Skip to content

Commit

Permalink
8259662: Don't wrap SocketExceptions into SSLExceptions in SSLSocketImpl
Browse files Browse the repository at this point in the history
Reviewed-by: xuelei
  • Loading branch information
cliveverghese authored and XueleiFan committed Feb 22, 2021
1 parent cf0019d commit 63f8fc8
Show file tree
Hide file tree
Showing 7 changed files with 199 additions and 22 deletions.
34 changes: 28 additions & 6 deletions src/java.base/share/classes/sun/security/ssl/SSLSocketImpl.java
Original file line number Diff line number Diff line change
Expand Up @@ -74,6 +74,16 @@
public final class SSLSocketImpl
extends BaseSSLSocketImpl implements SSLTransport {

/**
* ERROR HANDLING GUIDELINES
* (which exceptions to throw and catch and which not to throw and catch)
*
* - if there is an IOException (SocketException) when accessing the
* underlying Socket, pass it through
*
* - do not throw IOExceptions, throw SSLExceptions (or a subclass)
*/

final SSLContextImpl sslContext;
final TransportContext conContext;

Expand Down Expand Up @@ -446,6 +456,8 @@ private void startHandshake(boolean resumable) throws IOException {
throw conContext.fatal(Alert.HANDSHAKE_FAILURE,
"Couldn't kickstart handshaking", iioe);
}
} catch (SocketException se) {
handleException(se);
} catch (IOException ioe) {
throw conContext.fatal(Alert.HANDSHAKE_FAILURE,
"Couldn't kickstart handshaking", ioe);
Expand Down Expand Up @@ -1405,9 +1417,9 @@ private int readHandshakeRecord() throws IOException {
conContext.isNegotiated) {
return 0;
}
} catch (SSLException | InterruptedIOException ssle) {
// don't change exception in case of timeouts or interrupts
throw ssle;
} catch (SSLException | InterruptedIOException | SocketException se) {
// don't change exception in case of timeouts or interrupts or SocketException
throw se;
} catch (IOException ioe) {
throw new SSLException("readHandshakeRecord", ioe);
}
Expand Down Expand Up @@ -1468,9 +1480,9 @@ private ByteBuffer readApplicationRecord(
buffer.position() > 0) {
return buffer;
}
} catch (SSLException | InterruptedIOException ssle) {
// don't change exception in case of timeouts or interrupts
throw ssle;
} catch (SSLException | InterruptedIOException | SocketException se) {
// don't change exception in case of timeouts or interrupts or SocketException.
throw se;
} catch (IOException ioe) {
throw new SSLException("readApplicationRecord", ioe);
}
Expand Down Expand Up @@ -1678,6 +1690,16 @@ private void handleException(Exception cause) throws IOException {
}
}

if (cause instanceof SocketException) {
try {
conContext.fatal(alert, cause);
} catch (Exception e) {
// Just delivering the fatal alert, re-throw the socket exception instead.
}

throw (SocketException)cause;
}

throw conContext.fatal(alert, cause);
}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,7 @@
import java.io.EOFException;
import java.io.IOException;
import java.io.InterruptedIOException;
import java.net.SocketException;
import java.nio.ByteBuffer;
import javax.crypto.AEADBadTagException;
import javax.crypto.BadPaddingException;
Expand Down Expand Up @@ -137,9 +138,9 @@ static Plaintext decode(TransportContext context,
} catch (EOFException eofe) {
// rethrow EOFException, the call will handle it if neede.
throw eofe;
} catch (InterruptedIOException iioe) {
// don't close the Socket in case of timeouts or interrupts.
throw iioe;
} catch (InterruptedIOException | SocketException se) {
// don't close the Socket in case of timeouts or interrupts or SocketException.
throw se;
} catch (IOException ioe) {
throw context.fatal(Alert.UNEXPECTED_MESSAGE, ioe);
}
Expand Down
7 changes: 4 additions & 3 deletions test/jdk/java/net/httpclient/InvalidSSLContextTest.java
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2018, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
Expand Down Expand Up @@ -37,6 +37,7 @@
import java.net.URI;
import java.util.concurrent.CompletableFuture;
import java.util.concurrent.CompletionException;
import java.net.SocketException;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLHandshakeException;
Expand Down Expand Up @@ -173,8 +174,8 @@ public void run() {
s.startHandshake();
s.close();
Assert.fail("SERVER: UNEXPECTED ");
} catch (SSLException he) {
System.out.println("SERVER: caught expected " + he);
} catch (SSLException | SocketException se) {
System.out.println("SERVER: caught expected " + se);
} catch (IOException e) {
System.out.println("SERVER: caught: " + e);
if (!sslServerSocket.isClosed()) {
Expand Down
4 changes: 2 additions & 2 deletions test/jdk/javax/net/ssl/SSLSession/TestEnabledProtocols.java
Original file line number Diff line number Diff line change
Expand Up @@ -89,10 +89,10 @@ protected void runServerApplication(SSLSocket socket) throws Exception {
se.printStackTrace(System.out);
} catch (InterruptedIOException ioe) {
// must have been interrupted, no harm
} catch (SSLException ssle) {
} catch (SSLException | SocketException se) {
// The client side may have closed the socket.
System.out.println("Server SSLException:");
ssle.printStackTrace(System.out);
se.printStackTrace(System.out);
} catch (Exception e) {
System.out.println("Server exception:");
e.printStackTrace(System.out);
Expand Down
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2011, 2018, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2011, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
Expand Down Expand Up @@ -131,9 +131,9 @@ protected void runServerApplication(SSLSocket socket) throws Exception {
sslIS.read();
sslOS.write('A');
sslOS.flush();
} catch (SSLException ssle) {
} catch (SSLException | SocketException se) {
if (!expectFail) {
throw ssle;
throw se;
} // Otherwise, ignore.
}
}
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,153 @@
/*
* Copyright (c) 2021, Amazon and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/

