Uploaded image for project: 'HttpComponents HttpCore'
  1. HttpComponents HttpCore
  2. HTTPCORE-595

Android Conscrypt NPE in SSL_get_shutdown shuts down IOReactor

Attach filesAttach ScreenshotVotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 5.0-beta8
    • Fix Version/s: 5.0-beta9
    • Component/s: HttpCore NIO
    • Labels:
      None
    • Environment:
      Android 8.1 (Oreo)

      Description

      Using HttpCore 5.0-beta8 IOReactor on Android 8.1, a TLS protocol error causes the IOReactor instance to shut down.

      There is an initial SSLProtocolException from the protocol error:

      Read error: ssl=0x9f0ab600: Failure in SSL library, usually a protocol error
      error:10000416:SSL routines:OPENSSL_internal:SSLV3_ALERT_CERTIFICATE_UNKNOWN (external/boringssl/src/ssl/tls_record.cc:579 0x8834dc20:0x00000001)

      This exception appears to be handled properly, but it leaves things in a state so that later this NullPointerException occurs in ConscryptEngine.isInboundDone which shuts down the IOReactor dispatcher:

      2019-09-04 07:37:25.150 32414-32495/com.example.skeleton.app E/MainActivity: java.lang.NullPointerException: ssl == null
      {{ at com.android.org.conscrypt.NativeCrypto.SSL_get_shutdown(Native Method)}}
      {{ at com.android.org.conscrypt.SslWrapper.wasShutdownReceived(SslWrapper.java:483)}}
      {{ at com.android.org.conscrypt.ConscryptEngine.isInboundDone(ConscryptEngine.java:590)}}
      {{ at org.apache.hc.core5.reactor.ssl.SSLIOSession.updateEventMask(SSLIOSession.java:372)}}
      {{ at org.apache.hc.core5.reactor.ssl.SSLIOSession.close(SSLIOSession.java:672)}}
      {{ at org.apache.hc.core5.reactor.InternalDataChannel.close(InternalDataChannel.java:288)}}
      {{ at org.apache.hc.core5.http.impl.nio.AbstractHttp1StreamDuplexer.shutdownSession(AbstractHttp1StreamDuplexer.java:158)}}
      {{ at org.apache.hc.core5.http.impl.nio.AbstractHttp1StreamDuplexer.onException(AbstractHttp1StreamDuplexer.java:383)}}
      {{ at org.apache.hc.core5.http.impl.nio.AbstractHttp1IOEventHandler.exception(AbstractHttp1IOEventHandler.java:89)}}
      {{ at org.apache.hc.core5.http.impl.nio.ServerHttp1IOEventHandler.exception(ServerHttp1IOEventHandler.java:41)}}
      {{ at org.apache.hc.core5.reactor.InternalDataChannel.onException(InternalDataChannel.java:204)}}
      {{ at org.apache.hc.core5.reactor.InternalChannel.handleIOEvent(InternalChannel.java:55)}}
      {{ at org.apache.hc.core5.reactor.SingleCoreIOReactor.processEvents(SingleCoreIOReactor.java:173)}}
      {{ at org.apache.hc.core5.reactor.SingleCoreIOReactor.doExecute(SingleCoreIOReactor.java:123)}}
      {{ at org.apache.hc.core5.reactor.AbstractSingleCoreIOReactor.execute(AbstractSingleCoreIOReactor.java:82)}}
      {{ at org.apache.hc.core5.reactor.IOReactorWorker.run(IOReactorWorker.java:44)}}
      {{ at java.lang.Thread.run(Thread.java:764)}}
      2019-09-04 07:37:25.185 32414-32494/com.example.skeleton.app E/MainActivity: java.lang.NullPointerException: ssl == null
      {{ at com.android.org.conscrypt.NativeCrypto.SSL_get_shutdown(Native Method)}}
      {{ at com.android.org.conscrypt.SslWrapper.wasShutdownReceived(SslWrapper.java:483)}}
      {{ at com.android.org.conscrypt.ConscryptEngine.isInboundDone(ConscryptEngine.java:590)}}
      {{ at org.apache.hc.core5.reactor.ssl.SSLIOSession.updateEventMask(SSLIOSession.java:372)}}
      {{ at org.apache.hc.core5.reactor.ssl.SSLIOSession.close(SSLIOSession.java:672)}}
      {{ at org.apache.hc.core5.reactor.InternalDataChannel.close(InternalDataChannel.java:288)}}
      {{ at org.apache.hc.core5.http.impl.nio.AbstractHttp1StreamDuplexer.shutdownSession(AbstractHttp1StreamDuplexer.java:158)}}
      {{ at org.apache.hc.core5.http.impl.nio.AbstractHttp1StreamDuplexer.onException(AbstractHttp1StreamDuplexer.java:383)}}
      {{ at org.apache.hc.core5.http.impl.nio.AbstractHttp1IOEventHandler.exception(AbstractHttp1IOEventHandler.java:89)}}
      {{ at org.apache.hc.core5.http.impl.nio.ServerHttp1IOEventHandler.exception(ServerHttp1IOEventHandler.java:41)}}
      {{ at org.apache.hc.core5.reactor.InternalDataChannel.onException(InternalDataChannel.java:204)}}
      {{ at org.apache.hc.core5.reactor.InternalChannel.handleIOEvent(InternalChannel.java:55)}}
      {{ at org.apache.hc.core5.reactor.SingleCoreIOReactor.processEvents(SingleCoreIOReactor.java:173)}}
      {{ at org.apache.hc.core5.reactor.SingleCoreIOReactor.doExecute(SingleCoreIOReactor.java:123)}}
      {{ at org.apache.hc.core5.reactor.AbstractSingleCoreIOReactor.execute(AbstractSingleCoreIOReactor.java:82)}}
      {{ at org.apache.hc.core5.reactor.IOReactorWorker.run(IOReactorWorker.java:44)}}
      {{ at java.lang.Thread.run(Thread.java:764)}}

      It appears that Jetty encountered the same bug, which they have a workaround for:

      https://github.com/eclipse/jetty.project/issues/2777

      https://github.com/eclipse/jetty.project/commit/da9c5fcae20a8440ac26cff5c10f155d114ffd6d

      Technically this is likely a bug in a dependency and not in HttpCore proper, but lack of a workaround may hinder its use on Android.

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              rhashimoto Roy Hashimoto

              Dates

              • Created:
                Updated:
                Resolved:

                Issue deployment