Uploaded image for project: 'HttpComponents HttpCore'
  1. HttpComponents HttpCore
  2. HTTPCORE-322

SSLIOSession infinite loop after alert during handshake

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Critical
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 4.2.3
    • Component/s: HttpCore NIO
    • Labels:
      None

      Description

      I have an application using httpcore-nio that occasionally gets stuck in an infinite loop in SSLIOSession:
      "I/O dispatcher 1" prio=10 tid=0x00002aaab82da000 nid=0x5448 runnable [0x000000004271c000]
      java.lang.Thread.State: RUNNABLE
      at sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:767)

      • locked <0x00000000a4f03420> (a sun.security.ssl.SSLEngineImpl)
        at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:719)
      • locked <0x00000000a51faaa0> (a java.lang.Object)
        at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624)
        at org.apache.http.nio.reactor.ssl.SSLIOSession.doUnwrap(SSLIOSession.java:228)
        at org.apache.http.nio.reactor.ssl.SSLIOSession.decryptData(SSLIOSession.java:348)
        at org.apache.http.nio.reactor.ssl.SSLIOSession.isAppInputReady(SSLIOSession.java:371)
      • locked <0x00000000a4f03498> (a org.apache.http.nio.reactor.ssl.SSLIOSession)
        at org.apache.http.impl.nio.reactor.AbstractIODispatch.inputReady(AbstractIODispatch.java:118)
        at org.apache.http.impl.nio.reactor.BaseIOReactor.readable(BaseIOReactor.java:160)
        at org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvent(AbstractIOReactor.java:342)
        at org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvents(AbstractIOReactor.java:320)
        at org.apache.http.impl.nio.reactor.AbstractIOReactor.execute(AbstractIOReactor.java:280)
        at org.apache.http.impl.nio.reactor.BaseIOReactor.execute(BaseIOReactor.java:106)
        at org.apache.http.impl.nio.reactor.AbstractMultiworkerIOReactor$Worker.run(AbstractMultiworkerIOReactor.java:604)
        at java.lang.Thread.run(Thread.java:636)

      In the above example, I was able to determine that this behavior was caused by a client sending a ClientHello that resumed an established session, immediately followed by a CloseNotify Alert. This sequence only sometimes triggers the infinite loop, so the problem appears to be timing related. I get the feeling that there are other sequences that may trigger this, but I don't have any other concrete examples at the moment.

        Attachments

        1. Test.java
          10 kB
          Paul Donohue

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                paulsd Paul Donohue
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: