Skip to content

Fix handshake with NIO on TLS 1.3 #716

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Nov 5, 2021
Merged

Fix handshake with NIO on TLS 1.3 #716

merged 1 commit into from
Nov 5, 2021

Conversation

acogoluegnes
Copy link
Contributor

The unwrapping does not work the same way between TLS 1.2 and 1.3.
This commit makes the unwrapping more reliable by getting
the number of bytes consumed in the unwrapping and then set the
position of the reading ByteBuffer accordingly to the number of bytes.
With TLS 1.3, the unwrapping seems to read the whole content of
the buffer and to extract only the first record, so the rewinding
is necessary.

The commit also adds some debug logging, adds tests on TLS 1.2 and 1.3,
and re-arranges the TLS test (add utility class).

Fixes #715

@acogoluegnes
Fix handshake with NIO on TLS 1.3
448d3dd 
The unwrapping does not work the same way between TLS 1.2 and 1.3.
This commit makes the unwrapping more reliable by getting
the number of bytes consumed in the unwrapping and then set the
position of the reading ByteBuffer accordingly to the number of bytes.
With TLS 1.3, the unwrapping seems to read the whole content of
the buffer and to extract only the first record, so the rewinding
is necessary.

The commit also adds some debug logging, adds tests on TLS 1.2 and 1.3,
and re-arranges the TLS test (add utility class).

Fixes #715
@michaelklishin
Copy link
Contributor

@Yaytay can you please help us verify this PR?

@Yaytay
Copy link

Yaytay commented Nov 5, 2021

Happy to, but it might be early next week before I get the chance.

@Yaytay
Copy link

Yaytay commented Nov 5, 2021

Works for me.
I built it on a Debian VM, copied to my Windows host and specified it explicitly in the pom using systemPath.
Then the code as sent before, using TLv1.3 works.
Thanks.

@michaelklishin michaelklishin merged commit 7fc11b1 into main Nov 5, 2021
@michaelklishin michaelklishin deleted the rabbitmq-java-client-715-handshake-hangs-nio-tls-1-3 branch November 5, 2021 17:15
@acogoluegnes
Copy link
Contributor Author

@acogoluegnes 5.14.0.RC1 is available.

@sergio91pt sergio91pt mentioned this pull request Apr 2, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

TLS handshake hangs with NIO and TLS 1.3
3 participants
@acogoluegnes @michaelklishin @Yaytay