-
-
Notifications
You must be signed in to change notification settings - Fork 15.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Netty tries to use TLSv1.3 on WebSphere where it is not supported #11589
Comments
You can choose what protocols you want to use in |
Well, yes, but I don’t call |
Unfortunately, that's not possible. You probably have to fork or extend the class which builds |
I guess we could at least respect |
Sure, that would be a good workaround, exactly what I had in mind. (Note that I still believe there is a bug in Netty: it should not try to connect using TLS 1.3 and throwing exception in the process, if connecting using TLS 1.2 would work fine. So either Netty should autodetect TLS 1.3 won’t work and use 1.2, or reimplement the missing pieces by itself, so that TLS 1.3 would work even without JRE support.) |
@mormegil-cz honestly I think its a bug in System.out.println(SslProvider.isTlsv13Supported(SslProvider.JDK)); |
@normanmaurer It prints
(Yeah, segmentation fault, no idea what is wrong, but hopefully, for such a simple test, this does not matter, dunno.) |
Motivation: We tightly integrate the TrustManger and KeyManager into our native SSL implementation which means that both of them need to support TLSv1.3 as protocol. This is not always the case and so can produce runtime exceptions. As TLSv1.3 support was backported to Java8 quite some time now we should be a bit more conservative and only enable TLSv1.3 for our native implementation if the JDK implementation supports it as well. This also allows us to remove some hacks we had in place to be able to support it before in Java8. Modifications: - Only enable TLSv1.3 support for our native SSL implementation when the JDK supports it as well - Remove OpenSslTlsv13X509ExtendedTrustManager as its not needed anymore Result: Fixes #11589
Motivation: We tightly integrate the TrustManger and KeyManager into our native SSL implementation which means that both of them need to support TLSv1.3 as protocol. This is not always the case and so can produce runtime exceptions. As TLSv1.3 support was backported to Java8 quite some time now we should be a bit more conservative and only enable TLSv1.3 for our native implementation if the JDK implementation supports it as well. This also allows us to remove some hacks we had in place to be able to support it before in Java8. Modifications: - Only enable TLSv1.3 support for our native SSL implementation when the JDK supports it as well - Remove OpenSslTlsv13X509ExtendedTrustManager as its not needed anymore Result: Fixes #11589
Motivation: We tightly integrate the TrustManger and KeyManager into our native SSL implementation which means that both of them need to support TLSv1.3 as protocol. This is not always the case and so can produce runtime exceptions. As TLSv1.3 support was backported to Java8 quite some time now we should be a bit more conservative and only enable TLSv1.3 for our native implementation if the JDK implementation supports it as well. This also allows us to remove some hacks we had in place to be able to support it before in Java8. Modifications: - Only enable TLSv1.3 support for our native SSL implementation when the JDK supports it as well - Remove OpenSslTlsv13X509ExtendedTrustManager as its not needed anymore Result: Fixes #11589
Motivation: We tightly integrate the TrustManger and KeyManager into our native SSL implementation which means that both of them need to support TLSv1.3 as protocol. This is not always the case and so can produce runtime exceptions. As TLSv1.3 support was backported to Java8 quite some time now we should be a bit more conservative and only enable TLSv1.3 for our native implementation if the JDK implementation supports it as well. This also allows us to remove some hacks we had in place to be able to support it before in Java8. Modifications: - Only enable TLSv1.3 support for our native SSL implementation when the JDK supports it as well - Remove OpenSslTlsv13X509ExtendedTrustManager as its not needed anymore Result: Fixes netty#11589
Motivation: We tightly integrate the TrustManger and KeyManager into our native SSL implementation which means that both of them need to support TLSv1.3 as protocol. This is not always the case and so can produce runtime exceptions. As TLSv1.3 support was backported to Java8 quite some time now we should be a bit more conservative and only enable TLSv1.3 for our native implementation if the JDK implementation supports it as well. This also allows us to remove some hacks we had in place to be able to support it before in Java8. Modifications: - Only enable TLSv1.3 support for our native SSL implementation when the JDK supports it as well - Remove OpenSslTlsv13X509ExtendedTrustManager as its not needed anymore Result: Fixes netty#11589
Motivation: We tightly integrate the TrustManger and KeyManager into our native SSL implementation which means that both of them need to support TLSv1.3 as protocol. This is not always the case and so can produce runtime exceptions. As TLSv1.3 support was backported to Java8 quite some time now we should be a bit more conservative and only enable TLSv1.3 for our native implementation if the JDK implementation supports it as well. This also allows us to remove some hacks we had in place to be able to support it before in Java8. Modifications: - Only enable TLSv1.3 support for our native SSL implementation when the JDK supports it as well - Remove OpenSslTlsv13X509ExtendedTrustManager as its not needed anymore Result: Fixes netty#11589
Expected behavior
On IBM WebSphere with Java 8 with no TLS 1.3 support, Netty should connect using TLS 1.2.
Actual behavior
Netty tries to connect using TLS 1.3 and dies with java.lang.IllegalArgumentException: TLSv1.3 (with client certificates used).
Steps to reproduce
We are using pushy (0.14.2) which connects to APNS’s API (authorized using a client certificate) using netty. When the code is run on IBM WebSphere server, the push messages are not sent, as the sending dies with:
Exception call stack
The problem seems to be that Netty tries to detect whether TLS 1.3 is supported, or not. However, for the
OPENSSL_REFCNT
provider, TLS 1.3 is supported (provided by the native binary), but still it does not work, because the problem is not in the OpenSSL code (which would probably work fine with TLS 1.3) but in theX509ExtendedKeyManager.chooseEngineClientAlias
which calls to the implementation of theX509ExtendedKeyManager
provided by the built-in IBMJSSEProvider2 security provider. Apparently, this provider determines the protocol of thegetHandshakeSession
of theSSLEngine
and dies as soon as it finds out the protocol isTLSv1.3
which is unknown to him. (Even if the used keystore contains a single alias, so there is nothing to choose from…)So, basically,
OPENSSL_REFCNT
should not claim thatisTlsv13Supported=true
if it defers part of its job to the built-in implementation ofX509KeyManager
which does not support TLS 1.3 connections.Right now, we are not sure how we’ll work around the problem. I think we’ll either downgrade Netty, or fork/patch it with a TLS13-hard-disable flag (because IIANM there is no way to force Netty from the outside (e.g. by a JVM system property) not to use TLS 1.3).
See also jchambers/pushy#864
Minimal yet complete reproducer code (or URL to code)
I’m afraid I’m not able to provide a complete reproducer code, as it involves sending push messages with pushy. Basically, pushy seems to create the context using
Netty version
4.1.61.Final
JVM version (e.g.
java -version
)1.8.0_261, Java Runtime Version = 8.0.6.16 - pxa6480sr6fp16-20200902_01(SR6 FP16), Java Compiler = j9jit29, Java VM name = IBM J9 VM
OS version (e.g.
uname -a
)Ubuntu 18.04.5 LTS
The text was updated successfully, but these errors were encountered: