Home.... | log in.... | Pub my question! | Sign-up....
Java-index >> Core >> Core APIs

Networking - ssl socket closure server side

Hi All,

Just a quick query regarding socket(blocking) closure using ssl on the server side.

Thread 3 is writing to an SSL socket and got into a situation where the client has stop reading. hence once the tcp/ip write buffer fills up, Thread 3 blocks on the write.

I`m trying to close this socket hence, I have another thread (Thread 1) that is trying to close this socket if Thread 3 is blocked for too long. The stack trace below indicates that Thread 1 is trying to send a message to the client but since the write buffer is already full, thread 1 ends up getting blocked as well.( trying to send an ssl alert message)

Trying to do the same thing on the client side can be done using SSL overlay

(create a normal socket, overlay an SSL socket on top of this) close the normal socket does not block. (I`m not sure what the implication of this means in terms of the SSL protocol).

Any Ideas how this can be done on the server side?

Thank you

"Thread-3" prio=1 tid=0x09efd870 nid=0x109e runnable [0xb1c72000..0xb1c730b0]

at java.net.SocketOutputStream.socketWrite0(Native Method)

at java.net.SocketOutputStream.socketWrite(SocketOutputStream.java:92)

at java.net.SocketOutputStream.write(SocketOutputStream.java:136)

at com.sun.net.ssl.internal.ssl.OutputRecord.writeBuffer(OutputRecord.java:283)

at com.sun.net.ssl.internal.ssl.OutputRecord.write(OutputRecord.java:272)

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:666)

- locked <0x88be4240> (a java.lang.Object)

at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:59)

- locked <0x88be42d0> (a com.sun.net.ssl.internal.ssl.AppOutputStream)

at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)

"Thread-1" prio=1 tid=0x09eab1c8 nid=0x109c waiting for monitor entry [0xb1d86000..0xb1d86fb0]

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:662)

- waiting to lock <0x88be4240> (a java.lang.Object)

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.sendAlert(SSLSocketImpl.java:1622)

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.warning(SSLSocketImpl.java:1475)

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.closeInternal(SSLSocketImpl.java:1315)

- locked <0x88be4248> (a com.sun.net.ssl.internal.ssl.SSLSocketImpl)

- locked <0x88be8a78> (a java.lang.Object)

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.close(SSLSocketImpl.java:1219)

[2604 byte] By [tabbya] at [2007-11-26 23:15:56]
«« Java Programming - In IE7 CLSID In HTML File Not Working With 1.4 and 1.5 Plugins Installed
»» Sun Java System Messaging Server - Current Patch Level for 2005Q4
# 1

There's not much you can do if the client has stopped reading, except address that problem directly in the client code.

Closing the underlying socket directly without the SSL alert is a violation of the SSL protocol (truncation attack) and will cause an SSLException at the other end, also forced closure of that end's SSLSocket.

ejpa at 2007-7-10 14:16:02 > top of Java-index,Core,Core APIs...
# 2
Thank you for the reply.
tabbya at 2007-7-10 14:16:02 > top of Java-index,Core,Core APIs...
Core
Core APIs

Core New Topic

Core Hot Topic

Core

All Classified