/*
* @test
* @bug 8214339 8259662
* @summary When a SocketException is thrown by the underlying layer, It
* should be thrown as is and not be transformed to an SSLException.
* @library /javax/net/ssl/templates
* @run main/othervm SSLSocketShouldThrowSocketException
*/

import java.io.*;
import java.net.*;
import java.util.*;
import java.security.*;
import javax.net.ssl.*;

import java.util.concurrent.CountDownLatch;
import java.util.concurrent.TimeUnit;

public class SSLSocketShouldThrowSocketException extends SSLSocketTemplate {

boolean handshake;

private final CountDownLatch clientTerminatedCondition = new CountDownLatch(1);

SSLSocketShouldThrowSocketException(boolean handshake) {
this.handshake = handshake;
}

@Override
protected boolean isCustomizedClientConnection() {
return true;
}

@Override
protected void runServerApplication(SSLSocket socket) throws Exception {
clientTerminatedCondition.await(30L, TimeUnit.SECONDS);
}

@Override
protected void runClientApplication(int serverPort) throws Exception {
Socket baseSocket = new Socket("localhost", serverPort);

SSLSocketFactory sslsf =
(SSLSocketFactory) SSLSocketFactory.getDefault();
SSLSocket sslSocket = (SSLSocket)
sslsf.createSocket(baseSocket, "localhost", serverPort, false);

if (this.handshake) {
testHandshakeClose(baseSocket, sslSocket);
} else {
testDataClose(baseSocket, sslSocket);
}

clientTerminatedCondition.countDown();

}

private void testHandshakeClose(Socket baseSocket, SSLSocket sslSocket) throws Exception {
Thread aborter = new Thread() {
@Override
public void run() {

try {
Thread.sleep(10);
System.err.println("Closing the client socket : " + System.nanoTime());
baseSocket.close();
} catch (Exception ieo) {
ieo.printStackTrace();
}
}
};

aborter.start();

try {
// handshaking
System.err.println("Client starting handshake: " + System.nanoTime());
sslSocket.startHandshake();
throw new Exception("Start handshake did not throw an exception");
} catch (SocketException se) {
System.err.println("Caught Expected SocketException");
}

aborter.join();
}

private void testDataClose(Socket baseSocket, SSLSocket sslSocket) throws Exception{

CountDownLatch handshakeCondition = new CountDownLatch(1);

Thread aborter = new Thread() {
@Override
public void run() {

try {
handshakeCondition.await(10L, TimeUnit.SECONDS);
System.err.println("Closing the client socket : " + System.nanoTime());
baseSocket.close();
} catch (Exception ieo) {
ieo.printStackTrace();
}
}
};

aborter.start();

try {
// handshaking
System.err.println("Client starting handshake: " + System.nanoTime());
sslSocket.startHandshake();
handshakeCondition.countDown();
System.err.println("Reading data from server");
BufferedReader is = new BufferedReader(
new InputStreamReader(sslSocket.getInputStream()));
String data = is.readLine();
throw new Exception("Start handshake did not throw an exception");
} catch (SocketException se) {
System.err.println("Caught Expected SocketException");
}

aborter.join();
}

public static void main(String[] args) throws Exception {
// SocketException should be throws during a handshake phase.
(new SSLSocketShouldThrowSocketException(true)).run();
// SocketException should be throw during the application data phase.
(new SSLSocketShouldThrowSocketException(false)).run();
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -31,18 +31,18 @@
* @bug 8214339
* @summary SSLSocketImpl erroneously wraps SocketException
* @library /javax/net/ssl/templates
* @run main/othervm SSLExceptionForIOIssue
* @run main/othervm SocketExceptionForSocketIssues
*/

import javax.net.ssl.*;
import java.io.*;
import java.net.*;

public class SSLExceptionForIOIssue implements SSLContextTemplate {
public class SocketExceptionForSocketIssues implements SSLContextTemplate {

public static void main(String[] args) throws Exception {
System.err.println("===================================");
new SSLExceptionForIOIssue().test();
new SocketExceptionForSocketIssues().test();
}

private void test() throws Exception {
Expand Down Expand Up @@ -79,9 +79,9 @@ private void test() throws Exception {
os.flush();
} catch (SSLProtocolException | SSLHandshakeException sslhe) {
throw sslhe;
} catch (SSLException ssle) {
} catch (SocketException se) {
// the expected exception, ignore it
System.err.println("server exception: " + ssle);
System.err.println("server exception: " + se);
} finally {
if (listenSocket != null) {
listenSocket.close();
Expand Down

1 comment on commit 63f8fc8

@openjdk-notifier
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please sign in to comment.