subject:"RFR\: 8275811 Incorrect instance to dispose"

Re: RFR: 8275811 Incorrect instance to dispose [v6]

2021-11-16 Thread Xue-Lei Andrew Fan

On Wed, 3 Nov 2021 09:16:47 GMT, Daniel Jeliński  wrote:

>> The current code that changes cipher suites disposes the new suite instead 
>> of the old one, which usually silently fails. This patch fixes the code to 
>> dispose the old instance instead.
>> 
>> DTLS appears to be unaffected: DTLSOutputRecord keeps 2 ciphers and 
>> correctly [disposes the old 
>> one](https://github.com/openjdk/jdk/blob/739769c8fc4b496f08a92225a12d07414537b6c0/src/java.base/share/classes/sun/security/ssl/DTLSOutputRecord.java#L106),
>>  and DTLSInputRecord [doesn't dispose 
>> anything](https://github.com/openjdk/jdk/blob/4b9303b77b43d890ebacbec38b4ac5db7e171886/src/java.base/share/classes/sun/security/ssl/DTLSInputRecord.java#L57)
>
> Daniel Jeliński has updated the pull request incrementally with one 
> additional commit since the last revision:
> 
>   bugfix

> /integrate
> 
> tier1, tier2 and jdk_core are all clean now. I think we're good to go.
> 

Thanks, I will sponsor the integration soon.

> Do PKCS11 implementations release resources when doFinal is called? Our 
> documentation for Cipher does not mention that doFinal should be called to 
> release resources, and our PKCS11 guide doesn't say that providers should 
> release resources when doFinal is called.

That's a pretty old and interesting topic.  I don't think doFinal could really 
have PKCS11 release its resources.  As there is not close APIs for key 
instance, there is not much we can do right now.  Maybe, we could consider to 
support closable keys in the future.

>   Do we need to dispose GCM ciphers? They always call init and doFinal in 
> matching pairs, so the extra doFinal in dispose looks superfluous.

It makes sense.  But it may make it complicated to check different ciphers.  In 
the long run, the doFinal() should be replaced with something like close().

-

PR: https://git.openjdk.java.net/jdk/pull/6084

Re: RFR: 8275811 Incorrect instance to dispose [v5]

2021-11-03 Thread Xuelei Fan

I would suggest to fix in a separate bug.

Thanks,
Xuelei

> On Nov 3, 2021, at 2:27 PM, Daniel Jeliński  wrote:
> 
> On Wed, 3 Nov 2021 09:12:29 GMT, Daniel Jeliński  
> wrote:
> 
>>> src/java.base/share/classes/sun/security/ssl/SSLEngineOutputRecord.java 
>>> line 436:
>>> 
 434: 
 435: void queueUpCipherDispose() {
 436: RecordMemo lastMemo = handshakeMemos.getLast();
>>> 
>>> Sorry, I missed that the getLast could throw exception if it is empty.  I 
>>> may check it before the call to getLast.
>>> 
>>> +   if (handshakeMemos.isEmpty()) {
>>> +  return;
>>> +  }
>> 
>> my mistake. Replaced with `peekLast`, should be better now.
> 
> Well, looks like this uncovered another, unrelated bug. `handshakeMemos` is 
> only empty here when we handle TLS1.3 server hello and session ID is empty, 
> see stack trace:
> 
> Caused by: java.util.NoSuchElementException
>at java.base/java.util.LinkedList.getLast(LinkedList.java:261)
>at 
> java.base/sun.security.ssl.SSLEngineOutputRecord$HandshakeFragment.queueUpCipherDispose(SSLEngineOutputRecord.java:436)
>at 
> java.base/sun.security.ssl.SSLEngineOutputRecord.disposeWriteCipher(SSLEngineOutputRecord.java:159)
>at 
> java.base/sun.security.ssl.OutputRecord.changeWriteCiphers(OutputRecord.java:198)
>at 
> java.base/sun.security.ssl.ServerHello$T13ServerHelloConsumer.consume(ServerHello.java:1372)
> 
> This is only supposed to be empty when 
> [jdk.tls.client.useCompatibilityMode](https://github.com/openjdk/jdk/blob/6765f902505fbdd02f25b599f942437cd805cad1/src/java.base/share/classes/sun/security/ssl/SSLConfiguration.java#L101)
>  is false, which it never is (also the comment above that line is 
> copy/pasted, should be fixed). So I did some more digging and found that we 
> do not set sessionId in clientHello when resuming TLS1.3 session:
> - sessionId is set to empty 
> [here](https://github.com/openjdk/jdk/blob/04a806ec86a388b8de31d42f904c4321beb69e14/src/java.base/share/classes/sun/security/ssl/ClientHello.java#L406)
> - not updated 
> [here](https://github.com/openjdk/jdk/blob/04a806ec86a388b8de31d42f904c4321beb69e14/src/java.base/share/classes/sun/security/ssl/ClientHello.java#L535)
>  because it's TLS 1.3
> - not updated 
> [here](https://github.com/openjdk/jdk/blob/04a806ec86a388b8de31d42f904c4321beb69e14/src/java.base/share/classes/sun/security/ssl/ClientHello.java#L577)
>  because session is not null
> 
> Apparently we have no tests for TLS1.3 session resumption in jdk_security and 
> no tests for useCompatibilityMode=false (otherwise I would have noticed this 
> sooner).
> 
> Let me know if I should fix these issues here or in a separate PR.
> 
> -
> 
> PR: https://git.openjdk.java.net/jdk/pull/6084

