8153572: [JEP 110] IOException (connection closed for reading) is thrown when try to connect HTTPS service
Reviewed-by: rriggs
--- a/jdk/src/java.httpclient/share/classes/java/net/http/AsyncSSLDelegate.java Fri May 06 06:52:13 2016 +0000
+++ b/jdk/src/java.httpclient/share/classes/java/net/http/AsyncSSLDelegate.java Fri May 06 11:30:41 2016 +0100
@@ -144,13 +144,9 @@
sslParameters = Utils.copySSLParameters(sslp);
if (alpn != null) {
sslParameters.setApplicationProtocols(alpn);
- Log.logSSL("Setting application protocols: " + Arrays.toString(alpn));
- } else {
- Log.logSSL("No application protocols proposed");
}
+ logParams(sslParameters);
engine.setSSLParameters(sslParameters);
- engine.setEnabledCipherSuites(sslp.getCipherSuites());
- engine.setEnabledProtocols(sslp.getProtocols());
this.lowerOutput = lowerOutput;
this.client = client;
this.channelInputQ = new Queue<>();
@@ -560,24 +556,26 @@
return sslParameters;
}
- static void printParams(SSLParameters p) {
- System.out.println("SSLParameters:");
+ static void logParams(SSLParameters p) {
+ if (!Log.ssl())
+ return;
+ Log.logSSL("SSLParameters:");
if (p == null) {
- System.out.println("Null params");
+ Log.logSSL("Null params");
return;
}
for (String cipher : p.getCipherSuites()) {
- System.out.printf("cipher: %s\n", cipher);
+ Log.logSSL("cipher: {0}\n", cipher);
}
for (String approto : p.getApplicationProtocols()) {
- System.out.printf("application protocol: %s\n", approto);
+ Log.logSSL("application protocol: {0}\n", approto);
}
for (String protocol : p.getProtocols()) {
- System.out.printf("protocol: %s\n", protocol);
+ Log.logSSL("protocol: {0}\n", protocol);
}
if (p.getServerNames() != null)
- for (SNIServerName sname : p.getServerNames()) {
- System.out.printf("server name: %s\n", sname.toString());
+ for (SNIServerName sname : p.getServerNames()) {
+ Log.logSSL("server name: {0}\n", sname.toString());
}
}
--- a/jdk/src/java.httpclient/share/classes/java/net/http/HttpClientImpl.java Fri May 06 06:52:13 2016 +0000
+++ b/jdk/src/java.httpclient/share/classes/java/net/http/HttpClientImpl.java Fri May 06 11:30:41 2016 +0100
@@ -110,7 +110,10 @@
this.proxySelector = builder.proxy;
authenticator = builder.authenticator;
version = builder.version;
- sslParams = builder.sslParams;
+ if (builder.sslParams == null)
+ sslParams = getDefaultParams(sslContext);
+ else
+ sslParams = builder.sslParams;
connections = new ConnectionPool();
connections.start();
timeouts = new LinkedList<>();
@@ -129,6 +132,12 @@
selmgr.start();
}
+ private static SSLParameters getDefaultParams(SSLContext ctx) {
+ SSLParameters params = ctx.getSupportedSSLParameters();
+ params.setProtocols(new String[]{"TLSv1.2"});
+ return params;
+ }
+
/**
* Wait for activity on given exchange (assuming blocking = false).
