Hi,
SSLSocket is behaving weird in 11+27.
In particular:
* Setup a SSLServerSocket.
* Connect with a normal Socket (rawClient).
* Wrap rawClient into a SSLSocket (sslClient).
* sslClient.startHandshake()
Now a few cases:
A) immediate rawClient.close()
If the server is reading via InputStream.read(), then it reads -1.
But if the server reads via InputStream.read(byte[]), then
SSLProtocolException is thrown.
I believe the second behavior is correct, as the client does not send
the close_notify, so the server should throw?
B) sslClient writes data + rawClient.close()
The server reads correctly the data, then reads -1, both with read()
and read(byte[]).
I believe this is wrong as close_notify is not sent by the client.
Running the example with JDK 10 always produces no exceptions and
always reads -1.
Below you can find a reproducible case.
Thanks!
----
public static void main(String[] args) throws Exception
{
SSLContext sslContext = __sslCtxFactory.getSslContext();
int port = 8443;
try (SSLServerSocket sslServer =
(SSLServerSocket)sslContext.getServerSocketFactory().createServerSocket(port))
{
Socket rawClient = new Socket("localhost", port);
SSLSocket sslClient =
(SSLSocket)sslContext.getSocketFactory().createSocket(rawClient,
"localhost", port, false);
SSLSocket socket = (SSLSocket)sslServer.accept();
CountDownLatch latch = new CountDownLatch(1);
new Thread(() ->
{
try
{
while (true)
{
// byte[] buffer = new byte[1024];
// int read = socket.getInputStream().read(buffer);
int read = socket.getInputStream().read();
System.err.println("read = " + read);
if (read < 0)
break;
}
}
catch (IOException x)
{
x.printStackTrace();
}
finally
{
latch.countDown();
}
}).start();
sslClient.startHandshake();
// OutputStream output = sslClient.getOutputStream();
// output.write(0);
// output.flush();
// Raw close.
rawClient.close();
latch.await(10, TimeUnit.SECONDS);
}
}
--
Simone Bordet
----
http://cometd.org
http://webtide.com
Developer advice, training, services and support
from the Jetty & CometD experts.