Re: RFR: 8275811 Incorrect instance to dispose [v5]

2021-11-03 Thread Daniel Jeliński

On Wed, 3 Nov 2021 09:12:29 GMT, Daniel Jeliński  wrote:

>> src/java.base/share/classes/sun/security/ssl/SSLEngineOutputRecord.java line 
>> 436:
>> 
>>> 434: 
>>> 435: void queueUpCipherDispose() {
>>> 436: RecordMemo lastMemo = handshakeMemos.getLast();
>> 
>> Sorry, I missed that the getLast could throw exception if it is empty.  I 
>> may check it before the call to getLast.
>> 
>> +   if (handshakeMemos.isEmpty()) {
>> +  return;
>> +  }
>
> my mistake. Replaced with `peekLast`, should be better now.

Well, looks like this uncovered another, unrelated bug. `handshakeMemos` is 
only empty here when we handle TLS1.3 server hello and session ID is empty, see 
stack trace:

Caused by: java.util.NoSuchElementException
at java.base/java.util.LinkedList.getLast(LinkedList.java:261)
at 
java.base/sun.security.ssl.SSLEngineOutputRecord$HandshakeFragment.queueUpCipherDispose(SSLEngineOutputRecord.java:436)
at 
java.base/sun.security.ssl.SSLEngineOutputRecord.disposeWriteCipher(SSLEngineOutputRecord.java:159)
at 
java.base/sun.security.ssl.OutputRecord.changeWriteCiphers(OutputRecord.java:198)
at 
java.base/sun.security.ssl.ServerHello$T13ServerHelloConsumer.consume(ServerHello.java:1372)

This is only supposed to be empty when 
[jdk.tls.client.useCompatibilityMode](https://github.com/openjdk/jdk/blob/6765f902505fbdd02f25b599f942437cd805cad1/src/java.base/share/classes/sun/security/ssl/SSLConfiguration.java#L101)
 is false, which it never is (also the comment above that line is copy/pasted, 
should be fixed). So I did some more digging and found that we do not set 
sessionId in clientHello when resuming TLS1.3 session:
- sessionId is set to empty 
[here](https://github.com/openjdk/jdk/blob/04a806ec86a388b8de31d42f904c4321beb69e14/src/java.base/share/classes/sun/security/ssl/ClientHello.java#L406)
- not updated 
[here](https://github.com/openjdk/jdk/blob/04a806ec86a388b8de31d42f904c4321beb69e14/src/java.base/share/classes/sun/security/ssl/ClientHello.java#L535)
 because it's TLS 1.3
- not updated 
[here](https://github.com/openjdk/jdk/blob/04a806ec86a388b8de31d42f904c4321beb69e14/src/java.base/share/classes/sun/security/ssl/ClientHello.java#L577)
 because session is not null

Apparently we have no tests for TLS1.3 session resumption in jdk_security and 
no tests for useCompatibilityMode=false (otherwise I would have noticed this 
sooner).

Let me know if I should fix these issues here or in a separate PR.

-

PR: https://git.openjdk.java.net/jdk/pull/6084

Re: RFR: 8275811 Incorrect instance to dispose [v6]

2021-11-03 Thread Xue-Lei Andrew Fan

On Wed, 3 Nov 2021 09:16:47 GMT, Daniel Jeliński  wrote:

>> The current code that changes cipher suites disposes the new suite instead 
>> of the old one, which usually silently fails. This patch fixes the code to 
>> dispose the old instance instead.
>> 
>> DTLS appears to be unaffected: DTLSOutputRecord keeps 2 ciphers and 
>> correctly [disposes the old 
>> one](https://github.com/openjdk/jdk/blob/739769c8fc4b496f08a92225a12d07414537b6c0/src/java.base/share/classes/sun/security/ssl/DTLSOutputRecord.java#L106),
>>  and DTLSInputRecord [doesn't dispose 
>> anything](https://github.com/openjdk/jdk/blob/4b9303b77b43d890ebacbec38b4ac5db7e171886/src/java.base/share/classes/sun/security/ssl/DTLSInputRecord.java#L57)
>
> Daniel Jeliński has updated the pull request incrementally with one 
> additional commit since the last revision:
> 
>   bugfix

> > Please hold off on the integration, the regression testing failed.
> 
> could you point me to the failing test? I'm running the jdk_security suite; 
> only sun/security/mscapi/ShortRSAKeyWithinTLS is failing, and it's failing 
> because of environmental reasons (Windows is asking for some PIN)
> 
> _EDIT_ found them; started testing jdk_core and the tests surfaced pretty 
> quickly.
I normally run tier1 and tier2 test.

-

PR: https://git.openjdk.java.net/jdk/pull/6084

Re: RFR: 8275811 Incorrect instance to dispose [v6]

2021-11-03 Thread Daniel Jeliński

> The current code that changes cipher suites disposes the new suite instead of 
> the old one, which usually silently fails. This patch fixes the code to 
> dispose the old instance instead.
> 
> DTLS appears to be unaffected: DTLSOutputRecord keeps 2 ciphers and correctly 
> [disposes the old 
> one](https://github.com/openjdk/jdk/blob/739769c8fc4b496f08a92225a12d07414537b6c0/src/java.base/share/classes/sun/security/ssl/DTLSOutputRecord.java#L106),
>  and DTLSInputRecord [doesn't dispose 
> anything](https://github.com/openjdk/jdk/blob/4b9303b77b43d890ebacbec38b4ac5db7e171886/src/java.base/share/classes/sun/security/ssl/DTLSInputRecord.java#L57)

Daniel Jeliński has updated the pull request incrementally with one additional 
commit since the last revision:

  bugfix

-

Changes:
  - all: https://git.openjdk.java.net/jdk/pull/6084/files
  - new: https://git.openjdk.java.net/jdk/pull/6084/files/8c9508c2..c18de4e8

Webrevs:
 - full: https://webrevs.openjdk.java.net/?repo=jdk&pr=6084&range=05
 - incr: https://webrevs.openjdk.java.net/?repo=jdk&pr=6084&range=04-05

  Stats: 1 line in 1 file changed: 0 ins; 0 del; 1 mod
  Patch: https://git.openjdk.java.net/jdk/pull/6084.diff
  Fetch: git fetch https://git.openjdk.java.net/jdk pull/6084/head:pull/6084

PR: https://git.openjdk.java.net/jdk/pull/6084

Re: RFR: 8275811 Incorrect instance to dispose [v5]

2021-11-03 Thread Daniel Jeliński

On Tue, 2 Nov 2021 23:43:42 GMT, Xue-Lei Andrew Fan  wrote:

>> Daniel Jeliński has updated the pull request incrementally with one 
>> additional commit since the last revision:
>> 
>>   avoid modifying DTLSOutputRecord
>
> src/java.base/share/classes/sun/security/ssl/SSLEngineOutputRecord.java line 
> 436:
> 
>> 434: 
>> 435: void queueUpCipherDispose() {
>> 436: RecordMemo lastMemo = handshakeMemos.getLast();
> 
> Sorry, I missed that the getLast could throw exception if it is empty.  I may 
> check it before the call to getLast.
> 
> +   if (handshakeMemos.isEmpty()) {
> +  return;
> +  }

my mistake. Replaced with `peekLast`, should be better now.

-

PR: https://git.openjdk.java.net/jdk/pull/6084

Re: RFR: 8275811 Incorrect instance to dispose [v5]

2021-11-03 Thread Daniel Jeliński

On Tue, 2 Nov 2021 23:35:51 GMT, Xue-Lei Andrew Fan  wrote:

> Please hold off on the integration, the regression testing failed.

could you point me to the failing test? I'm running the jdk_security suite; 
only sun/security/mscapi/ShortRSAKeyWithinTLS is failing, and it's failing 
because of environmental reasons (Windows is asking for some PIN)

-

PR: https://git.openjdk.java.net/jdk/pull/6084

Re: RFR: 8275811 Incorrect instance to dispose [v5]

2021-11-02 Thread Xue-Lei Andrew Fan

On Mon, 1 Nov 2021 20:38:32 GMT, Daniel Jeliński  wrote:

>> The current code that changes cipher suites disposes the new suite instead 
>> of the old one, which usually silently fails. This patch fixes the code to 
>> dispose the old instance instead.
>> 
>> DTLS appears to be unaffected: DTLSOutputRecord keeps 2 ciphers and 
>> correctly [disposes the old 
>> one](https://github.com/openjdk/jdk/blob/739769c8fc4b496f08a92225a12d07414537b6c0/src/java.base/share/classes/sun/security/ssl/DTLSOutputRecord.java#L106),
>>  and DTLSInputRecord [doesn't dispose 
>> anything](https://github.com/openjdk/jdk/blob/4b9303b77b43d890ebacbec38b4ac5db7e171886/src/java.base/share/classes/sun/security/ssl/DTLSInputRecord.java#L57)
>
> Daniel Jeliński has updated the pull request incrementally with one 
> additional commit since the last revision:
> 
>   avoid modifying DTLSOutputRecord

src/java.base/share/classes/sun/security/ssl/SSLEngineOutputRecord.java line 
436:

> 434: 
> 435: void queueUpCipherDispose() {
> 436: RecordMemo lastMemo = handshakeMemos.getLast();

Sorry, I missed that the getLast could throw exception if it is empty.  I may 
check it before the call to getLast.

+   if (handshakeMemos.isEmpty()) {
+  return;
+  }

-

PR: https://git.openjdk.java.net/jdk/pull/6084

Re: RFR: 8275811 Incorrect instance to dispose [v5]

2021-11-02 Thread Xue-Lei Andrew Fan

On Mon, 1 Nov 2021 20:38:32 GMT, Daniel Jeliński  wrote:

>> The current code that changes cipher suites disposes the new suite instead 
>> of the old one, which usually silently fails. This patch fixes the code to 
>> dispose the old instance instead.
>> 
>> DTLS appears to be unaffected: DTLSOutputRecord keeps 2 ciphers and 
>> correctly [disposes the old 
>> one](https://github.com/openjdk/jdk/blob/739769c8fc4b496f08a92225a12d07414537b6c0/src/java.base/share/classes/sun/security/ssl/DTLSOutputRecord.java#L106),
>>  and DTLSInputRecord [doesn't dispose 
>> anything](https://github.com/openjdk/jdk/blob/4b9303b77b43d890ebacbec38b4ac5db7e171886/src/java.base/share/classes/sun/security/ssl/DTLSInputRecord.java#L57)
>
> Daniel Jeliński has updated the pull request incrementally with one 
> additional commit since the last revision:
> 
>   avoid modifying DTLSOutputRecord

Please hold on the integration, the regression testing failed.

-

PR: https://git.openjdk.java.net/jdk/pull/6084

Re: RFR: 8275811 Incorrect instance to dispose

2021-11-01 Thread Daniel Jeliński

On Sun, 24 Oct 2021 04:58:45 GMT, Xue-Lei Andrew Fan  wrote:

>> Did you want to cover the update for line 222 at OutputRecord.java as well?
>
>> After reviewing the scope of changes to fix writeCipher disposal I decided 
>> to remove it entirely. It would probably be a nice follow-up enhancement, 
>> but I'm not confident I'd implement it correctly on the first try, so I'd 
>> rather not introduce it in a bugfix PR. @XueleiFan is that acceptable to you?
>> 
> I'm not sure of the removal.  Please hold on the integration, and I will have 
> a further look if I have cycles.

jdk_security still passes, automated checks green. @XueleiFan could you sponsor?

-

PR: https://git.openjdk.java.net/jdk/pull/6084

Re: RFR: 8275811 Incorrect instance to dispose [v4]

2021-11-01 Thread Daniel Jeliński

On Mon, 1 Nov 2021 19:49:32 GMT, Xue-Lei Andrew Fan  wrote:

>> Daniel Jeliński has updated the pull request incrementally with one 
>> additional commit since the last revision:
>> 
>>   Dispose write cipher after changing ciphers
>
> src/java.base/share/classes/sun/security/ssl/OutputRecord.java line 146:
> 
>> 144: // SSLEngine and SSLSocket
>> 145: abstract void disposeWriteCipher();
>> 146: 
> 
> Alternatively, this method could have a default implementation that throws 
> UnsupportedOperationException.  Then, there is no need to update 
> DTLSOutputRecord.java.

I like that idea. Updated the PR.

-

PR: https://git.openjdk.java.net/jdk/pull/6084

Re: RFR: 8275811 Incorrect instance to dispose [v5]

2021-11-01 Thread Daniel Jeliński

> The current code that changes cipher suites disposes the new suite instead of 
> the old one, which usually silently fails. This patch fixes the code to 
> dispose the old instance instead.
> 
> DTLS appears to be unaffected: DTLSOutputRecord keeps 2 ciphers and correctly 
> [disposes the old 
> one](https://github.com/openjdk/jdk/blob/739769c8fc4b496f08a92225a12d07414537b6c0/src/java.base/share/classes/sun/security/ssl/DTLSOutputRecord.java#L106),
>  and DTLSInputRecord [doesn't dispose 
> anything](https://github.com/openjdk/jdk/blob/4b9303b77b43d890ebacbec38b4ac5db7e171886/src/java.base/share/classes/sun/security/ssl/DTLSInputRecord.java#L57)

Daniel Jeliński has updated the pull request incrementally with one additional 
commit since the last revision:

  avoid modifying DTLSOutputRecord

-

Changes:
  - all: https://git.openjdk.java.net/jdk/pull/6084/files
  - new: https://git.openjdk.java.net/jdk/pull/6084/files/60c95ee3..8c9508c2

Webrevs:
 - full: https://webrevs.openjdk.java.net/?repo=jdk&pr=6084&range=04
 - incr: https://webrevs.openjdk.java.net/?repo=jdk&pr=6084&range=03-04

  Stats: 8 lines in 2 files changed: 2 ins; 5 del; 1 mod
  Patch: https://git.openjdk.java.net/jdk/pull/6084.diff
  Fetch: git fetch https://git.openjdk.java.net/jdk pull/6084/head:pull/6084

PR: https://git.openjdk.java.net/jdk/pull/6084

Re: RFR: 8275811 Incorrect instance to dispose [v4]

2021-11-01 Thread Xue-Lei Andrew Fan

On Mon, 1 Nov 2021 14:13:43 GMT, Daniel Jeliński  wrote:

>> The current code that changes cipher suites disposes the new suite instead 
>> of the old one, which usually silently fails. This patch fixes the code to 
>> dispose the old instance instead.
>> 
>> DTLS appears to be unaffected: DTLSOutputRecord keeps 2 ciphers and 
>> correctly [disposes the old 
>> one](https://github.com/openjdk/jdk/blob/739769c8fc4b496f08a92225a12d07414537b6c0/src/java.base/share/classes/sun/security/ssl/DTLSOutputRecord.java#L106),
>>  and DTLSInputRecord [doesn't dispose 
>> anything](https://github.com/openjdk/jdk/blob/4b9303b77b43d890ebacbec38b4ac5db7e171886/src/java.base/share/classes/sun/security/ssl/DTLSInputRecord.java#L57)
>
> Daniel Jeliński has updated the pull request incrementally with one 
> additional commit since the last revision:
> 
>   Dispose write cipher after changing ciphers

Thank you for the update.  It looks good to me, except a minor comment.

src/java.base/share/classes/sun/security/ssl/OutputRecord.java line 146:

> 144: // SSLEngine and SSLSocket
> 145: abstract void disposeWriteCipher();
> 146: 

Alternatively, this method could have a default implementation that throws 
UnsupportedOperationException.  Then, there is no need to update 
DTLSOutputRecord.java.