* It's a no-op if blocking = true. In particular, the following occurs
--- a/jdk/src/java.httpclient/share/classes/java/net/http/SSLDelegate.java Fri May 06 06:52:13 2016 +0000
+++ b/jdk/src/java.httpclient/share/classes/java/net/http/SSLDelegate.java Fri May 06 11:30:41 2016 +0100
@@ -66,8 +66,6 @@
Log.logSSL("No application protocols proposed");
}
engine.setSSLParameters(sslParameters);
- engine.setEnabledCipherSuites(sslp.getCipherSuites());
- engine.setEnabledProtocols(sslp.getProtocols());
wrapper = new EngineWrapper(chan, engine);
this.chan = chan;
this.client = client;
--- a/jdk/test/java/net/httpclient/http2/BasicTest.java Fri May 06 06:52:13 2016 +0000
+++ b/jdk/test/java/net/httpclient/http2/BasicTest.java Fri May 06 11:30:41 2016 +0100
@@ -98,6 +98,7 @@
simpleTest(true);
streamTest(false);
streamTest(true);
+ paramsTest();
Thread.sleep(1000 * 4);
} finally {
httpServer.stop();
@@ -180,6 +181,30 @@
System.err.println("DONE");
}
+ static void paramsTest() throws Exception {
+ Http2TestServer server = new Http2TestServer(true, 0, (t -> {
+ SSLSession s = t.getSSLSession();
+ String prot = s.getProtocol();
+ if (prot.equals("TLSv1.2")) {
+ t.sendResponseHeaders(200, -1);
+ } else {
+ System.err.printf("Protocols =%s\n", prot);
+ t.sendResponseHeaders(500, -1);
+ }
+ }), exec, sslContext);
+ server.start();
+ int port = server.getAddress().getPort();
+ URI u = new URI("https://127.0.0.1:"+port+"/foo");
+ HttpClient client = getClient();
+ HttpRequest req = client.request(u)
+ .GET();
+ HttpResponse resp = req.response();
+ int stat = resp.statusCode();
+ if (stat != 200) {
+ throw new RuntimeException("paramsTest failed "
+ + Integer.toString(stat));
+ }
+ }
static void simpleTest(boolean secure) throws Exception {
URI uri = getURI(secure);
--- a/jdk/test/java/net/httpclient/http2/java.httpclient/java/net/http/Http2TestExchange.java Fri May 06 06:52:13 2016 +0000
+++ b/jdk/test/java/net/httpclient/http2/java.httpclient/java/net/http/Http2TestExchange.java Fri May 06 11:30:41 2016 +0100
@@ -5,6 +5,7 @@
import java.io.IOException;
import java.net.URI;
import java.net.InetSocketAddress;
+import javax.net.ssl.SSLSession;
public class Http2TestExchange {
@@ -14,6 +15,7 @@
final String method;
final InputStream is;
final BodyOutputStream os;
+ final SSLSession sslSession;
final int streamid;
final boolean pushAllowed;
final Http2TestServerConnection conn;
@@ -24,6 +26,7 @@
Http2TestExchange(int streamid, String method, HttpHeadersImpl reqheaders,
HttpHeadersImpl rspheaders, URI uri, InputStream is,
+ SSLSession sslSession,
BodyOutputStream os, Http2TestServerConnection conn, boolean pushAllowed) {
this.reqheaders = reqheaders;
this.rspheaders = rspheaders;
@@ -32,6 +35,7 @@
this.is = is;
this.streamid = streamid;
this.os = os;
+ this.sslSession = sslSession;
this.pushAllowed = pushAllowed;
this.conn = conn;
this.server = conn.server;
@@ -53,6 +57,10 @@
return method;
}
+ public SSLSession getSSLSession() {
+ return sslSession;
+ }
+
public void close() {
try {
is.close();
--- a/jdk/test/java/net/httpclient/http2/java.httpclient/java/net/http/Http2TestServerConnection.java Fri May 06 06:52:13 2016 +0000
+++ b/jdk/test/java/net/httpclient/http2/java.httpclient/java/net/http/Http2TestServerConnection.java Fri May 06 11:30:41 2016 +0100
@@ -31,6 +31,8 @@
import java.io.OutputStream;
import java.net.Socket;
import java.net.URI;
+import javax.net.ssl.SSLSession;
+import javax.net.ssl.SSLSocket;
import java.net.URISyntaxException;
import static java.net.http.SettingsFrame.HEADER_TABLE_SIZE;
import java.nio.ByteBuffer;
@@ -355,7 +357,8 @@
URI uri = new URI(us);
boolean pushAllowed = clientSettings.getParameter(SettingsFrame.ENABLE_PUSH) == 1;
Http2TestExchange exchange = new Http2TestExchange(streamid, method,
- headers, rspheaders, uri, bis, bos, this, pushAllowed);
+ headers, rspheaders, uri, bis, getSSLSession(),
+ bos, this, pushAllowed);
// give to user
handler.handle(exchange);
@@ -368,6 +371,12 @@
}
}
+ private SSLSession getSSLSession() {
+ if (! (socket instanceof SSLSocket))
+ return null;
+ SSLSocket ssl = (SSLSocket)socket;
+ return ssl.getSession();
+ }
// Runs in own thread
@SuppressWarnings({"rawtypes","unchecked"})