Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
[jetty-dev] SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack?
Hi,

we are seeing a lot of these exceptions since upgrading to v. 7.6.3.
Was any work done on the SSL stack on that version?

Are there any changes that could resolve the problem below in newer builds (7.6.4?) If not can you think of any ways around this?

Thanks a lot,
Marco


The stack trace:

07:21:57:562|DEBUG|HttpParser -
javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack?
    at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source) ~[na:1.6]
    at com.sun.net.ssl.internal.ssl.SSLEngineImpl.fatal(Unknown Source) ~[na:1.6]
    at com.sun.net.ssl.internal.ssl.SSLEngineImpl.fatal(Unknown Source) ~[na:1.6]
    at com.sun.net.ssl.internal.ssl.SSLEngineImpl.closeInbound(Unknown Source) ~[na:1.6]
    at org.eclipse.jetty.io.nio.SslConnection.process(SslConnection.java:404) [jetty-io-7.6.3.v20120416.jar:7.6.3.v20120416]
    at org.eclipse.jetty.io.nio.SslConnection.access$900(SslConnection.java:43) [jetty-io-7.6.3.v20120416.jar:7.6.3.v20120416]
    at org.eclipse.jetty.io.nio.SslConnection$SslEndPoint.fill(SslConnection.java:661) ~[jetty-io-7.6.3.v20120416.jar:7.6.3.v20120416]
    at org.eclipse.jetty.http.HttpParser.fill(HttpParser.java:1029) [jetty-http-7.6.3.v20120416.jar:7.6.3.v20120416]
    at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:275) [jetty-http-7.6.3.v20120416.jar:7.6.3.v20120416]
    at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:230) [jetty-http-7.6.3.v20120416.jar:7.6.3.v20120416]
    at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:77) [jetty-server-7.6.3.v20120416.jar:7.6.3.v20120416]
    at org.eclipse.jetty.io.nio.SslConnection.handle(SslConnection.java:191) [jetty-io-7.6.3.v20120416.jar:7.6.3.v20120416]
    at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:606) [jetty-io-7.6.3.v20120416.jar:7.6.3.v20120416]
    at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:46) [jetty-io-7.6.3.v20120416.jar:7.6.3.v20120416]
    at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:603) [jetty-util-7.6.3.v20120416.jar:7.6.3.v20120416]
    at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:538) [jetty-util-7.6.3.v20120416.jar:7.6.3.v20120416]
    at java.lang.Thread.run(Unknown Source) [na:1.6.0_31]
07:21:57:562|DEBUG|HttpParser - HttpParser{s=-14,l=0,c=-3}
org.eclipse.jetty.io.EofException: null
    at org.eclipse.jetty.http.HttpParser.fill(HttpParser.java:1035) [jetty-http-7.6.3.v20120416.jar:7.6.3.v20120416]
    at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:275) [jetty-http-7.6.3.v20120416.jar:7.6.3.v20120416]
    at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:230) [jetty-http-7.6.3.v20120416.jar:7.6.3.v20120416]
    at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:77) [jetty-server-7.6.3.v20120416.jar:7.6.3.v20120416]
    at org.eclipse.jetty.io.nio.SslConnection.handle(SslConnection.java:191) [jetty-io-7.6.3.v20120416.jar:7.6.3.v20120416]
    at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:606) [jetty-io-7.6.3.v20120416.jar:7.6.3.v20120416]
    at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:46) [jetty-io-7.6.3.v20120416.jar:7.6.3.v20120416]
    at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:603) [jetty-util-7.6.3.v20120416.jar:7.6.3.v20120416]
    at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:538) [jetty-util-7.6.3.v20120416.jar:7.6.3.v20120416]
    at java.lang.Thread.run(Unknown Source) [na:1.6.0_31]
Caused by: javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack?
    at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source) ~[na:1.6]
    at com.sun.net.ssl.internal.ssl.SSLEngineImpl.fatal(Unknown Source) ~[na:1.6]
    at com.sun.net.ssl.internal.ssl.SSLEngineImpl.fatal(Unknown Source) ~[na:1.6]
    at com.sun.net.ssl.internal.ssl.SSLEngineImpl.closeInbound(Unknown Source) ~[na:1.6]
    at org.eclipse.jetty.io.nio.SslConnection.process(SslConnection.java:404) [jetty-io-7.6.3.v20120416.jar:7.6.3.v20120416]
    at org.eclipse.jetty.io.nio.SslConnection.access$900(SslConnection.java:43) [jetty-io-7.6.3.v20120416.jar:7.6.3.v20120416]
    at org.eclipse.jetty.io.nio.SslConnection$SslEndPoint.fill(SslConnection.java:661) ~[jetty-io-7.6.3.v20120416.jar:7.6.3.v20120416]
    at org.eclipse.jetty.http.HttpParser.fill(HttpParser.java:1029) [jetty-http-7.6.3.v20120416.jar:7.6.3.v20120416]
    ... 9 common frames omitted

--
Email sent by Signorini Marco.

Back to the top