Bug 1673259 - Since JDK 1.8.0_201, NIO connector does not work
Summary: Since JDK 1.8.0_201, NIO connector does not work
Keywords:
Status: CLOSED EOL
Alias: None
Product: JBoss Enterprise Application Platform 6
Classification: JBoss
Component: Web
Version: 6.4.21
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
: ---
Assignee: Rémy Maucherat
QA Contact: Peter Mackay
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2019-02-07 07:26 UTC by Hisanobu Okuda
Modified: 2022-03-13 16:57 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2019-08-19 12:43:54 UTC
Type: Bug
Embargoed:


Attachments (Terms of Use)

Description Hisanobu Okuda 2019-02-07 07:26:29 UTC
Description of problem:
NIO connector is configured as:

            <connector name="https" protocol="org.apache.coyote.http11.Http11NioProtocol" scheme="https" socket-binding="https" secure="true">
                  <ssl name="ssl" key-alias="jboss" password="password" certificate-key-file="/path/to/server.jks"/>

After upgrading JDK to 1.8.0_201, the connector does not work and shows the following error message:

15:22:00,510 INFO  [stdout] (http-127.0.0.1:8443-Acceptor) Using SSLEngineImpl.
15:22:00,547 INFO  [stdout] (http-127.0.0.1:8443-3) Allow unsafe renegotiation: false
15:22:00,547 INFO  [stdout] (http-127.0.0.1:8443-3) Allow legacy hello messages: true
15:22:00,547 INFO  [stdout] (http-127.0.0.1:8443-3) Is initial handshake: true
15:22:00,547 INFO  [stdout] (http-127.0.0.1:8443-3) Is secure renegotiation: false
15:22:00,548 INFO  [stdout] (http-127.0.0.1:8443-3) No available cipher suite for TLSv1
15:22:00,548 INFO  [stdout] (http-127.0.0.1:8443-3) No available cipher suite for TLSv1.1
15:22:00,548 INFO  [stdout] (http-127.0.0.1:8443-3) No available cipher suite for TLSv1.2
15:22:00,548 INFO  [stdout] (http-127.0.0.1:8443-3) http-127.0.0.1:8443-3, fatal error: 40: Couldn't kickstart handshaking
15:22:00,548 INFO  [stdout] (http-127.0.0.1:8443-3) javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suites are inappropriate)
15:22:00,549 INFO  [stdout] (http-127.0.0.1:8443-3) http-127.0.0.1:8443-3, SEND TLSv1.2 ALERT:  fatal, description = handshake_failure
15:22:00,549 INFO  [stdout] (http-127.0.0.1:8443-3) http-127.0.0.1:8443-3, WRITE: TLSv1.2 Alert, length = 2
15:22:00,549 INFO  [stdout] (http-127.0.0.1:8443-3) http-127.0.0.1:8443-3, called closeOutbound()
15:22:00,549 INFO  [stdout] (http-127.0.0.1:8443-3) http-127.0.0.1:8443-3, closeOutboundInternal()
15:22:00,551 INFO  [stdout] (http-127.0.0.1:8443-3) [Raw write]: length = 7
15:22:00,552 INFO  [stdout] (http-127.0.0.1:8443-3) 0000: 15 03 03 00 02 02 28                               ......(


Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:

Comment 1 Hisanobu Okuda 2019-02-07 07:28:42 UTC
Since JDK 1.8.0_201, TLS anon and NULL Cipher Suites are Disabled [1].


$JAVA_HOME/jre/lib/security/java.security:
----------------------------------------------------------------------------
jdk.tls.disabledAlgorithms=SSLv3, RC4, DES, MD5withRSA, DH keySize < 1024, \
    EC keySize < 224, 3DES_EDE_CBC, anon, NULL  <<==anon and NULL are added
----------------------------------------------------------------------------

This causes a side effect to NIO connector.

In org.apache.tomcat.util.net.jsse.NioJSSESocketChannelFactory, if "TLS_EMPTY_RENEGOTIATION_INFO_SCSV" is disabled, RFC_5746_SUPPORTED = false.

NioJSSESocketChannelFactory.java:
-------------------------------------------------------------------------------
114                                 if ("TLS_EMPTY_RENEGOTIATION_INFO_SCSV".equals(cipher)) {
115                                         result = true;
116                                         break;
117                                 }
...
135                 RFC_5746_SUPPORTED = result;
-------------------------------------------------------------------------------


If RFC_5746_SUPPORTED is false, the following code will be executed:


-------------------------------------------------------------------------------
223                 if (!allowUnsafeLegacyRenegotiation && !RFC_5746_SUPPORTED) {
224                         // Prevent further handshakes by removing all cipher suites
225                         engine.setEnabledCipherSuites(new String[0]);
226                 }
-------------------------------------------------------------------------------


This leads to:


server.log:
-------------------------------------------------------------------------------
13:08:39,655 INFO  [stdout] (http-127.0.0.1:8443-4) No available cipher suite for TLSv1
13:08:39,655 INFO  [stdout] (http-127.0.0.1:8443-4) No available cipher suite for TLSv1.1
13:08:39,655 INFO  [stdout] (http-127.0.0.1:8443-4) No available cipher suite for TLSv1.2
-------------------------------------------------------------------------------


Finally, SSL handshake initiation fails:


server.log:
-------------------------------------------------------------------------------
13:08:39,655 INFO  [stdout] (http-127.0.0.1:8443-4) http-127.0.0.1:8443-4, fatal error: 40: Couldn't kickstart handshaking
-------------------------------------------------------------------------------


We have 2 workarounds. The 1st is enabling legacy renegotiation, but it is really bad idea. The 2nd is enabling NULL ciphersuites changing JAVA_HOME/jre/lib/security/java.security:


-------------------------------------------------------------------------------
jdk.tls.disabledAlgorithms=SSLv3, RC4, DES, MD5withRSA, DH keySize < 1024, \
   EC keySize < 224, 3DES_EDE_CBC, anon    <<== remove NULL
-------------------------------------------------------------------------------


However, it is also not a good idea (pretty better than enabling legacy renegotiation though).

[1] https://www.oracle.com/technetwork/java/javase/8u201-relnotes-5209271.html


Note You need to log in before you can comment on or make changes to this bug.