8293176: SSLEngine handshaker does not send an alert after a bad parameters #15148
Conversation
|
👋 Welcome back djelinski! A progress list of the required criteria for merging this PR into |
openjdk
bot
changed the title
|
@djelinski The following label will be automatically applied to this pull request:
When this pull request is ready to be reviewed, an "RFR" email will be sent to the corresponding mailing list. If you would like to change these labels, use the /label pull request command. |
Webrevs
|
| try { | ||
| eng.wrap(emptyBuf, alert); | ||
| throw new RuntimeException("Expected wrap to throw"); | ||
| } catch (Exception e) { |
There was a problem hiding this comment.
Catching Exception here will consume the RuntimeException being thrown.
| eng.wrap(emptyBuf, alert); | ||
| throw new RuntimeException("Expected wrap to throw"); | ||
| } catch (Exception e) { | ||
| System.err.println("Received expected exception:"); |
There was a problem hiding this comment.
I find it useful when looking at logs to have the message explicitly say what exception is expected.
| */ | ||
| public class SSLEngineDecodeBadPoint { | ||
| static final byte[] clientHello = HexFormat.of().parseHex( | ||
| "160303013a0100013603031570" + |
There was a problem hiding this comment.
This may be the github display but this line is indented differently than the others.
There was a problem hiding this comment.
Thanks for pointing it out, fixed. Apparently my IntelliJ prefers this style of formatting multiline strings. I wonder if that's configurable.
There was a problem hiding this comment.
I believe so, but I still have to do some of the formatting by hand.
|
Can I get another review on this? |
|
@djelinski This change now passes all automated pre-integration checks. ℹ️ This project also has non-automated pre-integration requirements. Please see the file CONTRIBUTING.md for details. After integration, the commit message for the final commit will be: You can use pull request commands such as /summary, /contributor and /issue to adjust it as needed. At the time when this comment was updated there had been 703 new commits pushed to the
As there are no conflicts, your changes will automatically be rebased on top of these commits when integrating. If you prefer to avoid this automatic rebasing, please check the documentation for the /integrate command for further details. ➡️ To integrate this PR with the above commit message to the |
|
Thanks for the reviews! /integrate |
|
Going to push as commit fee9d33.
Your commit was automatically rebased without conflicts. |
openjdk
bot
removed
ready
|
@djelinski Pushed as commit fee9d33. 💡 You may see a message that your pull request was closed with unmerged commits. This can be safely ignored. |
| */ | ||
| public class SSLEngineDecodeBadPoint { | ||
| static final byte[] clientHello = HexFormat.of().parseHex( | ||
| "160303013a0100013603031570" + |
There was a problem hiding this comment.
I believe so, but I still have to do some of the formatting by hand.
| } catch (Exception e) { | ||
| throw context.conContext.fatal(Alert.INTERNAL_ERROR, | ||
| "Unhandled exception", e); | ||
| } |
There was a problem hiding this comment.
Is there any chance this will double alert?
There was a problem hiding this comment.
Not really. Only the first call to fatal sends an alert, subsequent calls just rethrow the given exception, wrapping it in a SSLException if necessary.
There was a problem hiding this comment.
Thanks for confirming.
Please review this patch that ensures that all exceptions thrown by SSLEngine delegated tasks are translated to alerts.
All exceptions should already be translated to SSLExceptions and alerts by the time we exit from context.dispatch; these exceptions are rethrown by
conContext.fatalwithout modification. With this patch the remaining exceptions are translated tointernal_erroralerts.SSLSocket implements similar handling in SSLSocketImpl#startHandshake. SSLSocket rethrows
SocketExceptions without modification, and translates otherIOExceptions tohandshake_failurealerts. SSLEngine does not need to handleSocketExceptions, and IMOinternal_erroris a better choice here.Tier1-3 tests pass.
Progress
Issue
Reviewers
Reviewing
Using
gitCheckout this PR locally:
$ git fetch https://git.openjdk.org/jdk.git pull/15148/head:pull/15148$ git checkout pull/15148Update a local copy of the PR:
$ git checkout pull/15148$ git pull https://git.openjdk.org/jdk.git pull/15148/headUsing Skara CLI tools
Checkout this PR locally:
$ git pr checkout 15148View PR using the GUI difftool:
$ git pr show -t 15148Using diff file
Download this PR as a diff file:
https://git.openjdk.org/jdk/pull/15148.diff
Webrev
Link to Webrev Comment