Uploaded image for project: 'JBoss Enterprise Application Platform 4 and 5'
  1. JBoss Enterprise Application Platform 4 and 5
  2. JBPAPP-5293

ConcurrentModificationException in HandshakeCompletedNotify-Thread

    XMLWordPrintable

    Details

    • Type: Task
    • Status: Closed (View Workflow)
    • Priority: Critical
    • Resolution: Done
    • Affects Version/s: None
    • Fix Version/s: EAP_EWP 5.1.1
    • Component/s: Web
    • Labels:
      None
    • Environment:

      EAP unzipped, noauth
      RHEL 6 32 bit - stacks4.mw...

    • Affects:
      Release Notes
    • Patch Instructions:
      Hide
      SHORT DESCRIPTION:
              Fix ConcurrentModificationException in HandshakeCompletedNotify-Thread.
      LONG DESCRIPTION:
              Patch to fix ConcurrentModificationException in HandshakeCompletedNotify-Thread.
      MANUAL INSTALL INSTRUCTIONS:
              Replace the existing %JBOSS_HOME%/server/%JBOSSCONF%/deploy/jbossweb.sar/jbossweb.jar with the new jbossweb.jar
      COMPATIBILITY:
             5.1.0.GA
      SUPERSEDES:
              N/A
      CREATOR:
              Jean-Frederic Clere
      DATE:
              1-December-2010
      Show
      SHORT DESCRIPTION:         Fix ConcurrentModificationException in HandshakeCompletedNotify-Thread. LONG DESCRIPTION:         Patch to fix ConcurrentModificationException in HandshakeCompletedNotify-Thread. MANUAL INSTALL INSTRUCTIONS:         Replace the existing %JBOSS_HOME%/server/%JBOSSCONF%/deploy/jbossweb.sar/jbossweb.jar with the new jbossweb.jar COMPATIBILITY:        5.1.0.GA SUPERSEDES:         N/A CREATOR:         Jean-Frederic Clere DATE:         1-December-2010
    • Release Notes Text:
      Hide
      The HTTPS connector used <function>addHandshakeCompletedListener()</function> to verify a SSL handshake was successfully negotiated between the connector and listener.
      <function>addHandshakeCompletedListener()</function> added the listener after the notification thread started running, which required SSL handshake renegotiation.
      <function>setEnabledCipherSuites(new String[0])</function> is now used to verify SSL Handshake negotiations, which fixes the issue.
      This issue was introduced by a fix for CVE-2009-3555.
      Show
      The HTTPS connector used <function>addHandshakeCompletedListener()</function> to verify a SSL handshake was successfully negotiated between the connector and listener. <function>addHandshakeCompletedListener()</function> added the listener after the notification thread started running, which required SSL handshake renegotiation. <function>setEnabledCipherSuites(new String[0])</function> is now used to verify SSL Handshake negotiations, which fixes the issue. This issue was introduced by a fix for CVE-2009-3555.
    • Release Notes Docs Status:
      Documented as Resolved Issue
    • Docs QE Status:
      ON_QA

      Description

      STR:

      1) Unzip and run EAP
      2) Follow https://tcms.engineering.redhat.com/case/46252/?from_plan=2296
      3) Go to https://localhost:8443/rt/controller?action=viewCarList
      4) Do repeated requests (holding F5 is fast enough) until you see the stacktrace below.

      14:05:46,987 ERROR [STDERR] Exception in thread "HandshakeCompletedNotify-Thread"
      14:05:46,988 ERROR [STDERR] java.util.ConcurrentModificationException
      14:05:46,989 ERROR [STDERR] at java.util.HashMap$HashIterator.nextEntry(HashMap.java:793)
      14:05:46,989 ERROR [STDERR] at java.util.HashMap$EntryIterator.next(HashMap.java:834)
      14:05:46,989 ERROR [STDERR] at java.util.HashMap$EntryIterator.next(HashMap.java:832)
      14:05:46,989 ERROR [STDERR] at com.sun.net.ssl.internal.ssl.SSLSocketImpl$NotifyHandshakeThread.run(SSLSocketImpl.java:2188)

      ---------------------------------------------------------------------------------------------------------------------------
      For the case the test case would disappear from TCMS, here are the instructions.

      stop EAP
      configure HTTPS connector
      copy resources/localhost.keystore to ${jboss.server.home.dir}/conf
      edit deploy/jboss-web.deployer/server.xml:
      
            <Connector port="8443" address="${jboss.bind.address}"
                 maxThreads="100" minSpareThreads="5" maxSpareThreads="15"
                 scheme="https" secure="true" clientAuth="false"  SSLEnabled="true"
                 truststoreFile="${jboss.server.home.dir}/conf/localhost.keystore"
                 truststorePass="unit-tests-server"
                 keystoreFile="${jboss.server.home.dir}/conf/localhost.keystore"
                 keystorePass="unit-tests-server" sslProtocol = "TLS" />
       
      
      deploy lib/rt.war
      mkdir ${jboss.server.home.dir}/log/rt
      touch ${jboss.server.home.dir}/log/rt/rt_rt.log
      

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  ozizka Ondrej Zizka
                  Reporter:
                  ozizka Ondrej Zizka
                  Writer:
                  Misty Stanley-Jones
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  9 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: