Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8268965

TCP Connection Reset when connecting simple socket to SSL server

    XMLWordPrintable

    Details

    • Subcomponent:
    • Introduced In Version:
      11
    • Resolved In Build:
      b06

      Backports

        Description

        Simple socket connection fails with TCP Connection Reset in case of connecting to the SSL Server.
        SSL Server fails as expected: "javax.net.ssl.SSLException: Unsupported or unrecognized SSL message"
        The client connection fails with:
        ACTUAL BEHAVIOUR:
        java.net.SocketException: "Connection reset"
        EXPECTED BEHAVIOUR:
        java.io.EOFException

        It happens because of SSL server does not clean the input stream before closing the underlying socket. As result, it causes TCP connection resets on some platforms.

        JDK8 TLSv1.2 implementation did not have such an issue because of it explicitly clean the input stream before closing the socket : https://hg.openjdk.java.net/jdk8u/jdk8u-dev/jdk/file/fde7fd2a2fd2/src/share/classes/sun/security/ssl/SSLSocketImpl.java#l1932
        Suggest doing the same in the TLSv1.3 implementation.

        Please note: issue reproduced with the PlainSocketImpl only. JDK13 and higher should be run with -Djdk.net.usePlainSocketImpl=true option. JDK8 and JDK11 reproduce this issue in the default configuration.

          Attachments

            Issue Links

              Activity

                People

                Assignee:
                abakhtin Alexey Bakhtin
                Reporter:
                abakhtin Alexey Bakhtin
                Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                  Dates

                  Created:
                  Updated:
                  Resolved: