Return-Path: X-Original-To: apmail-activemq-dev-archive@www.apache.org Delivered-To: apmail-activemq-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id C21AA10582 for ; Wed, 9 Oct 2013 12:32:45 +0000 (UTC) Received: (qmail 32329 invoked by uid 500); 9 Oct 2013 12:32:45 -0000 Delivered-To: apmail-activemq-dev-archive@activemq.apache.org Received: (qmail 32185 invoked by uid 500); 9 Oct 2013 12:32:44 -0000 Mailing-List: contact dev-help@activemq.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@activemq.apache.org Delivered-To: mailing list dev@activemq.apache.org Received: (qmail 32164 invoked by uid 99); 9 Oct 2013 12:32:43 -0000 Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 09 Oct 2013 12:32:43 +0000 Date: Wed, 9 Oct 2013 12:32:43 +0000 (UTC) From: "Kevin Earls (JIRA)" To: dev@activemq.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Updated] (AMQ-4753) amqp+nio+ssl: infinite loop during inital handshake with SSL + client certs MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/AMQ-4753?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Kevin Earls updated AMQ-4753: ----------------------------- Attachment: AMQ-4753Joram.patch This runs the JoramJmsTests with amqp+nio+ssl > amqp+nio+ssl: infinite loop during inital handshake with SSL + client certs > --------------------------------------------------------------------------- > > Key: AMQ-4753 > URL: https://issues.apache.org/jira/browse/AMQ-4753 > Project: ActiveMQ > Issue Type: Bug > Components: JMS client > Affects Versions: 5.8.0 > Environment: java version "1.7.0_25" > Java(TM) SE Runtime Environment (build 1.7.0_25-b15) > Java HotSpot(TM) 64-Bit Server VM (build 23.25-b01, mixed mode) > Reporter: Graham Leggett > Labels: amqp, nio, ssl > Attachments: AMQ-4753Joram.patch, AMQ-4753.patch > > > Start with a client application running qpid v0.24 connecting to activemq v5.8.0 server over amqps. Configure the activemq server to use client SSL certificates for authentication. > {code} > > > {code} > This works and messages successfully flow from server to client. Qpid however has a fatal bug where it cannot recover from broken connections, and so attempt to switch to the activemq amqp client to work around this problem. > On the client, we initialise activemq-amqp with the following parameters: > {code} > > > > > > > {code} > With activemq-amqp in place instead of qpid, the client starts up, but no messages are processed. Instead, it is found that the aqmp+nio+ssl provider is spinning the CPU at 100% part of the way through the SSL handshake process. > A thread dump of the spinning thread is as follows: > {code} > Full thread dump Java HotSpot(TM) 64-Bit Server VM (23.25-b01 mixed mode): > "localhost-startStop-1" daemon prio=10 tid=0x000000000179b800 nid=0x638e runnable [0x00007fd1fd84a000] > java.lang.Thread.State: RUNNABLE > at sun.nio.ch.FileDispatcherImpl.read0(Native Method) > at sun.nio.ch.SocketDispatcher.read(SocketDispatcher.java:39) > at sun.nio.ch.IOUtil.readIntoNativeBuffer(IOUtil.java:225) > at sun.nio.ch.IOUtil.read(IOUtil.java:198) > at sun.nio.ch.SocketChannelImpl.read(SocketChannelImpl.java:375) > - locked <0x00000000c4da50e8> (a java.lang.Object) > at org.apache.activemq.transport.nio.NIOSSLTransport.secureRead(NIOSSLTransport.java:285) > at org.apache.activemq.transport.nio.NIOSSLTransport.doHandshake(NIOSSLTransport.java:333) > at org.apache.activemq.transport.nio.NIOSSLTransport.initializeStreams(NIOSSLTransport.java:128) > at org.apache.activemq.transport.amqp.AmqpNioSslTransport.initializeStreams(AmqpNioSslTransport.java:43) > at org.apache.activemq.transport.tcp.TcpTransport.connect(TcpTransport.java:514) > at org.apache.activemq.transport.nio.NIOTransport.doStart(NIOTransport.java:156) > at org.apache.activemq.transport.nio.NIOSSLTransport.doStart(NIOSSLTransport.java:356) > at org.apache.activemq.util.ServiceSupport.start(ServiceSupport.java:55) > at org.apache.activemq.transport.TransportFilter.start(TransportFilter.java:58) > at org.apache.activemq.transport.TransportFilter.start(TransportFilter.java:58) > at org.apache.activemq.transport.TransportFilter.start(TransportFilter.java:58) > at org.apache.activemq.ActiveMQConnectionFactory.createActiveMQConnection(ActiveMQConnectionFactory.java:273) > at org.apache.activemq.ActiveMQConnectionFactory.createActiveMQConnection(ActiveMQConnectionFactory.java:238) > at org.apache.activemq.ActiveMQConnectionFactory.createConnection(ActiveMQConnectionFactory.java:184) > ... > {code} > If an attempt is made to restart the activemq server, despite the spinning thread on the client the server side disconnection is detected by the client and the following exception is logged and the connection is successfully aborted: > {code} > Caused by: java.io.IOException: javax.net.ssl.SSLException: Received close_notify during handshake > at org.apache.activemq.transport.nio.NIOSSLTransport.initializeStreams(NIOSSLTransport.java:130) > at org.apache.activemq.transport.amqp.AmqpNioSslTransport.initializeStreams(AmqpNioSslTransport.java:43) > at org.apache.activemq.transport.tcp.TcpTransport.connect(TcpTransport.java:514) > at org.apache.activemq.transport.nio.NIOTransport.doStart(NIOTransport.java:156) > at org.apache.activemq.transport.nio.NIOSSLTransport.doStart(NIOSSLTransport.java:356) > at org.apache.activemq.util.ServiceSupport.start(ServiceSupport.java:55) > at org.apache.activemq.transport.TransportFilter.start(TransportFilter.java:58) > at org.apache.activemq.transport.TransportFilter.start(TransportFilter.java:58) > at org.apache.activemq.transport.TransportFilter.start(TransportFilter.java:58) > at org.apache.activemq.ActiveMQConnectionFactory.createActiveMQConnection(ActiveMQConnectionFactory.java:273) > ... 33 more > Caused by: javax.net.ssl.SSLException: Received close_notify during handshake > at sun.security.ssl.Alerts.getSSLException(Alerts.java:208) > at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1619) > at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1587) > at sun.security.ssl.SSLEngineImpl.recvAlert(SSLEngineImpl.java:1732) > at sun.security.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:1060) > at sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:884) > at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:758) > at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624) > at org.apache.activemq.transport.nio.NIOSSLTransport.secureRead(NIOSSLTransport.java:304) > at org.apache.activemq.transport.nio.NIOSSLTransport.doHandshake(NIOSSLTransport.java:333) > at org.apache.activemq.transport.nio.NIOSSLTransport.initializeStreams(NIOSSLTransport.java:128) > ... 42 more > {code} > What seems to be happening is that amqp+nio+ssl gets part of the way through the handshake fails and goes into a spin, continuing the spin until the TCP connection is killed from the other side, at which point the client aborts and continues as if nothing had happened. -- This message was sent by Atlassian JIRA (v6.1#6144)