From: Jeanfrancois Arcand <Jeanfrancois.Arcand_at_Sun.COM>
Date: Tue, 21 Oct 2008 10:05:59 -0700

Salut,

Matthieu Fillon wrote:
> Hello Grizzly people!
>
> I'm trying to use SSL with a Grizzly socket server and I'm having problems.
> The application was working fine with simple TCP Socket connection.
> To activate SSL, I simply used a SSLSelectorHandler instead of TCPSH and
> added an SSLReadFilter to the protocol chain at the first position,
> which I configured using an SSLConfig.
>
> I get an error during the handshake :
>
> com.sun.grizzly.util.SSLUtils doHandshake
> FIN: closeInbound
> javax.net.ssl.SSLException: Inbound closed before receiving peer's
> close_notify: possible truncation attack?
> at
> com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:166)
> at
> com.sun.net.ssl.internal.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1356)
> at
> com.sun.net.ssl.internal.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1324)
> at
> com.sun.net.ssl.internal.ssl.SSLEngineImpl.closeInbound(SSLEngineImpl.java:1263)
> at com.sun.grizzly.util.SSLUtils.doHandshake(SSLUtils.java:413)
> at com.sun.grizzly.util.SSLUtils.doHandshake(SSLUtils.java:377)
> at
> com.sun.grizzly.filter.SSLReadFilter.doHandshake(SSLReadFilter.java:276)
> at
> com.sun.grizzly.filter.SSLReadFilter.execute(SSLReadFilter.java:154)
> at
> com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137)
> at
> com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104)
> at
> com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90)
> at
> com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:67)
> at
> com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:56)
> at
> com.sun.grizzly.util.WorkerThreadImpl.run(WorkerThreadImpl.java:169)
> 21 oct. 2008 15:20:13 com.sun.grizzly.filter.SSLReadFilter log
> FIN: doHandshake
> java.io.EOFException: Connection closed
> at com.sun.grizzly.util.SSLUtils.doHandshake(SSLUtils.java:420)
> at com.sun.grizzly.util.SSLUtils.doHandshake(SSLUtils.java:377)
> at
> com.sun.grizzly.filter.SSLReadFilter.doHandshake(SSLReadFilter.java:276)
> at
> com.sun.grizzly.filter.SSLReadFilter.execute(SSLReadFilter.java:154)
> at
> com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137)
> at
> com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104)
> at
> com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90)
> at
> com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:67)
> at
> com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:56)
> at
> com.sun.grizzly.util.WorkerThreadImpl.run(WorkerThreadImpl.java:169)
>
> The connecting client is a Flash application.
> Could you tell me what I did wrong?

Hum looks like the issue is with the client. The exception really means
that the client closed the connection before the server completed the
handshake operation. How do you configure the SSLReadFilter? As an
example, you can take a look at:

https://grizzly.dev.java.net/nonav/xref-test/com/sun/grizzly/SSLConnectionTest.html

and see if configuring your server using some hint there helps? Or if
you can drop a test case to reproduce it, I can take a look.

Thanks!

-- Jeanfrancois


>
> Thanks,
> Matthieu