mina-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Zsolt Kúti (Jira) <j...@apache.org>
Subject [jira] [Commented] (DIRMINA-1082) SSLHandler calling wrap method after closeOutBound() on SSLEngine
Date Thu, 22 Oct 2020 07:34:00 GMT

    [ https://issues.apache.org/jira/browse/DIRMINA-1082?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17218829#comment-17218829
] 

Zsolt Kúti commented on DIRMINA-1082:
-------------------------------------

It turned out that the client part of my code was ill-configured. After fixing it I could
make it work.

Sorry for hijacking this issue...

> SSLHandler calling wrap method after closeOutBound() on SSLEngine
> -----------------------------------------------------------------
>
>                 Key: DIRMINA-1082
>                 URL: https://issues.apache.org/jira/browse/DIRMINA-1082
>             Project: MINA
>          Issue Type: Bug
>          Components: Core
>    Affects Versions: 2.0.16
>            Reporter: Kamal Rathod
>            Assignee: Emmanuel Lécharny
>            Priority: Major
>
> Hi,
> I am trying to connect through SSL and Proxy and getting below error.
> _ERROR quickfix.mina.initiator.InitiatorIoHandler - Socket : javax.net.ssl.SSLException:
Improper close state: Status = OK HandshakeStatus = NEED_WRAP_
> _bytesConsumed = 0 bytesProduced = 87_
> _javax.net.ssl.SSLException: Improper close state: Status = OK HandshakeStatus = NEED_WRAP_
> _bytesConsumed = 0 bytesProduced = 87_
>  _at org.apache.mina.filter.ssl.SslHandler.closeOutbound(SslHandler.java:500) ~[mina-core.jar:?]_
>  _at org.apache.mina.filter.ssl.SslFilter.initiateClosure(SslFilter.java:742) ~[mina-core.jar:?]_
>  _at org.apache.mina.filter.ssl.SslFilter.filterClose(SslFilter.java:677) ~[mina-core.jar:?]_
>  _at org.apache.mina.core.filterchain.DefaultIoFilterChain.callPreviousFilterClose(DefaultIoFilterChain.java:648)
~[mina-core.jar:?]_
>  
> I had a look at closeOutBound() method of SslHandler.java and suspect bug there.
> Line 484: sslEngine.closeOutBound()
> Line 490: sslEngine.wrap(emptyBuffer.buf(), outNetBuffer.buf());
>  
> In the scenario the sslEngine is closed first and then the wrap method is called. 
> As per java docs:
>  _In all cases, closure handshake messages are generated by the engine, and {{wrap()}} should
be repeatedly called until the resulting {{SSLEngineResult}}'s status returns "CLOSED", or [{{isOutboundDone()}}|https://docs.oracle.com/javase/7/docs/api/javax/net/ssl/SSLEngine.html#isOutboundDone()] returns
true. All data obtained from the {{wrap()}} method should be sent to the peer._
> _[{{closeOutbound()}}|https://docs.oracle.com/javase/7/docs/api/javax/net/ssl/SSLEngine.html#closeOutbound()] is
used to signal the engine that the application will not be sending any more data._
> So as per docs, wrap should be called repeatedly and then closeOutbound() method, but
in code its reverse, after closeOutbound wrap is called.
> Can someone please check and comment on this?



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@mina.apache.org
For additional commands, e-mail: dev-help@mina.apache.org


Mime
View raw message