JDK-7065972 : Some race condition may happen in SSLSocketImpl class
  • Type: Bug
  • Component: security-libs
  • Sub-Component: javax.net.ssl
  • Affected Version: 6u23,7
  • Priority: P3
  • Status: Closed
  • Resolution: Fixed
  • OS: windows_xp,windows_7
  • CPU: x86
  • Submitted: 2011-07-12
  • Updated: 2013-10-29
  • Resolved: 2011-08-16
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 6 JDK 7 JDK 8
6u60Fixed 7u2Fixed 8 b01Fixed
Related Reports
Relates :  
Description
During SSL and client authentication network communication, there is a race condition may happen, the exception are looking like this:

Exception in thread "HandshakeCompletedNotify-Thread" java.util.ConcurrentModificationException
	at java.util.HashMap$HashIterator.nextEntry(Unknown Source)
	at java.util.HashMap$EntryIterator.next(Unknown Source)
	at java.util.HashMap$EntryIterator.next(Unknown Source)
	at com.sun.net.ssl.internal.ssl.SSLSocketImpl$NotifyHandshakeThread.run(Unknown Source)

This is a partial fix for bug 7060523, which will only apply to JDK repository.

Comments
noreg-hard. There is no regression test available to verify this. Marking this as verified based on comments in the bug
29-10-2013

We should be able to use the test results from testcase: http://129.148.174.102:8000/dennis/bug/dolphin/6.0update/6357710/unitTest.html (deployment test JDK-6357710). But I am not able to locate the results for jdk 8 in aurora. Written to dennis/jitender for pointers
20-06-2013

EVALUATION This is a regression of CR 6357710. Need a fix in both deploy and JDK code. Deploy team also filled a CR (7060523) for the issue. SQE has approved to defer CR 7060523 for JDK7. Note that this should be a partial fix for bug 7060523, which will only apply to JDK repository. Deploy code will address the issue in CR 7060523 separately. The problem in applet exists since 6u23, not a showstopper for 7. The problem will only happen when the applet request TLS handshaking/renegotiation very frequently. No wide scope impact. No impact on normal JSSE/HTTPS applications except the Java plugin. The issue in JSSE has been there since the SSLSocketImpl.java was created.
12-07-2011