New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

java.lang.NullPointerException: ssl at ReferenceCountedOpenSslEngine.rejectRemoteInitiatedRenegotiation #7353

Closed
floragunncom opened this Issue Oct 31, 2017 · 5 comments

Comments

Projects
None yet
3 participants
@floragunncom
Contributor

floragunncom commented Oct 31, 2017

Expected behavior

No NPE

Actual behavior

java.lang.NullPointerException: ssl (see stracktrace below) at ReferenceCountedOpenSslEngine.rejectRemoteInitiatedRenegotiation

Steps to reproduce

Happens randomly

Minimal yet complete reproducer code (or URL to code)

Netty version

4.1.13.Final with tcnative 2.0.5.Final and OpenSSL 1.0.2l 25 May 2017

JVM version (e.g. java -version)

java version "1.8.0_121"
Java(TM) SE Runtime Environment (build 1.8.0_121-b13)
Java HotSpot(TM) 64-Bit Server VM (build 25.121-b13, mixed mode)

OS version (e.g. uname -a)

Darwin MacBook-Pro.local 14.5.0 Darwin Kernel Version 14.5.0: Sun Jun 4 21:40:08 PDT 2017; root:xnu-2782.70.3~1/RELEASE_X86_64 x86_64

io.netty.handler.codec.DecoderException: java.lang.NullPointerException: ssl
	at io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:459) ~[netty-codec-4.1.13.Final.jar:4.1.13.Final]
	at io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:265) ~[netty-codec-4.1.13.Final.jar:4.1.13.Final]
	at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:362) [netty-transport-4.1.13.Final.jar:4.1.13.Final]
	at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:348) [netty-transport-4.1.13.Final.jar:4.1.13.Final]
	at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:340) [netty-transport-4.1.13.Final.jar:4.1.13.Final]
	at io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1334) [netty-transport-4.1.13.Final.jar:4.1.13.Final]
	at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:362) [netty-transport-4.1.13.Final.jar:4.1.13.Final]
	at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:348) [netty-transport-4.1.13.Final.jar:4.1.13.Final]
	at io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:926) [netty-transport-4.1.13.Final.jar:4.1.13.Final]
	at io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:134) [netty-transport-4.1.13.Final.jar:4.1.13.Final]
	at io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:644) [netty-transport-4.1.13.Final.jar:4.1.13.Final]
	at io.netty.channel.nio.NioEventLoop.processSelectedKeysPlain(NioEventLoop.java:544) [netty-transport-4.1.13.Final.jar:4.1.13.Final]
	at io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:498) [netty-transport-4.1.13.Final.jar:4.1.13.Final]
	at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:458) [netty-transport-4.1.13.Final.jar:4.1.13.Final]
	at io.netty.util.concurrent.SingleThreadEventExecutor$5.run(SingleThreadEventExecutor.java:858) [netty-common-4.1.13.Final.jar:4.1.13.Final]
	at java.lang.Thread.run(Thread.java:745) [?:1.8.0_121]
Caused by: java.lang.NullPointerException: ssl
	at io.netty.internal.tcnative.SSL.getHandshakeCount(Native Method) ~[?:?]
	at io.netty.handler.ssl.ReferenceCountedOpenSslEngine.rejectRemoteInitiatedRenegotiation(ReferenceCountedOpenSslEngine.java:985) ~[?:?]
	at io.netty.handler.ssl.ReferenceCountedOpenSslEngine.unwrap(ReferenceCountedOpenSslEngine.java:948) ~[?:?]
	at io.netty.handler.ssl.ReferenceCountedOpenSslEngine.unwrap(ReferenceCountedOpenSslEngine.java:994) ~[?:?]
	at io.netty.handler.ssl.ReferenceCountedOpenSslEngine.unwrap(ReferenceCountedOpenSslEngine.java:1037) ~[?:?]
	at io.netty.handler.ssl.SslHandler$SslEngineType$1.unwrap(SslHandler.java:206) ~[?:?]
	at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1162) ~[?:?]
	at io.netty.handler.ssl.SslHandler.decode(SslHandler.java:1084) ~[?:?]
	at io.netty.handler.codec.ByteToMessageDecoder.decodeRemovalReentryProtection(ByteToMessageDecoder.java:489) ~[?:?]
	at io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:428) ~[?:?]
@normanmaurer

This comment has been minimized.

