You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@mina.apache.org by "Kamal Rathod (JIRA)" <ji...@apache.org> on 2018/03/27 14:40:00 UTC
[jira] [Created] (DIRMINA-1082) SSLHandler calling wrap method
after closeOutBound() on SSLEngine
Kamal Rathod created DIRMINA-1082:
-------------------------------------
Summary: SSLHandler calling wrap method after closeOutBound() on SSLEngine
Key: DIRMINA-1082
URL: https://issues.apache.org/jira/browse/DIRMINA-1082
Project: MINA
Issue Type: Bug
Components: Core
Affects Versions: 2.0.16
Reporter: Kamal Rathod
Hi,
I am trying to connect through SSL and Proxy and getting below error.
_ERROR quickfix.mina.initiator.InitiatorIoHandler - Socket : javax.net.ssl.SSLException: Improper close state: Status = OK HandshakeStatus = NEED_WRAP_
_bytesConsumed = 0 bytesProduced = 87_
_javax.net.ssl.SSLException: Improper close state: Status = OK HandshakeStatus = NEED_WRAP_
_bytesConsumed = 0 bytesProduced = 87_
_at org.apache.mina.filter.ssl.SslHandler.closeOutbound(SslHandler.java:500) ~[mina-core.jar:?]_
_at org.apache.mina.filter.ssl.SslFilter.initiateClosure(SslFilter.java:742) ~[mina-core.jar:?]_
_at org.apache.mina.filter.ssl.SslFilter.filterClose(SslFilter.java:677) ~[mina-core.jar:?]_
_at org.apache.mina.core.filterchain.DefaultIoFilterChain.callPreviousFilterClose(DefaultIoFilterChain.java:648) ~[mina-core.jar:?]_
I had a look at closeOutBound() method of SslHandler.java and suspect bug there.
Line 484: sslEngine.closeOutBound()
Line 490: sslEngine.wrap(emptyBuffer.buf(), outNetBuffer.buf());
In the scenario the sslEngine is closed first and then the wrap method is called.
As per java docs:
_In all cases, closure handshake messages are generated by the engine, and {{wrap()}} should be repeatedly called until the resulting {{SSLEngineResult}}'s status returns "CLOSED", or [{{isOutboundDone()}}|https://docs.oracle.com/javase/7/docs/api/javax/net/ssl/SSLEngine.html#isOutboundDone()] returns true. All data obtained from the {{wrap()}} method should be sent to the peer._
_[{{closeOutbound()}}|https://docs.oracle.com/javase/7/docs/api/javax/net/ssl/SSLEngine.html#closeOutbound()] is used to signal the engine that the application will not be sending any more data._
So as per docs, wrap should be called repeatedly and then closeOutbound() method, but in code its reverse, after closeOutbound wrap is called.
Can someone please check and comment on this?
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)