Re: "Blocking operation" during SSLEngineImpl.unwrap()

Fri, 07 Aug 2020 08:05:39 -0700 

Thanks a lot… So seems like my assumption is correct then :)

Bye
Norman


> On 7. Aug 2020, at 17:00, Xuelei Fan <xuelei....@oracle.com> wrote:
> 
> Hm, it's an interesting bug.  I filed the issue on the Java Bug System.
>   https://bugs.openjdk.java.net/browse/JDK-8251304
> 
> Thanks,
> Xuelei
> 
> On 8/7/2020 5:00 AM, Norman Maurer wrote:
>> Hi there,
>> In netty we support using BlockHound[1] to detect if people do blocking 
>> operations within the EventLoop and so notify them that this should not be 
>> done. While running our integration tests with TLS1.3 we noticed that 
>> unwrap(…) may trigger an FileInputStream.read(…) which in theory could block 
>> for a long time. I was assuming that such an operation should only be done 
>> after SSLEngine.* returns NEED_TASK and so be delegated to another 
>> ThreadPool via getTask().
>> Now the question(s):
>> * Is my assumption incorrect ?
>> * If my assumption is correct should we fix this ?
>> Here is the stack trace when such a blocking call is detected:
>> reactor.blockhound.BlockingOperationError: Blocking call! 
>> java.io.FileInputStream#readBytes
>> at java.base/java.io.FileInputStream.readBytes(FileInputStream.java)
>> at java.base/java.io.FileInputStream.read(FileInputStream.java:273)
>> at java.base/java.io.FilterInputStream.read(FilterInputStream.java:133)
>> at 
>> java.base/sun.security.provider.NativePRNG$RandomIO.readFully(NativePRNG.java:424)
>> at 
>> java.base/sun.security.provider.NativePRNG$RandomIO.ensureBufferValid(NativePRNG.java:526)
>> at 
>> java.base/sun.security.provider.NativePRNG$RandomIO.implNextBytes(NativePRNG.java:545)
>> at 
>> java.base/sun.security.provider.NativePRNG$NonBlocking.engineNextBytes(NativePRNG.java:318)
>> at java.base/java.security.SecureRandom.nextBytes(SecureRandom.java:741)
>> at java.base/sun.security.ssl.RandomCookie.<init>(RandomCookie.java:67)
>> at java.base/sun.security.ssl.SessionId.<init>(SessionId.java:45)
>> at 
>> java.base/sun.security.ssl.NewSessionTicket$NewSessionTicketKickstartProducer.produce(NewSessionTicket.java:225)
>> at 
>> java.base/sun.security.ssl.Finished$T13FinishedConsumer.onConsumeFinished(Finished.java:1100)
>> at 
>> java.base/sun.security.ssl.Finished$T13FinishedConsumer.consume(Finished.java:867)
>> at java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:392)
>> at 
>> java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:443)
>> at 
>> java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:418)
>> at 
>> java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:177)
>> at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:164)
>> at java.base/sun.security.ssl.SSLEngineImpl.decode(SSLEngineImpl.java:681)
>> at 
>> java.base/sun.security.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:636)
>> at java.base/sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:454)
>> at java.base/sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:433)
>> at java.base/javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:634)
>> at 
>> io.netty.handler.ssl.SslHandler$SslEngineType$3.unwrap(SslHandler.java:282)
>> at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1380)
>> at io.netty.handler.ssl.SslHandler.decodeJdkCompatible(SslHandler.java:1275)
>> at io.netty.handler.ssl.SslHandler.decode(SslHandler.java:1322)
>> [1] https://github.com/reactor/BlockHound

Reply via email to