8224829: AsyncSSLSocketClose.java has timing issue
Reviewed-by: jnimeh, dfuchs
This commit is contained in:
parent
8125b0c2ba
commit
a4277e56c8
src/java.base/share/classes/sun/security/ssl
test/jdk
@ -38,6 +38,7 @@ import java.net.SocketException;
|
||||
import java.net.UnknownHostException;
|
||||
import java.nio.ByteBuffer;
|
||||
import java.util.List;
|
||||
import java.util.concurrent.TimeUnit;
|
||||
import java.util.concurrent.locks.ReentrantLock;
|
||||
import java.util.function.BiFunction;
|
||||
import javax.net.ssl.HandshakeCompletedListener;
|
||||
@ -618,27 +619,76 @@ public final class SSLSocketImpl
|
||||
|
||||
// Need a lock here so that the user_canceled alert and the
|
||||
// close_notify alert can be delivered together.
|
||||
conContext.outputRecord.recordLock.lock();
|
||||
try {
|
||||
int linger = getSoLinger();
|
||||
if (linger >= 0) {
|
||||
// don't wait more than SO_LINGER for obtaining the
|
||||
// the lock.
|
||||
//
|
||||
// keep and clear the current thread interruption status.
|
||||
boolean interrupted = Thread.interrupted();
|
||||
try {
|
||||
// send a user_canceled alert if needed.
|
||||
if (useUserCanceled) {
|
||||
conContext.warning(Alert.USER_CANCELED);
|
||||
}
|
||||
if (conContext.outputRecord.recordLock.tryLock() ||
|
||||
conContext.outputRecord.recordLock.tryLock(
|
||||
linger, TimeUnit.SECONDS)) {
|
||||
try {
|
||||
handleClosedNotifyAlert(useUserCanceled);
|
||||
} finally {
|
||||
conContext.outputRecord.recordLock.unlock();
|
||||
}
|
||||
} else {
|
||||
// For layered, non-autoclose sockets, we are not
|
||||
// able to bring them into a usable state, so we
|
||||
// treat it as fatal error.
|
||||
if (!super.isOutputShutdown()) {
|
||||
if (isLayered() && !autoClose) {
|
||||
throw new SSLException(
|
||||
"SO_LINGER timeout, " +
|
||||
"close_notify message cannot be sent.");
|
||||
} else {
|
||||
super.shutdownOutput();
|
||||
if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
|
||||
SSLLogger.warning(
|
||||
"SSLSocket output duplex close failed: " +
|
||||
"SO_LINGER timeout, " +
|
||||
"close_notify message cannot be sent.");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// send a close_notify alert
|
||||
conContext.warning(Alert.CLOSE_NOTIFY);
|
||||
} finally {
|
||||
if (!conContext.isOutboundClosed()) {
|
||||
conContext.outputRecord.close();
|
||||
}
|
||||
|
||||
if ((autoClose || !isLayered()) && !super.isOutputShutdown()) {
|
||||
super.shutdownOutput();
|
||||
// RFC2246 requires that the session becomes
|
||||
// unresumable if any connection is terminated
|
||||
// without proper close_notify messages with
|
||||
// level equal to warning.
|
||||
//
|
||||
// RFC4346 no longer requires that a session not be
|
||||
// resumed if failure to properly close a connection.
|
||||
//
|
||||
// We choose to make the session unresumable if
|
||||
// failed to send the close_notify message.
|
||||
//
|
||||
conContext.conSession.invalidate();
|
||||
if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
|
||||
SSLLogger.warning(
|
||||
"Invalidate the session: SO_LINGER timeout, " +
|
||||
"close_notify message cannot be sent.");
|
||||
}
|
||||
}
|
||||
} catch (InterruptedException ex) {
|
||||
// keep interrupted status
|
||||
interrupted = true;
|
||||
}
|
||||
|
||||
// restore the interrupted status
|
||||
if (interrupted) {
|
||||
Thread.currentThread().interrupt();
|
||||
}
|
||||
} else {
|
||||
conContext.outputRecord.recordLock.lock();
|
||||
try {
|
||||
handleClosedNotifyAlert(useUserCanceled);
|
||||
} finally {
|
||||
conContext.outputRecord.recordLock.unlock();
|
||||
}
|
||||
} finally {
|
||||
conContext.outputRecord.recordLock.unlock();
|
||||
}
|
||||
|
||||
if (!isInputShutdown()) {
|
||||
@ -646,6 +696,28 @@ public final class SSLSocketImpl
|
||||
}
|
||||
}
|
||||
|
||||
private void handleClosedNotifyAlert(
|
||||
boolean useUserCanceled) throws IOException {
|
||||
try {
|
||||
// send a user_canceled alert if needed.
