NullPointerException
at java.base/sun.security.ssl.HKDF.extract(HKDF.java:93)
at java.base/sun.security.ssl.HKDF.extract(HKDF.java:119)
at java.base/sun.security.ssl.ServerHello.setUpPskKD(ServerHello.java:1169)
at 
java.base/sun.security.ssl.ServerHello$T13ServerHelloProducer.produce(ServerHello.java:547)
at java.base/sun.security.ssl.SSLHandshake.produce(SSLHandshake.java:436)
at 
java.base/sun.security.ssl.ClientHello$T13ClientHelloConsumer.goServerHello(ClientHello.java:1234)
at 
java.base/sun.security.ssl.ClientHello$T13ClientHelloConsumer.consume(ClientHello.java:1170)
at

Bug with TLSv1.3 session resumption (most likely caused by concurrency bug)

2021-03-04 Thread Norman Maurer

Hi there,

I think I found a bug in the TLSv1.3 session cache implementation which 
sometimes can cause failures during session resumption. 
The cause of this sometimes show up as NPE:

javax.net.ssl.SSLException: Session has no PSK
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:133)
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117)
at 
java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:336)
at 
java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:292)
at 
java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:283)
at 
java.base/sun.security.ssl.PreSharedKeyExtension.checkBinder(PreSharedKeyExtension.java:537)
at 
java.base/sun.security.ssl.PreSharedKeyExtension$CHPreSharedKeyUpdate.consume(PreSharedKeyExtension.java:528)
at 
java.base/sun.security.ssl.SSLExtension.consumeOnTrade(SSLExtension.java:583)
at 
java.base/sun.security.ssl.SSLExtensions.consumeOnTrade(SSLExtensions.java:222)
at 
java.base/sun.security.ssl.ServerHello$T13ServerHelloProducer.produce(ServerHello.java:539)
at 
java.base/sun.security.ssl.SSLHandshake.produce(SSLHandshake.java:436)
at 
java.base/sun.security.ssl.ClientHello$T13ClientHelloConsumer.goServerHello(ClientHello.java:1234)
at 
java.base/sun.security.ssl.ClientHello$T13ClientHelloConsumer.consume(ClientHello.java:1170)
at 
java.base/sun.security.ssl.ClientHello$ClientHelloConsumer.onClientHello(ClientHello.java:852)
at 
java.base/sun.security.ssl.ClientHello$ClientHelloConsumer.consume(ClientHello.java:813)
at 
java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:392)
at 
java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:443)
at 
java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:1074)
at 
java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:1061)
at java.base/java.security.AccessController.doPrivileged(Native Method)
at 
java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask.run(SSLEngineImpl.java:1008)
at 
io.netty.handler.ssl.SslHandler.runAllDelegatedTasks(SslHandler.java:1557)
at 
io.netty.handler.ssl.SslHandler.runDelegatedTasks(SslHandler.java:1571)
at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1455)
at 
io.netty.handler.ssl.SslHandler.decodeJdkCompatible(SslHandler.java:1282)
at io.netty.handler.ssl.SslHandler.decode(SslHandler.java:1329)
at 
io.netty.handler.codec.ByteToMessageDecoder.decodeRemovalReentryProtection(ByteToMessageDecoder.java:508)
at 
io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:447)
at 
io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:276)
at 
io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:379)
at 
io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:365)
at 
io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:357)
at 
io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1410)
at 
io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:379)
at 
io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:365)
at 
io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:919)
at 
io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:166)
at 
io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:719)
at 
io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimized(NioEventLoop.java:655)
at 
io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:581)
at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:493)
at 
io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:989)
at 
io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74)
at 
io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30)
at java.base/java.lang.Thread.run(Thread.java:834)
java.lang.NullPointerException
at java.base/sun.security.ssl.HKDF.extract(HKDF.java:93)
at java.base/sun.security.ssl.HKDF.extract(HKDF.java:119)
at 
java.base/sun.security.ssl.ServerHello.setUpPskKD(ServerHello.java:1169)
at 
java.base/sun.security.ssl.ServerHello$T13ServerHelloProducer.produce(ServerHello.java:547)
at

Re: [External] : Re: Bug with TLSv1.3 session resumption (most likely caused by concurrency bug)

Re: [External] : Re: Bug with TLSv1.3 session resumption (most likely caused by concurrency bug)

Re: [External] : Re: Bug with TLSv1.3 session resumption (most likely caused by concurrency bug)

Re: [External] : Re: Bug with TLSv1.3 session resumption (most likely caused by concurrency bug)

Re: Bug with TLSv1.3 session resumption (most likely caused by concurrency bug)

Re: Bug with TLSv1.3 session resumption (most likely caused by concurrency bug)

Re: Bug with TLSv1.3 session resumption (most likely caused by concurrency bug)

Bug with TLSv1.3 session resumption (most likely caused by concurrency bug)

8 matches

Site Navigation

Mail list logo

Footer information