Mailing-List: contact dev-help@hc.apache.org; run by ezmlm
Precedence: bulk
Reply-To: "HttpComponents Project" <dev@hc.apache.org>
Date: Fri, 2 Dec 2011 15:47:40 +0000 (UTC)
From: "Oleg Kalnichevski (Updated) (JIRA)" <jira@apache.org>
To: dev@hc.apache.org
Message-ID: 
 <1763368021.35166.1322840860190.JavaMail.tomcat@hel.zones.apache.org>
In-Reply-To: 
 <321965786.35029.1322836899889.JavaMail.tomcat@hel.zones.apache.org>
Subject: [jira] [Updated] (HTTPASYNC-10) SSL handshake fails and no error is
 reported back to the client
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit


     [ https://issues.apache.org/jira/browse/HTTPASYNC-10?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Oleg Kalnichevski updated HTTPASYNC-10:
---------------------------------------

    Fix Version/s: 4.0-alpha4
    
> SSL handshake fails and no error is reported back to the client
> ---------------------------------------------------------------
>
>                 Key: HTTPASYNC-10
>                 URL: https://issues.apache.org/jira/browse/HTTPASYNC-10
>             Project: HttpComponents HttpAsyncClient
>          Issue Type: Bug
>    Affects Versions: 4.0-alpha3
>         Environment: Windows
>            Reporter: Rosen Anastasov
>             Fix For: 4.0-alpha4
>
>
> SSL handshake fails and no error is reported back to the client. This effectively makes the client to wait forever as the callback is not called.
> The exact place that this happens is during handshake in SSLIOSession.sendEncryptedData(), in int bytesWritten = this.session.channel().write(this.outEncrypted);
> At this moment the server prints a stack trace of an exception:
> javax.net.ssl.SSLHandshakeException: null cert chain
> 	at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
> 	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1611)
> 	at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:187)
> 	at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:177)
> 	at com.sun.net.ssl.internal.ssl.ServerHandshaker.clientCertificate(ServerHandshaker.java:1206)
> 	at com.sun.net.ssl.internal.ssl.ServerHandshaker.processMessage(ServerHandshaker.java:148)
> 	at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:516)
> 	at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:454)
> 	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:884)
> 	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1112)
> 	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1139)
> 	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1123)
> 	at org.mortbay.jetty.security.SslSocketConnector$SslConnection.run(SslSocketConnector.java:675)
> 	at org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:582)
> And the client fails to detect that the connection was not established correctly. The client stack trace when the serve exception is thrown is:
> SSLIOSession.sendEncryptedData() line: 286	
> SSLIOSession.outboundTransport() line: 346	
> DefaultClientIODispatch(AbstractIODispatch<T>).outputReady(IOSession) line: 151	
> BaseIOReactor.writable(SelectionKey) line: 181	
> BaseIOReactor(AbstractIOReactor).processEvent(SelectionKey) line: 346	
> BaseIOReactor(AbstractIOReactor).processEvents(Set<SelectionKey>) line: 320	
> BaseIOReactor(AbstractIOReactor).execute() line: 280	
> BaseIOReactor.execute(IOEventDispatch) line: 106	
> AbstractMultiworkerIOReactor$Worker.run() line: 599	
> Thread.run() line: 619	
> The state of the SSLIOSession at this momment is:
> this	SSLIOSession  (id=40)		127.0.0.1:56496<->127.0.0.1:9099[ACTIVE][rw:w][ACTIVE][NEED_UNWRAP][0][0][109][0]
> 	appBufferStatus	DefaultAsyncClientConnection  (id=47)	http-outgoing-0 [ACTIVE]
> 	appEventMask	5	5
> 	channel	SSLIOSession$InternalByteChannel  (id=49)	org.apache.http.nio.reactor.ssl.SSLIOSession$InternalByteChannel@38d341
> 	defaultMode	SSLMode  (id=50)	CLIENT
> 	endOfStream	FALSE	FALSE
> 	handler	SSLLayeringStrategy$InternalSSLSetupHandler  (id=52)	org.apache.http.nio.conn.ssl.SSLLayeringStrategy$InternalSSLSetupHandler@dafa2
> 	inEncrypted	HeapByteBuffer  (id=54)	java.nio.HeapByteBuffer[pos=0 lim=16665 cap=16665]
> 	initialized	TRUE	TRUE
> 	inPlain	HeapByteBuffer  (id=76)	java.nio.HeapByteBuffer[pos=0 lim=16660 cap=16660]
> 	outEncrypted	HeapByteBuffer  (id=77)	java.nio.HeapByteBuffer[pos=109 lim=16665 cap=16665]
> 	outPlain	HeapByteBuffer  (id=78)	java.nio.HeapByteBuffer[pos=0 lim=16660 cap=16660]
> 	session	IOSessionImpl  (id=79)	127.0.0.1:56496<->127.0.0.1:9099[ACTIVE][rw:w]
> 	sslEngine	SSLEngineImpl  (id=81)	1829ea2[SSLEngine[hostname=localhost port=9099] SSL_NULL_WITH_NULL_NULL]
> 	status	0	0
> I suppose this can be cause by some configuration error, but still the client should not be dying silently.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org