-

Marked as reviewed by xuelei (Reviewer).

PR: https://git.openjdk.java.net/jdk/pull/6084

Re: RFR: 8275811 Incorrect instance to dispose

2021-11-01 Thread Daniel Jeliński

On Sun, 24 Oct 2021 04:58:45 GMT, Xue-Lei Andrew Fan  wrote:

>> Did you want to cover the update for line 222 at OutputRecord.java as well?
>
>> After reviewing the scope of changes to fix writeCipher disposal I decided 
>> to remove it entirely. It would probably be a nice follow-up enhancement, 
>> but I'm not confident I'd implement it correctly on the first try, so I'd 
>> rather not introduce it in a bugfix PR. @XueleiFan is that acceptable to you?
>> 
> I'm not sure of the removal.  Please hold on the integration, and I will have 
> a further look if I have cycles.

Hi @XueleiFan,
I updated the PR to dispose old write ciphers after encrypting the last record. 
Tests in jdk_security passed. Let me know what you think.

-

PR: https://git.openjdk.java.net/jdk/pull/6084

Re: RFR: 8275811 Incorrect instance to dispose [v4]

2021-11-01 Thread Daniel Jeliński

> The current code that changes cipher suites disposes the new suite instead of 
> the old one, which usually silently fails. This patch fixes the code to 
> dispose the old instance instead.
> 
> DTLS appears to be unaffected: DTLSOutputRecord keeps 2 ciphers and correctly 
> [disposes the old 
> one](https://github.com/openjdk/jdk/blob/739769c8fc4b496f08a92225a12d07414537b6c0/src/java.base/share/classes/sun/security/ssl/DTLSOutputRecord.java#L106),
>  and DTLSInputRecord [doesn't dispose 
> anything](https://github.com/openjdk/jdk/blob/4b9303b77b43d890ebacbec38b4ac5db7e171886/src/java.base/share/classes/sun/security/ssl/DTLSInputRecord.java#L57)

Daniel Jeliński has updated the pull request incrementally with one additional 
commit since the last revision:

  Dispose write cipher after changing ciphers

-

Changes:
  - all: https://git.openjdk.java.net/jdk/pull/6084/files
  - new: https://git.openjdk.java.net/jdk/pull/6084/files/dfc1a9ee..60c95ee3

Webrevs:
 - full: https://webrevs.openjdk.java.net/?repo=jdk&pr=6084&range=03
 - incr: https://webrevs.openjdk.java.net/?repo=jdk&pr=6084&range=02-03

  Stats: 48 lines in 4 files changed: 48 ins; 0 del; 0 mod
  Patch: https://git.openjdk.java.net/jdk/pull/6084.diff
  Fetch: git fetch https://git.openjdk.java.net/jdk pull/6084/head:pull/6084

PR: https://git.openjdk.java.net/jdk/pull/6084

Re: RFR: 8275811 Incorrect instance to dispose

2021-10-23 Thread Xue-Lei Andrew Fan

On Fri, 22 Oct 2021 18:45:31 GMT, Xue-Lei Andrew Fan  wrote:

>> The current code that changes cipher suites disposes the new suite instead 
>> of the old one, which usually silently fails. This patch fixes the code to 
>> dispose the old instance instead.
>> 
>> DTLS appears to be unaffected: DTLSOutputRecord keeps 2 ciphers and 
>> correctly [disposes the old 
>> one](https://github.com/openjdk/jdk/blob/739769c8fc4b496f08a92225a12d07414537b6c0/src/java.base/share/classes/sun/security/ssl/DTLSOutputRecord.java#L106),
>>  and DTLSInputRecord [doesn't dispose 
>> anything](https://github.com/openjdk/jdk/blob/4b9303b77b43d890ebacbec38b4ac5db7e171886/src/java.base/share/classes/sun/security/ssl/DTLSInputRecord.java#L57)
>
> Did you want to cover the update for line 222 at OutputRecord.java as well?

> After reviewing the scope of changes to fix writeCipher disposal I decided to 
> remove it entirely. It would probably be a nice follow-up enhancement, but 
> I'm not confident I'd implement it correctly on the first try, so I'd rather 
> not introduce it in a bugfix PR. @XueleiFan is that acceptable to you?
> 
I'm not sure of the removal.  Please hold on the integration, and I will have a 
further look if I have cycles.

-

PR: https://git.openjdk.java.net/jdk/pull/6084

Re: RFR: 8275811 Incorrect instance to dispose

2021-10-23 Thread Daniel Jeliński

On Fri, 22 Oct 2021 18:45:31 GMT, Xue-Lei Andrew Fan  wrote:

>> The current code that changes cipher suites disposes the new suite instead 
>> of the old one, which usually silently fails. This patch fixes the code to 
>> dispose the old instance instead.
>> 
>> DTLS appears to be unaffected: DTLSOutputRecord keeps 2 ciphers and 
>> correctly [disposes the old 
>> one](https://github.com/openjdk/jdk/blob/739769c8fc4b496f08a92225a12d07414537b6c0/src/java.base/share/classes/sun/security/ssl/DTLSOutputRecord.java#L106),
>>  and DTLSInputRecord [doesn't dispose 
>> anything](https://github.com/openjdk/jdk/blob/4b9303b77b43d890ebacbec38b4ac5db7e171886/src/java.base/share/classes/sun/security/ssl/DTLSInputRecord.java#L57)
>
> Did you want to cover the update for line 222 at OutputRecord.java as well?

