harmony-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alexander Kleymenov" <kleyme...@gmail.com>
Subject Re: [classlib][xnet] Problem connecting using SSLSocketImpl
Date Wed, 18 Oct 2006 10:26:55 GMT
Hello Gerald,

> Hi Alexander, I'm a bit new at this ASF Harmony stuff so bear with me.

It's OK. We all are involved in a continual learning process.

> I'm using Eclipse on Windblows XP.  I set it up per the instructions on the
> Apache-Harmony web set for configuring Eclipse to work on Harmony code -
> including downloading that VM from IBM.  When I run my class under Eclipse,
> here are the console error messages I get:
> javax.net.ssl.SSLException: Fatal alert received unexpected_message
>        at
> org.apache.harmony.xnet.provider.jsse.SSLSocketImpl.processAlert(SSLSocketIm
> pl.java:790)
>        at
> org.apache.harmony.xnet.provider.jsse.SSLSocketImpl.doHandshake(SSLSocketImp
> l.java:731)
>        at
> org.apache.harmony.xnet.provider.jsse.SSLSocketImpl.startHandshake(SSLSocket
> Impl.java:437)
>        at CreateSSLEng.<init>(CreateSSLEng.java:72)
>        at CreateSSLEng.main(CreateSSLEng.java:93)

Hmm, it is very strange. Stack trace shows that the server side got
unexpected message and reported us about it. In case of unsupported
cipher suites (as we thought) we should receive "handshake_failure"
alert, not "unexpected_message". So the problem here is with client
which sends unexpected message to the server.

> I tried the -Djsse=record,prf,socket VM option you suggest (both in the
> Target field of the Eclipse shortcut and as a Target Platform/Launching
> Arguments VM argument within Eclipse Preferences), but I see nothing in
> Eclipse showing this output.  Perhaps there is a log file somewhere?  I
> dunno.

I could not reproduce your output. I've tried your code to connect to
the JRockit SSL Server Socket configured to use only
"TLS_RSA_WITH_AES_128_CBC_SHA" cipher suite. I have started your code
from eclipse and got:

javax.net.ssl.SSLException: Fatal alert received handshake_failure
  at org.apache.harmony.xnet.provider.jsse.SSLSocketImpl.processAlert(SSLSocketImpl.java:791)
  at org.apache.harmony.xnet.provider.jsse.SSLSocketImpl.doHandshake(SSLSocketImpl.java:732)
  at org.apache.harmony.xnet.provider.jsse.SSLSocketImpl.startHandshake(SSLSocketImpl.java:438)

As expected in case of absence of common cipher suite..

I'm not sure but the reason you got "handshake_failure" alert can be
old SSL version running on the remote side. Harmony's JSSE provider
supports TLS v1 and SSL v3 versions of the protocol, and if the server
uses SSL v2 it simply does not understand the client. If it is
possible try to run the server side with SSL v3 or TLS v1 protocols.

I have added the -Djsse=record,prf,socket option as follows:

Menu Run -> Run... , "Create, manage, and run configurations" window
is appeared. Open "(x)= Argument" tab and write
-Djsse=record,prf,socket in the "VM arguments" text window. Then press
Apply and Run.

Please try these steps – there should be log output in "Console" tab of Eclipse.

Thank You,
Alexander Kleymenov

Terms of use : http://incubator.apache.org/harmony/mailing.html
To unsubscribe, e-mail: harmony-dev-unsubscribe@incubator.apache.org
For additional commands, e-mail: harmony-dev-help@incubator.apache.org

View raw message