|
||||
if (useUserCanceled) {
|
||||
conContext.warning(Alert.USER_CANCELED);
|
||||
}
|
||||
|
||||
// send a close_notify alert
|
||||
conContext.warning(Alert.CLOSE_NOTIFY);
|
||||
} finally {
|
||||
if (!conContext.isOutboundClosed()) {
|
||||
conContext.outputRecord.close();
|
||||
}
|
||||
|
||||
if (!super.isOutputShutdown() &&
|
||||
(autoClose || !isLayered())) {
|
||||
super.shutdownOutput();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Duplex close, start from closing inbound.
|
||||
*
|
||||
|
@ -53,6 +53,9 @@ public class Tls13PacketSize extends SSLSocketTemplate {
|
||||
|
||||
@Override
|
||||
protected void runServerApplication(SSLSocket socket) throws Exception {
|
||||
// Set SO_LINGER in case of slow socket
|
||||
socket.setSoLinger(true, 10);
|
||||
|
||||
// here comes the test logic
|
||||
InputStream sslIS = socket.getInputStream();
|
||||
OutputStream sslOS = socket.getOutputStream();
|
||||
@ -81,6 +84,9 @@ public class Tls13PacketSize extends SSLSocketTemplate {
|
||||
* @see #isCustomizedClientConnection()
|
||||
*/
|
||||
protected void runClientApplication(SSLSocket socket) throws Exception {
|
||||
// Set SO_LINGER in case of slow socket
|
||||
socket.setSoLinger(true, 10);
|
||||
|
||||
socket.setEnabledProtocols(new String[] {"TLSv1.3"});
|
||||
InputStream sslIS = socket.getInputStream();
|
||||
OutputStream sslOS = socket.getOutputStream();
|
||||
|
147
test/jdk/sun/security/ssl/SSLSocketImpl/BlockedAsyncClose.java
Normal file
147
test/jdk/sun/security/ssl/SSLSocketImpl/BlockedAsyncClose.java
Normal file
@ -0,0 +1,147 @@
|
||||
/*
|
||||
* Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
|
||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||
*
|
||||
* This code is free software; you can redistribute it and/or modify it
|
||||
* under the terms of the GNU General Public License version 2 only, as
|
||||
* published by the Free Software Foundation.
|
||||
*
|
||||
* This code is distributed in the hope that it will be useful, but WITHOUT
|
||||
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
|
||||
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
||||
* version 2 for more details (a copy is included in the LICENSE file that
|
||||
* accompanied this code).
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License version
|
||||
* 2 along with this work; if not, write to the Free Software Foundation,
|
||||
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*
|
||||
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
|
||||
* or visit www.oracle.com if you need additional information or have any
|
||||
* questions.
|
||||
*/
|
||||
|
||||
//
|
||||
// SunJSSE does not support dynamic system properties, no way to re-use
|
||||
// system properties in samevm/agentvm mode.
|
||||
//
|
||||
|
||||
/*
|
||||
* @test
|
||||
* @bug 8224829
|
||||
* @summary AsyncSSLSocketClose.java has timing issue
|
||||
* @run main/othervm BlockedAsyncClose
|
||||
*/
|
||||
|
||||
import javax.net.ssl.*;
|
||||
import java.io.*;
|
||||
import java.net.SocketException;
|
||||
import java.net.InetAddress;
|
||||
import java.net.InetSocketAddress;
|
||||
import java.util.concurrent.CountDownLatch;
|
||||
import java.util.concurrent.TimeUnit;
|
||||
|
||||
public class BlockedAsyncClose implements Runnable {
|
||||
SSLSocket socket;
|
||||
SSLServerSocket ss;
|
||||
|
||||
// Is the socket ready to close?
|
||||
private final CountDownLatch closeCondition = new CountDownLatch(1);
|
||||
|
||||
// Where do we find the keystores?
|
||||
static String pathToStores = "../../../../javax/net/ssl/etc";
|
||||
static String keyStoreFile = "keystore";
|
||||
static String trustStoreFile = "truststore";
|
||||
static String passwd = "passphrase";
|
||||
|
||||
public static void main(String[] args) throws Exception {
|
||||
String keyFilename =
|
||||
System.getProperty("test.src", "./") + "/" + pathToStores +
|
||||
"/" + keyStoreFile;
|
||||
String trustFilename =
|
||||
System.getProperty("test.src", "./") + "/" + pathToStores +
|
||||
"/" + trustStoreFile;
|
||||
|
||||
System.setProperty("javax.net.ssl.keyStore", keyFilename);
|
||||
System.setProperty("javax.net.ssl.keyStorePassword", passwd);
|
||||
System.setProperty("javax.net.ssl.trustStore", trustFilename);
|
||||
System.setProperty("javax.net.ssl.trustStorePassword", passwd);
|
||||
|
||||
new BlockedAsyncClose();
|
||||
}
|
||||
|
||||
public BlockedAsyncClose() throws Exception {
|
||||
SSLServerSocketFactory sslssf =
|
||||
(SSLServerSocketFactory)SSLServerSocketFactory.getDefault();
|
||||
InetAddress loopback = InetAddress.getLoopbackAddress();
|
||||
ss = (SSLServerSocket)sslssf.createServerSocket();
|
||||
ss.bind(new InetSocketAddress(loopback, 0));
|
||||
|
||||
SSLSocketFactory sslsf =
|
||||
(SSLSocketFactory)SSLSocketFactory.getDefault();
|
||||
socket = (SSLSocket)sslsf.createSocket(loopback, ss.getLocalPort());
|
||||
SSLSocket serverSoc = (SSLSocket)ss.accept();
|
||||
ss.close();
|
||||
|
||||
(new Thread(this)).start();
|
||||
serverSoc.startHandshake();
|
||||
|
||||
boolean closeIsReady = closeCondition.await(90L, TimeUnit.SECONDS);
|
||||
if (!closeIsReady) {
|
||||
System.out.println(
|
||||
"Ignore, the closure is not ready yet in 90 seconds.");
|
||||
return;
|
||||
}
|
||||
|
||||
socket.setSoLinger(true, 10);
|
||||
System.out.println("Calling Socket.close");
|
||||
|
||||
// Sleep for a while so that the write thread blocks by hitting the
|
||||
// output stream buffer limit.
|
||||
Thread.sleep(1000);
|
||||
|
||||
socket.close();
|
||||
System.out.println("ssl socket get closed");
|
||||
System.out.flush();
|
||||
}
|
||||
|
||||
// block in write
|
||||
public void run() {
|
||||
byte[] ba = new byte[1024];
|
||||
for (int i = 0; i < ba.length; i++) {
|
||||
ba[i] = 0x7A;
|
||||
}
|
||||
|
||||
try {
|
||||
OutputStream os = socket.getOutputStream();
|
||||
int count = 0;
|
||||
|
||||
// 1st round write
|
||||
count += ba.length;
|
||||
System.out.println(count + " bytes to be written");
|
||||
os.write(ba);
|
||||
System.out.println(count + " bytes written");
|
||||
|
||||
// Signal, ready to close.
|
||||
closeCondition.countDown();
|
||||
|
||||
// write more
|
||||
while (true) {
|
||||
count += ba.length;
|
||||
System.out.println(count + " bytes to be written");
|
||||
os.write(ba);
|
||||
System.out.println(count + " bytes written");
|
||||
}
|
||||
} catch (SocketException se) {
|
||||
// the closing may be in progress
|
||||
System.out.println("interrupted? " + se);
|
||||
} catch (Exception e) {
|
||||
if (socket.isClosed() || socket.isOutputShutdown()) {
|
||||
System.out.println("interrupted, the socket is closed");
|
||||
} else {
|
||||
throw new RuntimeException("interrupted?", e);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
Loading…
x
Reference in New Issue
Block a user