Issues in netty 4.0 CR2 when SslHandler is followed by MessageToMessageEncoder #1222

Closed
jentfoo opened this Issue Apr 1, 2013 · 4 comments

Comments

Projects
None yet
3 participants

jentfoo commented Apr 1, 2013

I wrote up issue #1163 a while ago with an issue about a regression in SSL in netty 4.0.

Unfortunately I am still able to reproduce that issue. But I have done a bit more investigation and have found a bit more as to why I am having the issue. I found that there are some cases where it works, and some cases where it does not work. For example....

The following WORKS:
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, new TrustManager[]{new DefaultTrustManager()}, null);
SSLEngine sslEngine = sslContext.createSSLEngine();
sslEngine.setUseClientMode(clientMode);
sslEngine.setEnabledCipherSuites(sslEngine.getSupportedCipherSuites());
pipeline.addFirst(SSL_HANDLER, new SslHandler(sslEngine));
pipeline.addLast(FRAME_DECODER, new DelimiterBasedFrameDecoder(Integer.MAX_VALUE, Delimiters.lineDelimiter()));
pipeline.addLast("stringEncoder", new StringEncoder(BufType.BYTE));
pipeline.addLast("stringDecoder", new StringDecoder(CharsetUtil.UTF_8));

But the following DOES NOT WORK:
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, new TrustManager[]{new DefaultTrustManager()}, null);
SSLEngine sslEngine = sslContext.createSSLEngine();
sslEngine.setUseClientMode(clientMode);
sslEngine.setEnabledCipherSuites(sslEngine.getSupportedCipherSuites());
pipeline.addFirst(SSL_HANDLER, new SslHandler(sslEngine));
// insert frame decoder here
pipeline.addLast(ProtobufEncoder.class.getSimpleName(), new ProtobufEncoder());
pipeline.addLast(ProtobufDecoder.class.getSimpleName(), new ProtobufDecoder(Ping.getDefaultInstance()));

I can seem to replicate an exception that looks like this every time a MessageToMessageDecoder/MessageToMessageEncoder is included in the pipeline (which is what my test program in issue #1163 used as well):
io.netty.handler.ssl.NotSslRecordException: not an SSL/TLS record: 088cb3dcb7dc27
at io.netty.handler.ssl.SslHandler.inboundBufferUpdated(SslHandler.java:854)
at io.netty.handler.ssl.SslHandler.flush0(SslHandler.java:573)
at io.netty.handler.ssl.SslHandler.inboundBufferUpdated(SslHandler.java:909)
at io.netty.channel.DefaultChannelHandlerContext.invokeInboundBufferUpdated(DefaultChannelHandlerContext.java:896)
at io.netty.channel.DefaultChannelHandlerContext.fireInboundBufferUpdated0(DefaultChannelHandlerContext.java:864)
at io.netty.channel.DefaultChannelHandlerContext.fireInboundBufferUpdated(DefaultChannelHandlerContext.java:843)
at io.netty.channel.DefaultChannelPipeline.fireInboundBufferUpdated(DefaultChannelPipeline.java:1017)
at io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:115)
at io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:434)
at io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:397)
at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:327)
at io.netty.util.concurrent.SingleThreadEventExecutor$2.run(SingleThreadEventExecutor.java:109)
at java.lang.Thread.run(Thread.java:636)

Please let me know what additional information I can provide. I appreciate your guys help so far!

normanmaurer was assigned Apr 2, 2013

@normanmaurer normanmaurer added a commit that referenced this issue Apr 2, 2013

@normanmaurer normanmaurer [#1222] Correctly handle the case when a MessageToMessageEncoder enco…
…des to ByteBuf and the next outbound buffer is of type ByteBuf
a0fca93
Owner

normanmaurer commented Apr 2, 2013

@jentfoo fixed... thanks fore reporting. I just deployed a snapshot, so could you please retest ?

@normanmaurer normanmaurer added a commit that referenced this issue Apr 2, 2013

@normanmaurer normanmaurer Revert "Let ProtobufEncoder extend MessageToByteEncoder which makes m…
…ore sense. Related to [#1222]"

This reverts commit 6a9d055.
2e3b8f1

jentfoo commented Apr 2, 2013

That seems to have fixed it. Thank you!

Owner

normanmaurer commented Apr 2, 2013

Thanks for verify

Am 02.04.2013 um 16:23 schrieb Mike Jensen notifications@github.com:

That seems to have fixed it. Thank you!


Reply to this email directly or view it on GitHub.

netty / example / src / main / java / io / netty / example / securechat
This example can be used?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment