Skip to content
Permalink
Browse files
8273553: sun.security.ssl.SSLEngineImpl.closeInbound also has similar…
… error of JDK-8253368

Reviewed-by: xuelei, rhalade, coffeys
  • Loading branch information
Bradford Wetmore committed Apr 2, 2022
1 parent afd0f5a commit 0b09f70a730404ceb827673f1d3c82fbf495bb41
Show file tree
Hide file tree
Showing 3 changed files with 505 additions and 13 deletions.
@@ -48,7 +48,7 @@
import javax.net.ssl.SSLSession;

/**
* Implementation of an non-blocking SSLEngine.
* Implementation of a non-blocking SSLEngine.
*
* @author Brad Wetmore
*/
@@ -270,7 +270,7 @@ private SSLEngineResult writeRecord(
if (ciphertext == null && !conContext.isNegotiated &&
conContext.isInboundClosed() &&
hsStatus == HandshakeStatus.NEED_WRAP) {
// Even the outboud is open, no futher data could be wrapped as:
// Even the outbound is open, no further data could be wrapped as:
// 1. the outbound is empty
// 2. no negotiated connection
// 3. the inbound has closed, cannot complete the handshake
@@ -789,17 +789,17 @@ public void closeInbound() throws SSLException {
// Is it ready to close inbound?
//
// No exception if the initial handshake is not started.
if (!conContext.isInputCloseNotified &&
(conContext.isNegotiated ||
conContext.handshakeContext != null)) {

throw conContext.fatal(Alert.INTERNAL_ERROR,
if (!conContext.isInputCloseNotified && (conContext.isNegotiated
|| conContext.handshakeContext != null)) {
throw new SSLException(
"closing inbound before receiving peer's close_notify");
}

conContext.closeInbound();
} finally {
engineLock.unlock();
try {
conContext.closeInbound();
} finally {
engineLock.unlock();
}
}
}

@@ -838,9 +838,10 @@ private void shutdownInput(
// No need to throw exception if the initial handshake is not started.
try {
if (checkCloseNotify && !conContext.isInputCloseNotified &&
(conContext.isNegotiated || conContext.handshakeContext != null)) {
throw new SSLException(
"closing inbound before receiving peer's close_notify");
(conContext.isNegotiated ||
conContext.handshakeContext != null)) {
throw new SSLException(
"closing inbound before receiving peer's close_notify");
}
} finally {
conContext.closeInbound();

3 comments on commit 0b09f70

@openjdk-notifier
Copy link

@openjdk-notifier openjdk-notifier bot commented on 0b09f70 Apr 2, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@GoeLin
Copy link
Member

@GoeLin GoeLin commented on 0b09f70 Sep 19, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/backport jdk17u-dev

@openjdk
Copy link

@openjdk openjdk bot commented on 0b09f70 Sep 19, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@GoeLin the backport was successfully created on the branch GoeLin-backport-0b09f70a in my personal fork of openjdk/jdk17u-dev. To create a pull request with this backport targeting openjdk/jdk17u-dev:master, just click the following link:

➡️ Create pull request

The title of the pull request is automatically filled in correctly and below you find a suggestion for the pull request body:

Hi all,

This pull request contains a backport of commit 0b09f70a from the openjdk/jdk repository.

The commit being backported was authored by Bradford Wetmore on 2 Apr 2022 and was reviewed by Xue-Lei Andrew Fan, Rajan Halade and Sean Coffey.

Thanks!

If you need to update the source branch of the pull then run the following commands in a local clone of your personal fork of openjdk/jdk17u-dev:

$ git fetch https://github.com/openjdk-bots/jdk17u-dev GoeLin-backport-0b09f70a:GoeLin-backport-0b09f70a
$ git checkout GoeLin-backport-0b09f70a
# make changes
$ git add paths/to/changed/files
$ git commit --message 'Describe additional changes made'
$ git push https://github.com/openjdk-bots/jdk17u-dev GoeLin-backport-0b09f70a

Please sign in to comment.