You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@hc.apache.org by "Roy Hashimoto (Jira)" <ji...@apache.org> on 2019/09/04 15:29:00 UTC

[jira] [Created] (HTTPCORE-595) Android Conscrypt NPE in SSL_get_shutdown shuts down IOReactor

Roy Hashimoto created HTTPCORE-595:
--------------------------------------

             Summary: Android Conscrypt NPE in SSL_get_shutdown shuts down IOReactor
                 Key: HTTPCORE-595
                 URL: https://issues.apache.org/jira/browse/HTTPCORE-595
             Project: HttpComponents HttpCore
          Issue Type: Bug
          Components: HttpCore NIO
    Affects Versions: 5.0-beta8
         Environment: Android 8.1 (Oreo)
            Reporter: Roy Hashimoto


Using HttpCore 5.0-beta8 IOReactor on Android 8.1, a TLS protocol error causes the IOReactor instance to shut down.

There is an initial {{SSLProtocolException}} from the protocol error:

{{Read error: ssl=0x9f0ab600: Failure in SSL library, usually a protocol error}}
{{error:10000416:SSL routines:OPENSSL_internal:SSLV3_ALERT_CERTIFICATE_UNKNOWN (external/boringssl/src/ssl/tls_record.cc:579 0x8834dc20:0x00000001)}}

This exception appears to be handled properly, but it leaves things in a state so that later this {{NullPointerException}} occurs in {{ConscryptEngine.isInboundDone}} which shuts down the {{IOReactor}} dispatcher:

{{2019-09-04 07:37:25.150 32414-32495/com.example.skeleton.app E/MainActivity: java.lang.NullPointerException: ssl == null}}
{{ at com.android.org.conscrypt.NativeCrypto.SSL_get_shutdown(Native Method)}}
{{ at com.android.org.conscrypt.SslWrapper.wasShutdownReceived(SslWrapper.java:483)}}
{{ at com.android.org.conscrypt.ConscryptEngine.isInboundDone(ConscryptEngine.java:590)}}
{{ at org.apache.hc.core5.reactor.ssl.SSLIOSession.updateEventMask(SSLIOSession.java:372)}}
{{ at org.apache.hc.core5.reactor.ssl.SSLIOSession.close(SSLIOSession.java:672)}}
{{ at org.apache.hc.core5.reactor.InternalDataChannel.close(InternalDataChannel.java:288)}}
{{ at org.apache.hc.core5.http.impl.nio.AbstractHttp1StreamDuplexer.shutdownSession(AbstractHttp1StreamDuplexer.java:158)}}
{{ at org.apache.hc.core5.http.impl.nio.AbstractHttp1StreamDuplexer.onException(AbstractHttp1StreamDuplexer.java:383)}}
{{ at org.apache.hc.core5.http.impl.nio.AbstractHttp1IOEventHandler.exception(AbstractHttp1IOEventHandler.java:89)}}
{{ at org.apache.hc.core5.http.impl.nio.ServerHttp1IOEventHandler.exception(ServerHttp1IOEventHandler.java:41)}}
{{ at org.apache.hc.core5.reactor.InternalDataChannel.onException(InternalDataChannel.java:204)}}
{{ at org.apache.hc.core5.reactor.InternalChannel.handleIOEvent(InternalChannel.java:55)}}
{{ at org.apache.hc.core5.reactor.SingleCoreIOReactor.processEvents(SingleCoreIOReactor.java:173)}}
{{ at org.apache.hc.core5.reactor.SingleCoreIOReactor.doExecute(SingleCoreIOReactor.java:123)}}
{{ at org.apache.hc.core5.reactor.AbstractSingleCoreIOReactor.execute(AbstractSingleCoreIOReactor.java:82)}}
{{ at org.apache.hc.core5.reactor.IOReactorWorker.run(IOReactorWorker.java:44)}}
{{ at java.lang.Thread.run(Thread.java:764)}}
{{2019-09-04 07:37:25.185 32414-32494/com.example.skeleton.app E/MainActivity: java.lang.NullPointerException: ssl == null}}
{{ at com.android.org.conscrypt.NativeCrypto.SSL_get_shutdown(Native Method)}}
{{ at com.android.org.conscrypt.SslWrapper.wasShutdownReceived(SslWrapper.java:483)}}
{{ at com.android.org.conscrypt.ConscryptEngine.isInboundDone(ConscryptEngine.java:590)}}
{{ at org.apache.hc.core5.reactor.ssl.SSLIOSession.updateEventMask(SSLIOSession.java:372)}}
{{ at org.apache.hc.core5.reactor.ssl.SSLIOSession.close(SSLIOSession.java:672)}}
{{ at org.apache.hc.core5.reactor.InternalDataChannel.close(InternalDataChannel.java:288)}}
{{ at org.apache.hc.core5.http.impl.nio.AbstractHttp1StreamDuplexer.shutdownSession(AbstractHttp1StreamDuplexer.java:158)}}
{{ at org.apache.hc.core5.http.impl.nio.AbstractHttp1StreamDuplexer.onException(AbstractHttp1StreamDuplexer.java:383)}}
{{ at org.apache.hc.core5.http.impl.nio.AbstractHttp1IOEventHandler.exception(AbstractHttp1IOEventHandler.java:89)}}
{{ at org.apache.hc.core5.http.impl.nio.ServerHttp1IOEventHandler.exception(ServerHttp1IOEventHandler.java:41)}}
{{ at org.apache.hc.core5.reactor.InternalDataChannel.onException(InternalDataChannel.java:204)}}
{{ at org.apache.hc.core5.reactor.InternalChannel.handleIOEvent(InternalChannel.java:55)}}
{{ at org.apache.hc.core5.reactor.SingleCoreIOReactor.processEvents(SingleCoreIOReactor.java:173)}}
{{ at org.apache.hc.core5.reactor.SingleCoreIOReactor.doExecute(SingleCoreIOReactor.java:123)}}
{{ at org.apache.hc.core5.reactor.AbstractSingleCoreIOReactor.execute(AbstractSingleCoreIOReactor.java:82)}}
{{ at org.apache.hc.core5.reactor.IOReactorWorker.run(IOReactorWorker.java:44)}}
{{ at java.lang.Thread.run(Thread.java:764)}}

It appears that Jetty encountered the same bug, which they have a workaround for:

[https://github.com/eclipse/jetty.project/issues/2777]

[https://github.com/eclipse/jetty.project/commit/da9c5fcae20a8440ac26cff5c10f155d114ffd6d]

Technically this is likely a bug in a dependency and not in HttpCore proper, but lack of a workaround may hinder its use on Android.



--
This message was sent by Atlassian Jira
(v8.3.2#803003)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org