[xSocket-develop] xSocket 2.8.15 & SSL/TLS with Java 6
Status: Inactive
Brought to you by:
grro
Menu
▾
▴
[xSocket-develop] xSocket 2.8.15 & SSL/TLS with Java 6
|
From: Cyril W. <cwa...@ax...> - 2011-02-03 09:25:11
|
Hello,
I'd like to know if xSocket is compatible with Java 6. I've been using
xSocket 2.5 with Java 1.5 for quite a while and I'd like first of all to
thank the community for that.
However, I have issues with Java6. I'm not completely sure if that's related
to Java 6 but here is the deal.
I instantiate a Server using the following code snippet:
SSLContext context = SSLContext.getInstance("TLS");
// Initialize custom keyManagers and trustManagers here.
context.init(keyManagers, trustManagers, new SecureRandom());
IServer server = new Server(port, new ASN1Handler(), context, true);
server.start();
No matter what I do, I get the following error message in the log file when
a client tries to connect.
2011-02-02 18:53:29,294 - [xDispatcherSrv7101#0] INFO
(SystemUtil.print:205) - Compression Methods: {
2011-02-02 18:53:29,294 - [xDispatcherSrv7101#0] INFO
(SystemUtil.println:210) - }
2011-02-02 18:53:29,294 - [xDispatcherSrv7101#0] INFO
(SystemUtil.println:210) - ***
2011-02-02 18:53:29,295 - [xDispatcherSrv7101#0] INFO
(SystemUtil.println:210) - xDispatcherSrv7101#0, fatal error: 40: no cipher
suites in common
javax.net.ssl.SSLHandshakeException: no cipher suites in common
2011-02-02 18:53:29,295 - [xDispatcherSrv7101#0] INFO
(SystemUtil.print:205) - xDispatcherSrv7101#0
2011-02-02 18:53:29,295 - [xDispatcherSrv7101#0] INFO
(SystemUtil.print:205) - , SEND TLSv1 ALERT:
2011-02-02 18:53:29,296 - [xDispatcherSrv7101#0] INFO
(SystemUtil.print:205) - fatal,
2011-02-02 18:53:29,296 - [xDispatcherSrv7101#0] INFO
(SystemUtil.println:210) - description = handshake_failure
2011-02-02 18:53:29,296 - [xDispatcherSrv7101#0] INFO
(SystemUtil.println:210) - xDispatcherSrv7101#0, WRITE: TLSv1 Alert, length
= 2
2011-02-02 18:53:29,297 - [xDispatcherSrv7101#0] INFO
(SystemUtil.println:210) - xDispatcherSrv7101#0, fatal: engine already
closed. Rethrowing javax.net.ssl.SSLHandshakeException: no cipher suites in
common
2011-02-02 18:53:29,575 - [xWorkerPool-1-thread-2] INFO
(SystemUtil.println:210) - [Raw write]: length = 7
2011-02-02 18:53:33,226 - [HeartbeatUpdater] DEBUG
(HeartbeatUpdater.updateHeartbeat:82) - Updating heartbeat
2011-02-02 18:53:33,227 - [xServer:7101] INFO (SystemUtil.println:210) -
xServer:7101, fatal: engine already closed. Rethrowing
javax.net.ssl.SSLException: SSLEngine is closing/closed
2011-02-02 18:53:33,231 - [xServer:7101] WARN (IoAcceptor.publish:18) -
(org.xsocket.connection.IoAcceptor.accept) - error occured while accepting
connection: java.lang.RuntimeException: javax.net.ssl.SSLException:
SSLEngine is closing/closed
at org.xsocket.connection.IoSSLProcessor.start(IoSSLProcessor.java:161)
at org.xsocket.connection.IoSSLHandler.startSSL(IoSSLHandler.java:155)
at org.xsocket.connection.IoSSLHandler.init(IoSSLHandler.java:95)
at
org.xsocket.connection.NonBlockingConnection.init(NonBlockingConnection.java
:1049)
at
org.xsocket.connection.NonBlockingConnection.init(NonBlockingConnection.java
:1043)
at org.xsocket.connection.Server$LifeCycleHandler.init(Server.java:1191)
at
org.xsocket.connection.Server$LifeCycleHandler.onConnectionAccepted(Server.j
ava:1171)
at org.xsocket.connection.IoAcceptor.accept(IoAcceptor.java:223)
at org.xsocket.connection.IoAcceptor.listen(IoAcceptor.java:206)
at org.xsocket.connection.Server.run(Server.java:603)
at java.lang.Thread.run(Thread.java:680)
Caused by: javax.net.ssl.SSLException: SSLEngine is closing/closed
at
com.sun.net.ssl.internal.ssl.SSLEngineImpl.kickstartHandshake(SSLEngineImpl.
java:656)
at
com.sun.net.ssl.internal.ssl.SSLEngineImpl.beginHandshake(SSLEngineImpl.java
:689)
at org.xsocket.connection.IoSSLProcessor.start(IoSSLProcessor.java:159)
... 10 more
I spent some time monkeying in debug mode to make sure that client and
server have indeed a common cipher suite. I also tried overriding the cipher
suite in IoSSLProcessor by setting the SystemProperty
"org.xsocket.connection.server.ssl.sslengine.enabledCipherSuites" but
without any luck.
Whatever I do, my custom X509ExtendedKeyManager is never called for the
server certificate and private key.
I tracked it down to IoSSLProcessor:start:159 where it calls
sslEngine.beginHandshake(). That sslEngine is retrieved from the sslContext
provided above. The sslEngine is the Sun sslEngineImpl which unfortunately I
don't have the sources to go further.
The exact same code was working just fine with Java 5 and xSocket 2.5. I
obviously tried the combination xSocket 2.5 and Java 6 first and since that
didn't work, I upgraded to the latest version, hoping that this may have
been fixed.
I'm running out of ideas now so I'm turning to you guys. Did you guys
encounter any compatibility issue with Java 6 or better did you guys run
into the same issue?
Thanks.
Best regards,
Cyril Wattebled
|