After reviewing the scope of changes to fix writeCipher disposal I decided to 
remove it entirely. It would probably be a nice follow-up enhancement, but I'm 
not confident I'd implement it correctly on the first try, so I'd rather not 
introduce it in a bugfix PR. @XueleiFan is that acceptable to you?

On a side note, I had another look at 
[DTLSOutputRecord](https://github.com/openjdk/jdk/blob/739769c8fc4b496f08a92225a12d07414537b6c0/src/java.base/share/classes/sun/security/ssl/DTLSOutputRecord.java#L106).
 It looks like we keep a reference to `prevWriteCipher` only to call 
`dispose()` during the next cipher change. I admit I don't know how often DTLS 
changes ciphers, but I think GC would have collected that cipher earlier if we 
didn't keep it.

-

PR: https://git.openjdk.java.net/jdk/pull/6084

Re: RFR: 8275811 Incorrect instance to dispose [v3]

2021-10-22 Thread Daniel Jeliński

> The current code that changes cipher suites disposes the new suite instead of 
> the old one, which usually silently fails. This patch fixes the code to 
> dispose the old instance instead.
> 
> DTLS appears to be unaffected: DTLSOutputRecord keeps 2 ciphers and correctly 
> [disposes the old 
> one](https://github.com/openjdk/jdk/blob/739769c8fc4b496f08a92225a12d07414537b6c0/src/java.base/share/classes/sun/security/ssl/DTLSOutputRecord.java#L106),
>  and DTLSInputRecord [doesn't dispose 
> anything](https://github.com/openjdk/jdk/blob/4b9303b77b43d890ebacbec38b4ac5db7e171886/src/java.base/share/classes/sun/security/ssl/DTLSInputRecord.java#L57)

Daniel Jeliński has updated the pull request incrementally with one additional 
commit since the last revision:

  Do not dispose writeCipher in changeCipherSpec - we may still need it

-

Changes:
  - all: https://git.openjdk.java.net/jdk/pull/6084/files
  - new: https://git.openjdk.java.net/jdk/pull/6084/files/1ee99ae4..dfc1a9ee

Webrevs:
 - full: https://webrevs.openjdk.java.net/?repo=jdk&pr=6084&range=02
 - incr: https://webrevs.openjdk.java.net/?repo=jdk&pr=6084&range=01-02

  Stats: 13 lines in 1 file changed: 0 ins; 13 del; 0 mod
  Patch: https://git.openjdk.java.net/jdk/pull/6084.diff
  Fetch: git fetch https://git.openjdk.java.net/jdk pull/6084/head:pull/6084

PR: https://git.openjdk.java.net/jdk/pull/6084

Re: RFR: 8275811 Incorrect instance to dispose [v2]

2021-10-22 Thread Daniel Jeliński

On Fri, 22 Oct 2021 19:25:38 GMT, Daniel Jeliński  wrote:

>> The current code that changes cipher suites disposes the new suite instead 
>> of the old one, which usually silently fails. This patch fixes the code to 
>> dispose the old instance instead.
>> 
>> DTLS appears to be unaffected: DTLSOutputRecord keeps 2 ciphers and 
>> correctly [disposes the old 
>> one](https://github.com/openjdk/jdk/blob/739769c8fc4b496f08a92225a12d07414537b6c0/src/java.base/share/classes/sun/security/ssl/DTLSOutputRecord.java#L106),
>>  and DTLSInputRecord [doesn't dispose 
>> anything](https://github.com/openjdk/jdk/blob/4b9303b77b43d890ebacbec38b4ac5db7e171886/src/java.base/share/classes/sun/security/ssl/DTLSInputRecord.java#L57)
>
> Daniel Jeliński has updated the pull request incrementally with one 
> additional commit since the last revision:
> 
>   Fix one more case

The problem is with SSLEngine; we create the ChangeCipherSpec message in a 
delegated task, then encrypt it later using memoized cipher:

at 
java.base/sun.security.ssl.SSLCipher$T10BlockWriteCipherGenerator$BlockWriteCipher.encrypt(SSLCipher.java:1206)
at 
java.base/sun.security.ssl.OutputRecord.t10Encrypt(OutputRecord.java:441)
at 
java.base/sun.security.ssl.OutputRecord.encrypt(OutputRecord.java:345)
at 
java.base/sun.security.ssl.SSLEngineOutputRecord$HandshakeFragment.acquireCiphertext(SSLEngineOutputRecord.java:518)
at 
java.base/sun.security.ssl.SSLEngineOutputRecord.acquireCiphertext(SSLEngineOutputRecord.java:346)
at 
java.base/sun.security.ssl.SSLEngineOutputRecord.encode(SSLEngineOutputRecord.java:198)

(line numbers may be off a bit)

If the memoized cipher is disposed, the operation produces incorrect output. 
This happens only when ChangeCipherSpec or KeyUpdate is encrypted and we're 
using SSLEngine.

