You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@hc.apache.org by "Yannick Dylla (Jira)" <ji...@apache.org> on 2021/01/11 12:02:00 UTC

[jira] [Created] (HTTPCORE-658) Closing a connection triggers a javax.net.debug error to be logged

Yannick Dylla created HTTPCORE-658:
--------------------------------------

             Summary: Closing a connection triggers a javax.net.debug error to be logged
                 Key: HTTPCORE-658
                 URL: https://issues.apache.org/jira/browse/HTTPCORE-658
             Project: HttpComponents HttpCore
          Issue Type: Bug
            Reporter: Yannick Dylla
         Attachments: tls-close-bug.zip

Hi,
 I noticed that on each SSL/TLS Connection closing the following Exception is logged when {{-Djavax.net.debug=ssl}} is enabled:
{noformat}
javax.net.ssl|ERROR|01|main|2021-01-11 11:38:11.259 CET|TransportContext.java:318|Fatal (INTERNAL_ERROR): closing inbound before receiving peer's close_notify (
"throwable" : {
  javax.net.ssl.SSLException: closing inbound before receiving peer's close_notify
        at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:133)
        at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117)
        at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:313)
        at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:269)
        at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:260)
        at java.base/sun.security.ssl.SSLSocketImpl.shutdownInput(SSLSocketImpl.java:737)
        at java.base/sun.security.ssl.SSLSocketImpl.shutdownInput(SSLSocketImpl.java:716)
        at org.apache.http.impl.BHttpConnectionBase.close(BHttpConnectionBase.java:325)
        at org.apache.http.impl.conn.LoggingManagedHttpClientConnection.close(LoggingManagedHttpClientConnection.java:81)
        at org.apache.http.impl.conn.CPoolEntry.closeConnection(CPoolEntry.java:70)
        at org.apache.http.impl.conn.CPoolEntry.close(CPoolEntry.java:96)
        at org.apache.http.pool.AbstractConnPool.shutdown(AbstractConnPool.java:149)
        at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.shutdown(PoolingHttpClientConnectionManager.java:430)
        at org.apache.http.impl.client.HttpClientBuilder$2.close(HttpClientBuilder.java:1244)
        at org.apache.http.impl.client.InternalHttpClient.close(InternalHttpClient.java:201)
        at TLSCloseBug.main(TLSCloseBug.java:83)}

)
{noformat}
I tracked down the Problem to the BHttpConnectionBase.close code, where socket.shutdownOutput and socket.shutdownInput are called before socket.close().
 Why is that? The code is pretty old so maybe it was required at some point.
 But for the JDK 11 SSLSocketImpl this triggers the error to be logged.
 In general, I think it would be better to remove the shutdownOutput and shutdownInput calls and only rely on the {{Closeable}} contract to clean up the socket.
 For the JDK 11 SSLSocketImpl this would fix the Problem.

I also wrote a small example app to trigger the error: [^tls-close-bug.zip]



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org