8227651: Tests fail with SSLProtocolException: Input record too big

8212096: javax/net/ssl/ServerName/SSLEngineExplorerMatchedSNI.java failed intermittently due to SSLException: Tag mismatch

Backport-of: 7b029ea6ba1d44d361fdf980816732d8454b8194

Author: caojoshua

test/jdk/ProblemList.txt

@@ -651,7 +651,6 @@ sun/security/tools/keytool/ListKeychainStore.sh                 8156889 macosx-a
 
 sun/security/tools/jarsigner/warnings/BadKeyUsageTest.java      8026393 generic-all
 
-javax/net/ssl/ServerName/SSLEngineExplorerMatchedSNI.java       8212096 generic-all
 javax/net/ssl/DTLS/CipherSuite.java                             8202059 macosx-x64
 
 sun/security/provider/KeyStore/DKSTest.sh                       8180266 windows-all

test/jdk/javax/net/ssl/SSLEngine/LargePacket.java

@@ -38,6 +38,7 @@
  */
 
 import javax.net.ssl.*;
+import java.nio.ByteBuffer;
 import java.nio.channels.*;
 import java.net.*;
 
@@ -93,10 +94,10 @@ void doServerSide() throws Exception {
         }
 
         // handshaking
-        handshaking(ssle, sc, null);
+        ByteBuffer peerNetData = handshaking(ssle, sc, null);
 
         // receive application data
-        receive(ssle, sc);
+        receive(ssle, sc, peerNetData);
 
         // send out application data
         deliver(ssle, sc);
@@ -136,13 +137,13 @@ void doClientSide() throws Exception {
         }
 
         // handshaking
-        handshaking(ssle, sc, null);
+        ByteBuffer peerNetData = handshaking(ssle, sc, null);
 
         // send out application data
         deliver(ssle, sc);
 
         // receive application data
-        receive(ssle, sc);
+        receive(ssle, sc, peerNetData);
 
         // close the socket channel.
         sc.close();

test/jdk/javax/net/ssl/SSLEngine/SSLEngineService.java

@@ -70,7 +70,7 @@ private void init(String pathToStores) {
     protected static void deliver(SSLEngine ssle, SocketChannel sc)
         throws Exception {
 
-        // create buufer.
+        // create buffer.
         int appBufferMax = ssle.getSession().getApplicationBufferSize();
         int netBufferMax = ssle.getSession().getPacketBufferSize();
         int length = appBufferMax * (Integer.SIZE / 8);
@@ -128,7 +128,7 @@ protected static void deliver(SSLEngine ssle, SocketChannel sc)
                 // maybe need to enlarge the local network packet buffer.
                 int size = ssle.getSession().getPacketBufferSize();
                 if (size > localNetData.capacity()) {
-                    System.out.println("resize destination buffer upto " +
+                    System.out.println("send: resize destination buffer upto " +
                                 size + " bytes for BUFFER_OVERFLOW");
                     localNetData = enlargeBuffer(localNetData, size);
                 }
@@ -143,16 +143,14 @@ protected static void deliver(SSLEngine ssle, SocketChannel sc)
 
 
     // receive peer application data.
-    protected static void receive(SSLEngine ssle, SocketChannel sc)
-        throws Exception {
+    protected static void receive(SSLEngine ssle, SocketChannel sc,
+            ByteBuffer peerNetData) throws Exception {
 
-        // create buufers.
+        // create buffer.
         int appBufferMax = ssle.getSession().getApplicationBufferSize();
-        int netBufferMax = ssle.getSession().getPacketBufferSize();
 
-        // allocate less in order to check BUFFER_OVERFLOW/BUFFER_UNDERFLOW
+        // allocate less in order to check BUFFER_OVERFLOW
         ByteBuffer peerAppData = ByteBuffer.allocate(appBufferMax/2);
-        ByteBuffer peerNetData = ByteBuffer.allocate(netBufferMax/2);
         int received = -1;
 
         boolean needToReadMore = true;
@@ -189,8 +187,8 @@ protected static void receive(SSLEngine ssle, SocketChannel sc)
 
                 System.out.println("received " + peerAppData.position() +
                         " bytes client application data");
-                System.out.println("\tcomsumed " + res.bytesConsumed() +
-                        " byes network data");
+                System.out.println("\tconsumed " + res.bytesConsumed() +
+                        " bytes network data");
                 peerAppData.clear();
 
                 received -= res.bytesProduced();
@@ -209,7 +207,7 @@ protected static void receive(SSLEngine ssle, SocketChannel sc)
                 // maybe need to enlarge the peer application data buffer.
                 int size = ssle.getSession().getApplicationBufferSize();
                 if (size > peerAppData.capacity()) {
-                    System.out.println("resize destination buffer upto " +
+                    System.out.println("recv: resize destination buffer upto " +
                         size + " bytes for BUFFER_OVERFLOW");
                     peerAppData = enlargeBuffer(peerAppData, size);
                 }
@@ -219,8 +217,8 @@ protected static void receive(SSLEngine ssle, SocketChannel sc)
                 // maybe need to enlarge the peer network packet data buffer.
                 size = ssle.getSession().getPacketBufferSize();
                 if (size > peerNetData.capacity()) {
-                    System.out.println("resize source buffer upto " + size +
-                        " bytes for BUFFER_UNDERFLOW");
+                    System.out.println("recv: resize source buffer upto " +
+                        size + " bytes for BUFFER_UNDERFLOW");
                     peerNetData = enlargeBuffer(peerNetData, size);
                 }
 
@@ -234,15 +232,16 @@ protected static void receive(SSLEngine ssle, SocketChannel sc)
         }
     }
 
-    protected static void handshaking(SSLEngine ssle, SocketChannel sc,
+    protected static ByteBuffer handshaking(SSLEngine ssle, SocketChannel sc,
             ByteBuffer additional) throws Exception {
 
         int appBufferMax = ssle.getSession().getApplicationBufferSize();
         int netBufferMax = ssle.getSession().getPacketBufferSize();
 
+        // zero-byte app buffers - we do not want to exchange app data here
+        ByteBuffer localAppData = ByteBuffer.allocate(0);
+        ByteBuffer peerAppData = ByteBuffer.allocate(0);
         // allocate less in order to check BUFFER_OVERFLOW/BUFFER_UNDERFLOW
-        ByteBuffer localAppData = ByteBuffer.allocate(appBufferMax/10);
-        ByteBuffer peerAppData = ByteBuffer.allocate(appBufferMax/10);
         ByteBuffer localNetData = ByteBuffer.allocate(netBufferMax/10);
         ByteBuffer peerNetData = ByteBuffer.allocate(netBufferMax/10);
 
@@ -272,15 +271,15 @@ protected static void handshaking(SSLEngine ssle, SocketChannel sc,
                     } else {
                         if (sc.read(peerNetData) < 0) {
                             ssle.closeInbound();
-                            return;
+                            throw new EOFException();
                         }
                     }
                 }
 
                 if (underflow) {
                     if (sc.read(peerNetData) < 0) {
                         ssle.closeInbound();
-                        return;
+                        throw new EOFException();
                     }
 
                     underflow = false;
@@ -298,7 +297,7 @@ protected static void handshaking(SSLEngine ssle, SocketChannel sc,
                     // maybe need to enlarge the peer network packet buffer.
                     int size = ssle.getSession().getPacketBufferSize();
                     if (size > peerNetData.capacity()) {
-                        System.out.println("resize source buffer upto " +
+                        System.out.println("hs recv: resize source buffer upto " +
                                 size + " bytes for BUFFER_UNDERFLOW");
                         peerNetData = enlargeBuffer(peerNetData, size);
                     }
@@ -309,7 +308,7 @@ protected static void handshaking(SSLEngine ssle, SocketChannel sc,
                     // maybe need to enlarge the peer application data buffer.
                     size = ssle.getSession().getApplicationBufferSize();
                     if (size > peerAppData.capacity()) {
-                        System.out.println("resize destination buffer upto " +
+                        System.out.println("hs recv: resize destination buffer upto " +
                                 size + " bytes for BUFFER_OVERFLOW");
                         peerAppData = enlargeBuffer(peerAppData, size);
                     }
@@ -346,7 +345,7 @@ protected static void handshaking(SSLEngine ssle, SocketChannel sc,
                     // maybe need to enlarge the local network packet buffer.
                     int size = ssle.getSession().getPacketBufferSize();
                     if (size > localNetData.capacity()) {
-                        System.out.println("resize destination buffer upto " +
+                        System.out.println("hs send: resize destination buffer upto " +
                                 size + " bytes for BUFFER_OVERFLOW");
                         localNetData = enlargeBuffer(localNetData, size);
                     }
@@ -371,6 +370,7 @@ protected static void handshaking(SSLEngine ssle, SocketChannel sc,
             }
         } while (hs != SSLEngineResult.HandshakeStatus.FINISHED &&
                 hs != SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING);
+        return peerNetData;
     }
 
     private static ByteBuffer enlargeBuffer(ByteBuffer buffer, int size) {

test/jdk/javax/net/ssl/ServerName/SSLEngineExplorer.java

@@ -145,10 +145,10 @@ void doServerSide() throws Exception {
         }
 
         // handshaking
-        handshaking(ssle, sc, buffer);
+        ByteBuffer peerNetData = handshaking(ssle, sc, buffer);
 
         // receive application data
-        receive(ssle, sc);
+        receive(ssle, sc, peerNetData);
 
         // send out application data
         deliver(ssle, sc);
@@ -195,13 +195,13 @@ void doClientSide() throws Exception {
         ssle.setEnabledProtocols(supportedProtocols);
 
         // handshaking
-        handshaking(ssle, sc, null);
+        ByteBuffer peerNetData = handshaking(ssle, sc, null);
 
         // send out application data
         deliver(ssle, sc);
 
         // receive application data
-        receive(ssle, sc);
+        receive(ssle, sc, peerNetData);
 
         // close the socket channel.
         sc.close();

test/jdk/javax/net/ssl/ServerName/SSLEngineExplorerMatchedSNI.java

@@ -154,10 +154,10 @@ void doServerSide() throws Exception {
         ssle.setSSLParameters(params);
 
         // handshaking
-        handshaking(ssle, sc, buffer);
+        ByteBuffer peerNetData = handshaking(ssle, sc, buffer);
 
         // receive application data
-        receive(ssle, sc);
+        receive(ssle, sc, peerNetData);
 
         // send out application data
         deliver(ssle, sc);
@@ -209,13 +209,13 @@ void doClientSide() throws Exception {
         ssle.setSSLParameters(params);
 
         // handshaking
-        handshaking(ssle, sc, null);
+        ByteBuffer peerNetData = handshaking(ssle, sc, null);
 
         // send out application data
         deliver(ssle, sc);
 
         // receive application data
-        receive(ssle, sc);
+        receive(ssle, sc, peerNetData);
 
         // check server name indication
         ExtendedSSLSession session = (ExtendedSSLSession)ssle.getSession();

test/jdk/javax/net/ssl/ServerName/SSLEngineExplorerUnmatchedSNI.java

@@ -148,10 +148,10 @@ void doServerSide() throws Exception {
 
         try {
             // handshaking
-            handshaking(ssle, sc, buffer);
+            ByteBuffer peerNetData = handshaking(ssle, sc, buffer);
 
             // receive application data
-            receive(ssle, sc);
+            receive(ssle, sc, peerNetData);
 
             // send out application data
             deliver(ssle, sc);
@@ -213,13 +213,13 @@ void doClientSide() throws Exception {
 
         try {
             // handshaking
-            handshaking(ssle, sc, null);
+            ByteBuffer peerNetData = handshaking(ssle, sc, null);
 
             // send out application data
             deliver(ssle, sc);
 
             // receive application data
-            receive(ssle, sc);
+            receive(ssle, sc, peerNetData);
 
             // check server name indication
             ExtendedSSLSession session = (ExtendedSSLSession)ssle.getSession();

test/jdk/javax/net/ssl/ServerName/SSLEngineExplorerWithCli.java

@@ -136,10 +136,10 @@ void doServerSide() throws Exception {
         }
 
         // handshaking
-        handshaking(ssle, sc, buffer);
+        ByteBuffer peerNetData = handshaking(ssle, sc, buffer);
 
         // receive application data
-        receive(ssle, sc);
+        receive(ssle, sc, peerNetData);
 
         // send out application data
         deliver(ssle, sc);
@@ -190,13 +190,13 @@ void doClientSide() throws Exception {
         ssle.setSSLParameters(params);
 
         // handshaking
-        handshaking(ssle, sc, null);
+        ByteBuffer peerNetData = handshaking(ssle, sc, null);
 
         // send out application data
         deliver(ssle, sc);
 
         // receive application data
-        receive(ssle, sc);
+        receive(ssle, sc, peerNetData);
 
         // check server name indication
         ExtendedSSLSession session = (ExtendedSSLSession)ssle.getSession();

test/jdk/javax/net/ssl/ServerName/SSLEngineExplorerWithSrv.java

@@ -145,10 +145,10 @@ void doServerSide() throws Exception {
         ssle.setSSLParameters(params);
 
         // handshaking
-        handshaking(ssle, sc, buffer);
+        ByteBuffer peerNetData = handshaking(ssle, sc, buffer);
 
         // receive application data
-        receive(ssle, sc);
+        receive(ssle, sc, peerNetData);
 
         // send out application data
         deliver(ssle, sc);
@@ -193,13 +193,13 @@ void doClientSide() throws Exception {
         }
 
         // handshaking
-        handshaking(ssle, sc, null);
+        ByteBuffer peerNetData = handshaking(ssle, sc, null);
 
         // send out application data
         deliver(ssle, sc);
 
         // receive application data
-        receive(ssle, sc);
+        receive(ssle, sc, peerNetData);
 
         // check server name indication
         ExtendedSSLSession session = (ExtendedSSLSession)ssle.getSession();