Looks like we can move writeCipher disposal to the relevant OutputRecord 
subclasses. Will look into it.

-

PR: https://git.openjdk.java.net/jdk/pull/6084

Re: RFR: 8275811 Incorrect instance to dispose

2021-10-22 Thread Daniel Jeliński

On Fri, 22 Oct 2021 18:45:31 GMT, Xue-Lei Andrew Fan  wrote:

>> The current code that changes cipher suites disposes the new suite instead 
>> of the old one, which usually silently fails. This patch fixes the code to 
>> dispose the old instance instead.
>> 
>> DTLS appears to be unaffected: DTLSOutputRecord keeps 2 ciphers and 
>> correctly [disposes the old 
>> one](https://github.com/openjdk/jdk/blob/739769c8fc4b496f08a92225a12d07414537b6c0/src/java.base/share/classes/sun/security/ssl/DTLSOutputRecord.java#L106),
>>  and DTLSInputRecord [doesn't dispose 
>> anything](https://github.com/openjdk/jdk/blob/4b9303b77b43d890ebacbec38b4ac5db7e171886/src/java.base/share/classes/sun/security/ssl/DTLSInputRecord.java#L57)
>
> Did you want to cover the update for line 222 at OutputRecord.java as well?

Thanks @XueleiFan , but I guess this needs a bit more love. Just finished 
running jdk_security tests, and a few tests failed, apparently related:
javax/net/ssl/SSLEngine/NoAuthClientAuth.java
javax/net/ssl/TLSv1/TLSRehandshakeTest.java
javax/net/ssl/TLSv1/TLSRehandshakeWithCipherChangeTest.java
javax/net/ssl/TLSv1/TLSRehandshakeWithDataExTest.java
javax/net/ssl/TLSv11/TLSRehandshakeTest.java
javax/net/ssl/TLSv11/TLSRehandshakeWithDataExTest.java

I'll see if I can figure this out.

-

PR: https://git.openjdk.java.net/jdk/pull/6084

Re: RFR: 8275811 Incorrect instance to dispose [v2]

2021-10-22 Thread Xue-Lei Andrew Fan

On Fri, 22 Oct 2021 19:25:38 GMT, Daniel Jeliński  wrote:

>> The current code that changes cipher suites disposes the new suite instead 
>> of the old one, which usually silently fails. This patch fixes the code to 
>> dispose the old instance instead.
>> 
>> DTLS appears to be unaffected: DTLSOutputRecord keeps 2 ciphers and 
>> correctly [disposes the old 
>> one](https://github.com/openjdk/jdk/blob/739769c8fc4b496f08a92225a12d07414537b6c0/src/java.base/share/classes/sun/security/ssl/DTLSOutputRecord.java#L106),
>>  and DTLSInputRecord [doesn't dispose 
>> anything](https://github.com/openjdk/jdk/blob/4b9303b77b43d890ebacbec38b4ac5db7e171886/src/java.base/share/classes/sun/security/ssl/DTLSInputRecord.java#L57)
>
> Daniel Jeliński has updated the pull request incrementally with one 
> additional commit since the last revision:
> 
>   Fix one more case

Looks good to me.  Thank you!

-

Marked as reviewed by xuelei (Reviewer).

PR: https://git.openjdk.java.net/jdk/pull/6084

Re: RFR: 8275811 Incorrect instance to dispose [v2]

2021-10-22 Thread Daniel Jeliński

> The current code that changes cipher suites disposes the new suite instead of 
> the old one, which usually silently fails. This patch fixes the code to 
> dispose the old instance instead.
> 
> DTLS appears to be unaffected: DTLSOutputRecord keeps 2 ciphers and correctly 
> [disposes the old 
> one](https://github.com/openjdk/jdk/blob/739769c8fc4b496f08a92225a12d07414537b6c0/src/java.base/share/classes/sun/security/ssl/DTLSOutputRecord.java#L106),
>  and DTLSInputRecord [doesn't dispose 
> anything](https://github.com/openjdk/jdk/blob/4b9303b77b43d890ebacbec38b4ac5db7e171886/src/java.base/share/classes/sun/security/ssl/DTLSInputRecord.java#L57)

Daniel Jeliński has updated the pull request incrementally with one additional 
commit since the last revision:

  Fix one more case

-

Changes:
  - all: https://git.openjdk.java.net/jdk/pull/6084/files
  - new: https://git.openjdk.java.net/jdk/pull/6084/files/773c073c..1ee99ae4

Webrevs:
 - full: https://webrevs.openjdk.java.net/?repo=jdk&pr=6084&range=01
 - incr: https://webrevs.openjdk.java.net/?repo=jdk&pr=6084&range=00-01

  Stats: 1 line in 1 file changed: 0 ins; 0 del; 1 mod
  Patch: https://git.openjdk.java.net/jdk/pull/6084.diff
  Fetch: git fetch https://git.openjdk.java.net/jdk pull/6084/head:pull/6084

PR: https://git.openjdk.java.net/jdk/pull/6084

Re: RFR: 8275811 Incorrect instance to dispose

2021-10-22 Thread Daniel Jeliński

On Fri, 22 Oct 2021 18:24:22 GMT, Daniel Jeliński  wrote:

