Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Done
Priority: Blocker
Component/s: Security
Labels:
- jdk11

Steps to Reproduce:
Hide

Build WildFly with necessary components containing this feature:
https://github.com/fjuma/wildfly-elytron/tree/ELY-1706
https://github.com/undertow-io/undertow/tree/2.0.17.Final
https://github.com/fjuma/wildfly-core/tree/WFCORE-4172
https://github.com/wildfly/wildfly/commit/4583669

Configure server-ssl-context allowing TLSv1.3

connect /subsystem=elytron/key-store=tls13:add(path=keystore.jks,relative-to=jboss.server.config.dir,credential-reference={clear-text=secret},type=JKS) /subsystem=elytron/key-store=tls13:generate-key-pair(alias=localhost,algorithm=RSA,key-size=1024,validity=365,credential-reference={clear-text=secret},distinguished-name="CN=localhost") /subsystem=elytron/key-store=tls13:store() /subsystem=elytron/key-manager=tls13:add(key-store=tls13,credential-reference={clear-text=secret}) /subsystem=elytron/server-ssl-context=tls13:add(key-manager=tls13,protocols=["TLSv1.3"]) batch /subsystem=undertow/server=default-server/https-listener=https:undefine-attribute(name=security-realm) /subsystem=undertow/server=default-server/https-listener=https:write-attribute(name=ssl-context,value=tls13) run-batch reload

Send request to localhost

while [ True ]; do curl --verbose --insecure --tlsv1.3 --http2 https://localhost:8443; sleep 1; done

Wait for the server to get stuck
Show
Build WildFly with necessary components containing this feature: https://github.com/fjuma/wildfly-elytron/tree/ELY-1706 https://github.com/undertow-io/undertow/tree/2.0.17.Final https://github.com/fjuma/wildfly-core/tree/WFCORE-4172 https://github.com/wildfly/wildfly/commit/4583669 Configure server-ssl-context allowing TLSv1.3 connect /subsystem=elytron/key-store=tls13:add(path=keystore.jks,relative-to=jboss.server.config.dir,credential-reference={clear-text=secret},type=JKS) /subsystem=elytron/key-store=tls13:generate-key-pair(alias=localhost,algorithm=RSA,key-size=1024,validity=365,credential-reference={clear-text=secret},distinguished-name= "CN=localhost" ) /subsystem=elytron/key-store=tls13:store() /subsystem=elytron/key-manager=tls13:add(key-store=tls13,credential-reference={clear-text=secret}) /subsystem=elytron/server-ssl-context=tls13:add(key-manager=tls13,protocols=[ "TLSv1.3" ]) batch /subsystem=undertow/server= default -server/https-listener=https:undefine-attribute(name=security-realm) /subsystem=undertow/server= default -server/https-listener=https:write-attribute(name=ssl-context,value=tls13) run-batch reload Send request to localhost while [ True ]; do curl --verbose --insecure --tlsv1.3 --http2 https: //localhost:8443; sleep 1; done Wait for the server to get stuck

Description

WildFly gets stuck with when using TLSv1.3. The process starts to heavily use the processor and cannot be stopped by simple SIGINT(Ctrl+C). The issue needs further investigation as no apparent reason for it being stuck.

One possibility is mentioned in the comments for ~~UNDERTOW-1493~~ is JDK-8208526.

Attachments

Issue Links

is related to

UNDERTOW-1493 Infinite loop in io.undertow.protocols.ssl.SslConduit

Resolved

JDK-8208526 Loading...

Activity

People

Assignee:: Farah Juma

Reporter:: Adam Krajcik

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 2019/03/06 7:22 AM

Updated:: 2023/03/16 3:39 AM

Resolved:: 2019/04/15 8:26 AM