Skip to content

TLS handshake hangs with NIO and TLS 1.3 #715

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
acogoluegnes opened this issue Nov 5, 2021 · 0 comments · Fixed by #716
Closed

TLS handshake hangs with NIO and TLS 1.3 #715

acogoluegnes opened this issue Nov 5, 2021 · 0 comments · Fixed by #716
Assignees
@acogoluegnes
Labels
bug
Milestone
5.14.0

Comments

@acogoluegnes
Copy link
Contributor

Original mailing list post: https://groups.google.com/g/rabbitmq-users/c/LGlpHNx5QIQ/m/AobNKVegAAAJ
Related discussion: #712.
@acogoluegnes acogoluegnes added this to the 5.13.2 milestone Nov 5, 2021
@acogoluegnes acogoluegnes self-assigned this Nov 5, 2021
acogoluegnes added a commit that referenced this issue Nov 5, 2021
@acogoluegnes
Fix handshake with NIO on TLS 1.3
448d3dd 
The unwrapping does not work the same way between TLS 1.2 and 1.3.
This commit makes the unwrapping more reliable by getting
the number of bytes consumed in the unwrapping and then set the
position of the reading ByteBuffer accordingly to the number of bytes.
With TLS 1.3, the unwrapping seems to read the whole content of
the buffer and to extract only the first record, so the rewinding
is necessary.

The commit also adds some debug logging, adds tests on TLS 1.2 and 1.3,
and re-arranges the TLS test (add utility class).

Fixes #715
@acogoluegnes acogoluegnes mentioned this issue Nov 5, 2021
Merged
acogoluegnes added a commit that referenced this issue Nov 8, 2021
@acogoluegnes
Test TLS 1.3 only if available
23961d5 
TLS 1.3 has not been backported to all Java version (e.g. on 9 and 10),
so this commit checks if the protocol is available before
running the test.

References #715
@acogoluegnes acogoluegnes modified the milestones: 5.13.2, 5.14.0 Nov 8, 2021
acogoluegnes added a commit that referenced this issue Nov 8, 2021
@acogoluegnes
Fix handshake with NIO on TLS 1.3
525cb08 
The unwrapping does not work the same way between TLS 1.2 and 1.3.
This commit makes the unwrapping more reliable by getting
the number of bytes consumed in the unwrapping and then set the
position of the reading ByteBuffer accordingly to the number of bytes.
With TLS 1.3, the unwrapping seems to read the whole content of
the buffer and to extract only the first record, so the rewinding
is necessary.

The commit also adds some debug logging, adds tests on TLS 1.2 and 1.3,
and re-arranges the TLS test (add utility class).

Fixes #715

(cherry picked from commit 448d3dd)

Conflicts:
	src/test/java/com/rabbitmq/client/test/ssl/HostnameVerification.java
acogoluegnes added a commit that referenced this issue Nov 8, 2021
@acogoluegnes
Test TLS 1.3 only if available
830bdc6 
TLS 1.3 has not been backported to all Java version (e.g. on 9 and 10),
so this commit checks if the protocol is available before
running the test.

References #715

(cherry picked from commit 23961d5)
acogoluegnes added a commit that referenced this issue Nov 8, 2021
@acogoluegnes
Fix usage of NioParams setter in test
7e830e9 
References #396,#715
@lukebakken lukebakken mentioned this issue Apr 3, 2024
Merged
11 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@acogoluegnes acogoluegnes

Labels
bug
Projects
None yet
Milestone
5.14.0
Development

Successfully merging a pull request may close this issue.

Fix handshake with NIO on TLS 1.3 rabbitmq/rabbitmq-java-client
1 participant
@acogoluegnes