jTDS - SQL Server and Sybase JDBC driver / Patches / #129 jTDS driver ssl connection hangs with JRE 1.8

Bain - 2014-10-23

Do you think there is any need for the JDK check. This check does not make sense because an SSL packet is valid anywhere in a buffer. All the check will do is introduce similar bugs if the SSL implementation changes again.

Here is another patch without the JDK check.

Last edit: Bain 2014-10-23

fix.patch

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
- Anonymous
  
  Add attachments
  Cancel
  You seem to have CSS turned off. Please don't fill out this field.
  
  You seem to have CSS turned off. Please don't fill out this field.

momo - 2014-11-13

Thank you both for investigating this problem and providing a solution! I applied the (improved) patch with SVN revision [1286].

Cheers,
momo

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
- Anonymous
  
  Add attachments
  Cancel
  You seem to have CSS turned off. Please don't fill out this field.
  
  You seem to have CSS turned off. Please don't fill out this field.

momo - 2014-11-13

status: open --> closed

assigned_to: momo
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
- Anonymous
  
  Add attachments
  Cancel
  You seem to have CSS turned off. Please don't fill out this field.
  
  You seem to have CSS turned off. Please don't fill out this field.

Comment has been marked as spam.
Undo

View and moderate all "patches Discussion" comments posted by this user

Mark all as spam, and block user from posting to "Patches"

Anonymous - 2015-02-25

Hello ! When are you releasing the next version so that we use this fix in the application?.

Last edit: Nida 2016-03-31

Hello ! When are you releasing the next version so that we use this fix in the application?.

Add attachments
Cancel
You seem to have CSS turned off. Please don't fill out this field.

You seem to have CSS turned off. Please don't fill out this field.

New Attachment:

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
- Anonymous
  
  Add attachments
  Cancel
  You seem to have CSS turned off. Please don't fill out this field.
  
  You seem to have CSS turned off. Please don't fill out this field.

Nida - 2016-03-31

Looks like this needs another fix. line 52: if(contentType < 20 || contentType > 23 || length > len - 5)

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
- Anonymous
  
  Add attachments
  Cancel
  You seem to have CSS turned off. Please don't fill out this field.
  
  You seem to have CSS turned off. Please don't fill out this field.

Comment has been marked as spam.
Undo

View and moderate all "patches Discussion" comments posted by this user

Mark all as spam, and block user from posting to "Patches"

Anonymous - 2017-06-12

Could you please let me know if drivers listed https://sourceforge.net/projects/jtds/files/jtds/1.3.1/ under this is the correct patch for this bug. Because I have used drivers from above path, still I am unable to connect my JIRA with my MS SQL database

Could you please let me know if drivers listed https://sourceforge.net/projects/jtds/files/jtds/1.3.1/ under this is the correct patch for this bug. Because I have used drivers from above path, still I am unable to connect my JIRA with my MS SQL database

Add attachments
Cancel
You seem to have CSS turned off. Please don't fill out this field.

You seem to have CSS turned off. Please don't fill out this field.

New Attachment:

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
- Anonymous
  
  Add attachments
  Cancel
  You seem to have CSS turned off. Please don't fill out this field.
  
  You seem to have CSS turned off. Please don't fill out this field.
- Anonymous - 2019-02-05
  
  I am also having the same issue. I have used 1.3.1 user patched version and it worked fine, but the official release still has the issue.
  
  If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
  - Anonymous
    
    Add attachments
    Cancel
    You seem to have CSS turned off. Please don't fill out this field.
    
    You seem to have CSS turned off. Please don't fill out this field.

Anonymous - 2019-09-17

Is this fixed ?

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
- Anonymous
  
  Add attachments
  Cancel
  You seem to have CSS turned off. Please don't fill out this field.
  
  You seem to have CSS turned off. Please don't fill out this field.
- Nida - 2019-09-17
  
  I dont think anyone is actively working on the project. It did work
  for me when I manually built the project.
  
  Thanks,
  Nida
  
  On Tue, Sep 17, 2019 at 5:19 PM noreply@sourceforge.net wrote:
  
  Is this fixed ?
  
  [patches:#129] jTDS driver ssl connection hangs with JRE 1.8
  
  Status: closed
  Group: v1.3
  Created: Sun Oct 19, 2014 08:48 PM UTC by lkoniecki
  Last Updated: Tue Feb 05, 2019 05:34 AM UTC
  Owner: momo
  Attachments:
  
  TdsTlsOutputStream.diff (5.4 kB; application/octet-stream)
  
  Patch for https://sourceforge.net/p/jtds/bugs/725/
  
  See: https://sourceforge.net/p/jtds/bugs/725/#2dab:
  
  There is a problem with TdsTlsOutputStream implementation. Since Java 1.8 byte array passed to the write method contains 256 bytes of irrelevant data at the beginning. Off parameter is properly pointing at at the beginning of the relevant data but it is not being used by the OutputStream implementation.
  
  Patch for jtds-1.3.1 in attachment.
  
  It was tested against JRE 1.7.0_45 and 1.8.0_5. It works for TLSv1, TLS1.1 and TLS1.2 and for all Cipher Suites.
  
  One problem spotted: force client side to use TLSv1.2. If SQL Server supports only TLSv1 and client uses set of cipher suites that neither of them is supported by the server side IOException is being thrown. This occurs for jtds-1.3.1 before and after my modifications.
  
  trigger seeding of SecureRandom
  done seeding SecureRandom
  Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
  Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA
  Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
  Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
  Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
  Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
  Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
  Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
  Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
  Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
  Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256
  Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
  Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
  Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
  Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA
  Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
  Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
  Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
  Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
  Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA
  Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256
  Allow unsafe renegotiation: false
  Allow legacy hello messages: true
  Is initial handshake: true
  Is secure renegotiation: false
  SSLv3
  TLSv1
  TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
  TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
  TLS_RSA_WITH_AES_128_CBC_SHA
  TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
  TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
  TLS_DHE_RSA_WITH_AES_128_CBC_SHA
  TLS_DHE_DSS_WITH_AES_128_CBC_SHA
  TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
  TLS_ECDHE_RSA_WITH_RC4_128_SHA
  SSL_RSA_WITH_RC4_128_SHA
  TLS_ECDH_ECDSA_WITH_RC4_128_SHA
  TLS_ECDH_RSA_WITH_RC4_128_SHA
  TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
  TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
  SSL_RSA_WITH_3DES_EDE_CBC_SHA
  TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
  TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
  SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
  SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
  SSL_RSA_WITH_RC4_128_MD5
  TLS_EMPTY_RENEGOTIATION_INFO_SCSV
  %% No cached client session
  *** ClientHello, TLSv1.2
  RandomCookie: GMT: 1400058228 bytes = { 219, 87, 43, 211, 81, 215, 117, 228, 167, 4, 151, 65, 180, 10, 236, 190, 41, 118, 73, 140, 160, 41, 248, 31, 212, 170, 217, 74 }
  Session ID: {}
  Cipher Suites: [TLS_DHE_DSS_WITH_AES_128_CBC_SHA256]
  Compression Methods: { 0 }
  Extension signature_algorithms, signature_algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA224withECDSA, SHA224withRSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA, MD5withRSA
  Extension renegotiation_info, renegotiated_connection: <empty></empty>
  
  main, WRITE: TLSv1.2 Handshake, length = 82
  main, handling exception: java.io.IOException
  main, SEND TLSv1 ALERT: fatal, description = unexpected_message
  main, WRITE: TLSv1 Alert, length = 2
  main, called closeSocket()
  Cannot connect to database server
  java.sql.SQLException: Network error IOException: null
  at net.sourceforge.jtds.jdbc.JtdsConnection.<init>(JtdsConnection.java:437)
  at net.sourceforge.jtds.jdbc.Driver.connect(Driver.java:184)
  at java.sql.DriverManager.getConnection(DriverManager.java:571)
  at java.sql.DriverManager.getConnection(DriverManager.java:215)
  at Jtds.main(Jtds.java:32)
  Caused by: java.io.IOException
  at net.sourceforge.jtds.ssl.TdsTlsInputStream.readFully(TdsTlsInputStream.java:137)
  at net.sourceforge.jtds.ssl.TdsTlsInputStream.primeBuffer(TdsTlsInputStream.java:100)
  at net.sourceforge.jtds.ssl.TdsTlsInputStream.read(TdsTlsInputStream.java:78)
  at sun.security.ssl.InputRecord.readFully(InputRecord.java:442)
  at sun.security.ssl.InputRecord.read(InputRecord.java:480)
  at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:927)
  at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312)
  at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339)
  at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1323)
  at net.sourceforge.jtds.ssl.SocketFactories$TdsTlsSocketFactory.createSocket(SocketFactories.java:114)
  at net.sourceforge.jtds.jdbc.SharedSocket.enableEncryption(SharedSocket.java:331)
  at net.sourceforge.jtds.jdbc.TdsCore.negotiateSSL(TdsCore.java:577)
  at net.sourceforge.jtds.jdbc.JtdsConnection.<init>(JtdsConnection.java:365)
  ... 4 more
  </init></init>
  
  Sent from sourceforge.net because you indicated interest in https://sourceforge.net/p/jtds/patches/129/
  
  To unsubscribe from further messages, please visit https://sourceforge.net/auth/subscriptions/
  
  Related
  
  Patches: ~~#129~~
  
  If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
  - Anonymous
    
    Add attachments
    Cancel
    You seem to have CSS turned off. Please don't fill out this field.
    
    You seem to have CSS turned off. Please don't fill out this field.

jTDS driver ssl connection hangs with JRE 1.8

Group

Searches

Help

#129 jTDS driver ssl connection hangs with JRE 1.8

Related

Discussion

Related