Show comment
Hide comment
@normanmaurer

normanmaurer Oct 31, 2017

Member
Member

normanmaurer commented Oct 31, 2017

normanmaurer added a commit that referenced this issue Nov 1, 2017

Fix possible NPE in ReferenceCountedOpenSslEngine.rejectRemoteInitiat…
…edRenegotiation()

Motivation:

ReferenceCountedOpenSslEngine.rejectRemoteInitiatedRenegotiation() is called in a finally block to ensure we always check for renegotiation. The problem here is that sometimes we will already shutdown the engine before we call the method which will lead to an NPE in this case as the ssl pointer was already destroyed.

Modifications:

Check that the engine is not destroyed yet before calling SSL.getHandshakeCount(...)

Result:

Fixes [#7353].
@normanmaurer

This comment has been minimized.

Show comment
Hide comment
@normanmaurer

normanmaurer Nov 1, 2017

Member

@floragunncom thanks for reporting. Fixed in #7357

Member

normanmaurer commented Nov 1, 2017

@floragunncom thanks for reporting. Fixed in #7357

@normanmaurer normanmaurer self-assigned this Nov 1, 2017

@normanmaurer normanmaurer added the defect label Nov 1, 2017

@normanmaurer normanmaurer added this to the 4.0.53.Final milestone Nov 1, 2017

normanmaurer added a commit that referenced this issue Nov 2, 2017

Fix possible NPE in ReferenceCountedOpenSslEngine.rejectRemoteInitiat…
…edRenegotiation()

Motivation:

ReferenceCountedOpenSslEngine.rejectRemoteInitiatedRenegotiation() is called in a finally block to ensure we always check for renegotiation. The problem here is that sometimes we will already shutdown the engine before we call the method which will lead to an NPE in this case as the ssl pointer was already destroyed.

Modifications:

Check that the engine is not destroyed yet before calling SSL.getHandshakeCount(...)

Result:

Fixes [#7353].

normanmaurer added a commit that referenced this issue Nov 2, 2017

Fix possible NPE in ReferenceCountedOpenSslEngine.rejectRemoteInitiat…
…edRenegotiation()

Motivation:

ReferenceCountedOpenSslEngine.rejectRemoteInitiatedRenegotiation() is called in a finally block to ensure we always check for renegotiation. The problem here is that sometimes we will already shutdown the engine before we call the method which will lead to an NPE in this case as the ssl pointer was already destroyed.

Modifications:

Check that the engine is not destroyed yet before calling SSL.getHandshakeCount(...)

Result:

Fixes [#7353].
@normanmaurer

This comment has been minimized.

Show comment
Hide comment
@normanmaurer

normanmaurer Nov 2, 2017

Member

Fixed by #7357

Member

normanmaurer commented Nov 2, 2017

Fixed by #7357

@johnou

This comment has been minimized.

Show comment
Hide comment
@johnou

johnou Nov 3, 2017

Contributor

@normanmaurer must be close to release day? 😎

Contributor

johnou commented Nov 3, 2017

@normanmaurer must be close to release day? 😎

@normanmaurer

This comment has been minimized.

Show comment
Hide comment
@normanmaurer

normanmaurer Nov 3, 2017

Member
Member

normanmaurer commented Nov 3, 2017

andsel added a commit to andsel/netty that referenced this issue Nov 15, 2017

Fix possible NPE in ReferenceCountedOpenSslEngine.rejectRemoteInitiat…
…edRenegotiation()

Motivation:

ReferenceCountedOpenSslEngine.rejectRemoteInitiatedRenegotiation() is called in a finally block to ensure we always check for renegotiation. The problem here is that sometimes we will already shutdown the engine before we call the method which will lead to an NPE in this case as the ssl pointer was already destroyed.

Modifications:

Check that the engine is not destroyed yet before calling SSL.getHandshakeCount(...)

Result:

Fixes [netty#7353].

@jjshanks jjshanks referenced this issue Feb 19, 2018

Closed

Netty NPEs during TLS handshake #1825

1 of 2 tasks complete

kiril-me added a commit to kiril-me/netty that referenced this issue Feb 28, 2018

Fix possible NPE in ReferenceCountedOpenSslEngine.rejectRemoteInitiat…
…edRenegotiation()

Motivation:

ReferenceCountedOpenSslEngine.rejectRemoteInitiatedRenegotiation() is called in a finally block to ensure we always check for renegotiation. The problem here is that sometimes we will already shutdown the engine before we call the method which will lead to an NPE in this case as the ssl pointer was already destroyed.

Modifications:

Check that the engine is not destroyed yet before calling SSL.getHandshakeCount(...)

Result:

Fixes [netty#7353].

@adleong adleong referenced this issue Jul 10, 2018

Closed

General OpenSslEngine problem at remote address #1985

1 of 2 tasks complete
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment