From 7419e8c4fd5b858c43378cffc55b45845f845191 Mon Sep 17 00:00:00 2001 Date: Mon, 8 Mar 2021 09:28:45 +0800 Subject: 8214418: half-closed SSLEngine status may cause application dead loop Summary: : half-closed SSLEngine status may cause application dead loop LLT: NA Patch Type: backport Bug url: https://hg.openjdk.java.net/jdk-updates/jdk11u-dev/rev/6852be0de227 --- .../classes/sun/security/ssl/Ciphertext.java | 2 -- .../classes/sun/security/ssl/SSLEngineImpl.java | 15 ++++++++++++++- .../sun/security/ssl/TransportContext.java | 8 +------- 3 files changed, 15 insertions(+), 10 deletions(-) diff --git a/jdk/src/share/classes/sun/security/ssl/Ciphertext.java b/jdk/src/share/classes/sun/security/ssl/Ciphertext.java index 842db23af..5f95102b4 100644 --- a/jdk/src/share/classes/sun/security/ssl/Ciphertext.java +++ b/jdk/src/share/classes/sun/security/ssl/Ciphertext.java @@ -31,8 +31,6 @@ import javax.net.ssl.SSLEngineResult.HandshakeStatus; * Ciphertext */ final class Ciphertext { - static final Ciphertext CIPHERTEXT_NULL = new Ciphertext(); - final byte contentType; final byte handshakeType; final long recordSN; diff --git a/jdk/src/share/classes/sun/security/ssl/SSLEngineImpl.java b/jdk/src/share/classes/sun/security/ssl/SSLEngineImpl.java index 7906e5181..ef64c7b4e 100644 --- a/jdk/src/share/classes/sun/security/ssl/SSLEngineImpl.java +++ b/jdk/src/share/classes/sun/security/ssl/SSLEngineImpl.java @@ -227,6 +227,19 @@ final class SSLEngineImpl extends SSLEngine implements SSLTransport { hsStatus = ciphertext.handshakeStatus; } else { hsStatus = getHandshakeStatus(); + if (ciphertext == null && !conContext.isNegotiated && + conContext.isInboundClosed() && + hsStatus == HandshakeStatus.NEED_WRAP) { + // Even the outboud is open, no futher data could be wrapped as: + // 1. the outbound is empty + // 2. no negotiated connection + // 3. the inbound has closed, cannot complete the handshake + // + // Mark the engine as closed if the handshake status is + // NEED_WRAP. Otherwise, it could lead to dead loops in + // applications. + status = Status.CLOSED; + } } int deltaSrcs = srcsRemains; @@ -258,7 +271,7 @@ final class SSLEngineImpl extends SSLEngine implements SSLTransport { } if (ciphertext == null) { - return Ciphertext.CIPHERTEXT_NULL; + return null; } // Is the handshake completed? diff --git a/jdk/src/share/classes/sun/security/ssl/TransportContext.java b/jdk/src/share/classes/sun/security/ssl/TransportContext.java index e9ffb3802..77a3c3bd5 100644 --- a/jdk/src/share/classes/sun/security/ssl/TransportContext.java +++ b/jdk/src/share/classes/sun/security/ssl/TransportContext.java @@ -576,13 +576,7 @@ class TransportContext implements ConnectionContext { } else if (!isOutboundClosed()) { // Special case that the inbound was closed, but outbound open. return HandshakeStatus.NEED_WRAP; - } - } else if (isOutboundClosed() && !isInboundClosed()) { - // Special case that the outbound was closed, but inbound open. - return HandshakeStatus.NEED_UNWRAP; - } else if (!isOutboundClosed() && isInboundClosed()) { - // Special case that the inbound was closed, but outbound open. - return HandshakeStatus.NEED_WRAP; + } // Otherwise, both inbound and outbound are closed. } return HandshakeStatus.NOT_HANDSHAKING; -- 2.19.0