Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8191808

Configurable read timeout for CRLs

    Details

      Description

      A DESCRIPTION OF THE REQUEST :
      The URICertStore does not set a read timeout. This allows a misbehaving CRL to block a connection on CRL checking.

      This should be limited in the same way the connection timeout is limited to 15 seconds. This may be forced globally by setting the sun.net.client.defaultReadTimeout, but this has global scope. A 15 second read timeout also seems reasonable.

      Alternatively, a new property com.sun.security.crl.readtimeout may be added to specifically target the read timeout on a CRL check.

      JUSTIFICATION :
      A CRL check should not be able to block, or hold the resources the flow of critical code for a long period of time. This could negatively affect a service.

      EXPECTED VERSUS ACTUAL BEHAVIOR :
      EXPECTED -
      A default read timeout of 15 seconds should be applied with an optional property com.sun.security.crl.readtimeout being introduced to set the timeout specifically for the purpose of CRL checking.
      ACTUAL -
      The current implementation allows a misbehaving CRL to indefinitely block a connection.

      ---------- BEGIN SOURCE ----------
      Full PoC available upon request.
      ---------- END SOURCE ----------

      CUSTOMER SUBMITTED WORKAROUND :
      Execute the Java application with -Dsun.net.client.defaultReadTimeout=15000

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                mullan Sean Mullan
                Reporter:
                webbuggrp Webbug Group
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: