JDK-6384541 : improve error handling when faced with protocol errors
  • Type: Bug
  • Component: security-libs
  • Sub-Component: javax.net.ssl
  • Affected Version: 7
  • Priority: P4
  • Status: Resolved
  • Resolution: Fixed
  • OS: solaris
  • CPU: sparc
  • Submitted: 2006-02-11
  • Updated: 2015-03-12
  • Resolved: 2006-04-14
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
Other Other JDK 6
5.0u85Fixed 5.0u91Fixed 6 b81Fixed
Refer to bug 6378568 which describes a Java client connecting to a server which, turns out, has an incomplete/incorrect implementation of certain ciphersuites (see Comment#4 in 6378568).

While the main problem is on the non-Java server side, JSSE should not crash with a NPE as shown in the exception trace. Instead it should handle the protocol error in some graceful way, such as throwing an exception which describes the situation in english so customers can diagnose what happened.

javax.net.ssl.SSLException: java.lang.NullPointerException
       at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:166)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1476)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1443)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1426)
       at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:64)
       at java.io.OutputStream.write(OutputStream.java:58)
       at RunCompression.runTests(RunCompression.java:128)
       at RunCompression.main(RunCompression.java:265)
Caused by: java.lang.NullPointerException
       at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverHelloDone(ClientHandshaker.java:532)
       at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:160)
       at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:495)
       at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:433)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:815)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1025)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:619)
       at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:59)
       ... 3 more

EVALUATION The error message should be improved, but note that JSSE does not throw a NullPointerException but an SSLException. This is the expected behavior.