> The current code that changes cipher suites disposes the new suite instead of 
> the old one, which usually silently fails. This patch fixes the code to 
> dispose the old instance instead.
> 
> DTLS appears to be unaffected: DTLSOutputRecord keeps 2 ciphers and correctly 
> [disposes the old 
> one](https://github.com/openjdk/jdk/blob/739769c8fc4b496f08a92225a12d07414537b6c0/src/java.base/share/classes/sun/security/ssl/DTLSOutputRecord.java#L106),
>  and DTLSInputRecord [doesn't dispose 
> anything](https://github.com/openjdk/jdk/blob/4b9303b77b43d890ebacbec38b4ac5db7e171886/src/java.base/share/classes/sun/security/ssl/DTLSInputRecord.java#L57)

Ah, missed that one. Fixed.

-

PR: https://git.openjdk.java.net/jdk/pull/6084

Re: RFR: 8275811 Incorrect instance to dispose

2021-10-22 Thread Xue-Lei Andrew Fan

On Fri, 22 Oct 2021 18:24:22 GMT, Daniel Jeliński  wrote:

> The current code that changes cipher suites disposes the new suite instead of 
> the old one, which usually silently fails. This patch fixes the code to 
> dispose the old instance instead.
> 
> DTLS appears to be unaffected: DTLSOutputRecord keeps 2 ciphers and correctly 
> [disposes the old 
> one](https://github.com/openjdk/jdk/blob/739769c8fc4b496f08a92225a12d07414537b6c0/src/java.base/share/classes/sun/security/ssl/DTLSOutputRecord.java#L106),
>  and DTLSInputRecord [doesn't dispose 
> anything](https://github.com/openjdk/jdk/blob/4b9303b77b43d890ebacbec38b4ac5db7e171886/src/java.base/share/classes/sun/security/ssl/DTLSInputRecord.java#L57)

Did you want to cover the update for line 222 at OutputRecord.java as well?

-

PR: https://git.openjdk.java.net/jdk/pull/6084

RFR: 8275811 Incorrect instance to dispose

2021-10-22 Thread Daniel Jeliński

The current code that changes cipher suites disposes the new suite instead of 
the old one, which usually silently fails. This patch fixes the code to dispose 
the old instance instead.

DTLS appears to be unaffected: DTLSOutputRecord keeps 2 ciphers and correctly 
[disposes the old 
one](https://github.com/openjdk/jdk/blob/739769c8fc4b496f08a92225a12d07414537b6c0/src/java.base/share/classes/sun/security/ssl/DTLSOutputRecord.java#L106),
 and DTLSInputRecord [doesn't dispose 
anything](https://github.com/openjdk/jdk/blob/4b9303b77b43d890ebacbec38b4ac5db7e171886/src/java.base/share/classes/sun/security/ssl/DTLSInputRecord.java#L57)

-

Commit messages:
 - Dispose correct cipher

Changes: https://git.openjdk.java.net/jdk/pull/6084/files
 Webrev: https://webrevs.openjdk.java.net/?repo=jdk&pr=6084&range=00
  Issue: https://bugs.openjdk.java.net/browse/JDK-8275811
  Stats: 2 lines in 2 files changed: 0 ins; 0 del; 2 mod
  Patch: https://git.openjdk.java.net/jdk/pull/6084.diff
  Fetch: git fetch https://git.openjdk.java.net/jdk pull/6084/head:pull/6084

PR: https://git.openjdk.java.net/jdk/pull/6084

Re: RFR: 8275811 Incorrect instance to dispose [v6]

Re: RFR: 8275811 Incorrect instance to dispose [v5]

Re: RFR: 8275811 Incorrect instance to dispose [v5]

Re: RFR: 8275811 Incorrect instance to dispose [v6]

Re: RFR: 8275811 Incorrect instance to dispose [v6]

Re: RFR: 8275811 Incorrect instance to dispose [v5]

Re: RFR: 8275811 Incorrect instance to dispose [v5]

Re: RFR: 8275811 Incorrect instance to dispose [v5]

Re: RFR: 8275811 Incorrect instance to dispose [v5]

Re: RFR: 8275811 Incorrect instance to dispose

Re: RFR: 8275811 Incorrect instance to dispose [v4]

Re: RFR: 8275811 Incorrect instance to dispose [v5]

Re: RFR: 8275811 Incorrect instance to dispose [v4]

Re: RFR: 8275811 Incorrect instance to dispose

Re: RFR: 8275811 Incorrect instance to dispose [v4]

Re: RFR: 8275811 Incorrect instance to dispose

Re: RFR: 8275811 Incorrect instance to dispose

Re: RFR: 8275811 Incorrect instance to dispose [v3]

Re: RFR: 8275811 Incorrect instance to dispose [v2]

Re: RFR: 8275811 Incorrect instance to dispose

Re: RFR: 8275811 Incorrect instance to dispose [v2]

Re: RFR: 8275811 Incorrect instance to dispose [v2]

Re: RFR: 8275811 Incorrect instance to dispose

Re: RFR: 8275811 Incorrect instance to dispose

RFR: 8275811 Incorrect instance to dispose

25 matches

Site Navigation

Mail list logo

Footer information