Uploaded image for project: 'HttpComponents HttpCore'
  1. HttpComponents HttpCore
  2. HTTPCORE-658

Closing a connection triggers a javax.net.debug error to be logged

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Minor
    • Resolution: Fixed
    • 4.4.13
    • 4.4.15, 5.1-beta3, 5.1
    • HttpCore
    • None

    Description

      Hi,
      I noticed that on each SSL/TLS Connection closing the following Exception is logged when -Djavax.net.debug=ssl is enabled:

      javax.net.ssl|ERROR|01|main|2021-01-11 11:38:11.259 CET|TransportContext.java:318|Fatal (INTERNAL_ERROR): closing inbound before receiving peer's close_notify (
"throwable" : {
  javax.net.ssl.SSLException: closing inbound before receiving peer's close_notify
        at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:133)
        at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117)
        at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:313)
        at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:269)
        at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:260)
        at java.base/sun.security.ssl.SSLSocketImpl.shutdownInput(SSLSocketImpl.java:737)
        at java.base/sun.security.ssl.SSLSocketImpl.shutdownInput(SSLSocketImpl.java:716)
        at org.apache.http.impl.BHttpConnectionBase.close(BHttpConnectionBase.java:325)
        at org.apache.http.impl.conn.LoggingManagedHttpClientConnection.close(LoggingManagedHttpClientConnection.java:81)
        at org.apache.http.impl.conn.CPoolEntry.closeConnection(CPoolEntry.java:70)
        at org.apache.http.impl.conn.CPoolEntry.close(CPoolEntry.java:96)
        at org.apache.http.pool.AbstractConnPool.shutdown(AbstractConnPool.java:149)
        at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.shutdown(PoolingHttpClientConnectionManager.java:430)
        at org.apache.http.impl.client.HttpClientBuilder$2.close(HttpClientBuilder.java:1244)
        at org.apache.http.impl.client.InternalHttpClient.close(InternalHttpClient.java:201)
        at TLSCloseBug.main(TLSCloseBug.java:83)}

)

      I tracked down the Problem to the BHttpConnectionBase.close code, where socket.shutdownOutput and socket.shutdownInput are called before socket.close().
      Why is that? The code is pretty old so maybe it was required at some point.
      But for the JDK 11 SSLSocketImpl this triggers the error to be logged.
      In general, I think it would be better to remove the shutdownOutput and shutdownInput calls and only rely on the Closeable contract to clean up the socket.
      For the JDK 11 SSLSocketImpl this would fix the Problem.

      I also wrote a small example app to trigger the error: tls-close-bug.zip

      Attachments

        1. tls-close-bug.zip
          1.30 MB
          Yannick Dylla

        Issue Links

          relates to

          Bug - A problem which impairs or prevents the functions of the product. HTTPCORE-22 connection close fails with SSLSocket

          • Major - Major loss of function.
          • Closed

          Activity

            People

              Unassigned Unassigned
              ydylla Yannick Dylla
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: