javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack?

JIRA | Daryl Herzmann | 12 months ago
  1. 0

    My server (weather.im) happily federates with talkonaut.com with Openfire 3.10.3. The beta of Openfire 4.0 fails to federate, here's the trace logged. {code} 2015.12.16 07:35:47 WARN [Server SR - 963581603] org.jivesoftware.openfire.server.ServerDialback - Error verifying key of remote server: talkonaut.com javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack? at sun.security.ssl.Alerts.getSSLException(Alerts.java:208) at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1666) at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1634) at sun.security.ssl.SSLEngineImpl.closeInbound(SSLEngineImpl.java:1561) at org.jivesoftware.openfire.net.TLSStreamHandler.doHandshake(TLSStreamHandler.java:222) at org.jivesoftware.openfire.net.TLSStreamHandler.start(TLSStreamHandler.java:177) at org.jivesoftware.openfire.server.ServerDialback.sendVerifyKey(ServerDialback.java:693) at org.jivesoftware.openfire.server.ServerDialback.verifyKey(ServerDialback.java:801) at org.jivesoftware.openfire.server.ServerDialback.validateRemoteDomain(ServerDialback.java:593) at org.jivesoftware.openfire.session.LocalIncomingServerSession.validateSubsequentDomain(LocalIncomingServerSession.java:248) at org.jivesoftware.openfire.net.ServerSocketReader.processUnknowPacket(ServerSocketReader.java:143) at org.jivesoftware.openfire.net.SocketReader.process(SocketReader.java:235) at org.jivesoftware.openfire.net.BlockingReadingMode.readStream(BlockingReadingMode.java:168) at org.jivesoftware.openfire.net.BlockingReadingMode.run(BlockingReadingMode.java:76) at org.jivesoftware.openfire.net.SocketReader.run(SocketReader.java:138) at java.lang.Thread.run(Thread.java:745) {code} My 3.10.3 instance reports that the outbound connect is unsecured dialback authentication and the inbound connection is secure.

    Jive Software Open Source | 12 months ago | Daryl Herzmann
    javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack?
  2. 0

    My server (weather.im) happily federates with talkonaut.com with Openfire 3.10.3. The beta of Openfire 4.0 fails to federate, here's the trace logged. {code} 2015.12.16 07:35:47 WARN [Server SR - 963581603] org.jivesoftware.openfire.server.ServerDialback - Error verifying key of remote server: talkonaut.com javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack? at sun.security.ssl.Alerts.getSSLException(Alerts.java:208) at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1666) at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1634) at sun.security.ssl.SSLEngineImpl.closeInbound(SSLEngineImpl.java:1561) at org.jivesoftware.openfire.net.TLSStreamHandler.doHandshake(TLSStreamHandler.java:222) at org.jivesoftware.openfire.net.TLSStreamHandler.start(TLSStreamHandler.java:177) at org.jivesoftware.openfire.server.ServerDialback.sendVerifyKey(ServerDialback.java:693) at org.jivesoftware.openfire.server.ServerDialback.verifyKey(ServerDialback.java:801) at org.jivesoftware.openfire.server.ServerDialback.validateRemoteDomain(ServerDialback.java:593) at org.jivesoftware.openfire.session.LocalIncomingServerSession.validateSubsequentDomain(LocalIncomingServerSession.java:248) at org.jivesoftware.openfire.net.ServerSocketReader.processUnknowPacket(ServerSocketReader.java:143) at org.jivesoftware.openfire.net.SocketReader.process(SocketReader.java:235) at org.jivesoftware.openfire.net.BlockingReadingMode.readStream(BlockingReadingMode.java:168) at org.jivesoftware.openfire.net.BlockingReadingMode.run(BlockingReadingMode.java:76) at org.jivesoftware.openfire.net.SocketReader.run(SocketReader.java:138) at java.lang.Thread.run(Thread.java:745) {code} My 3.10.3 instance reports that the outbound connect is unsecured dialback authentication and the inbound connection is secure.

    JIRA | 12 months ago | Daryl Herzmann
    javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack?
  3. 0

    My server (weather.im) happily federates with talkonaut.com with Openfire 3.10.3. The beta of Openfire 4.0 fails to federate, here's the trace logged. {code} 2015.12.16 07:35:47 WARN [Server SR - 963581603] org.jivesoftware.openfire.server.ServerDialback - Error verifying key of remote server: talkonaut.com javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack? at sun.security.ssl.Alerts.getSSLException(Alerts.java:208) at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1666) at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1634) at sun.security.ssl.SSLEngineImpl.closeInbound(SSLEngineImpl.java:1561) at org.jivesoftware.openfire.net.TLSStreamHandler.doHandshake(TLSStreamHandler.java:222) at org.jivesoftware.openfire.net.TLSStreamHandler.start(TLSStreamHandler.java:177) at org.jivesoftware.openfire.server.ServerDialback.sendVerifyKey(ServerDialback.java:693) at org.jivesoftware.openfire.server.ServerDialback.verifyKey(ServerDialback.java:801) at org.jivesoftware.openfire.server.ServerDialback.validateRemoteDomain(ServerDialback.java:593) at org.jivesoftware.openfire.session.LocalIncomingServerSession.validateSubsequentDomain(LocalIncomingServerSession.java:248) at org.jivesoftware.openfire.net.ServerSocketReader.processUnknowPacket(ServerSocketReader.java:143) at org.jivesoftware.openfire.net.SocketReader.process(SocketReader.java:235) at org.jivesoftware.openfire.net.BlockingReadingMode.readStream(BlockingReadingMode.java:168) at org.jivesoftware.openfire.net.BlockingReadingMode.run(BlockingReadingMode.java:76) at org.jivesoftware.openfire.net.SocketReader.run(SocketReader.java:138) at java.lang.Thread.run(Thread.java:745) {code} My 3.10.3 instance reports that the outbound connect is unsecured dialback authentication and the inbound connection is secure.

    Jive Software Open Source | 12 months ago | Daryl Herzmann
    javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack?
  4. Speed up your debug routine!

    Automated exception search integrated into your IDE

  5. 0

    SSL issue when closing connections

    GitHub | 7 months ago | JMVM
    javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack?
  6. 0

    GitHub comment 142#225909336

    GitHub | 6 months ago | timkrause
    javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack?

  1. nasimk 961 times, last 5 months ago
4 unregistered visitors
Not finding the right solution?
Take a tour to get the most out of Samebug.

Tired of useless tips?

Automated exception search integrated into your IDE

Root Cause Analysis

  1. javax.net.ssl.SSLException

    Inbound closed before receiving peer's close_notify: possible truncation attack?

    at sun.security.ssl.Alerts.getSSLException()
  2. Java JSSE
    SSLEngineImpl.closeInbound
    1. sun.security.ssl.Alerts.getSSLException(Alerts.java:208)
    2. sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1666)
    3. sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1634)
    4. sun.security.ssl.SSLEngineImpl.closeInbound(SSLEngineImpl.java:1561)
    4 frames
  3. org.jivesoftware.openfire
    SocketReader.run
    1. org.jivesoftware.openfire.net.TLSStreamHandler.doHandshake(TLSStreamHandler.java:222)
    2. org.jivesoftware.openfire.net.TLSStreamHandler.start(TLSStreamHandler.java:177)
    3. org.jivesoftware.openfire.server.ServerDialback.sendVerifyKey(ServerDialback.java:693)
    4. org.jivesoftware.openfire.server.ServerDialback.verifyKey(ServerDialback.java:801)
    5. org.jivesoftware.openfire.server.ServerDialback.validateRemoteDomain(ServerDialback.java:593)
    6. org.jivesoftware.openfire.session.LocalIncomingServerSession.validateSubsequentDomain(LocalIncomingServerSession.java:248)
    7. org.jivesoftware.openfire.net.ServerSocketReader.processUnknowPacket(ServerSocketReader.java:143)
    8. org.jivesoftware.openfire.net.SocketReader.process(SocketReader.java:235)
    9. org.jivesoftware.openfire.net.BlockingReadingMode.readStream(BlockingReadingMode.java:168)
    10. org.jivesoftware.openfire.net.BlockingReadingMode.run(BlockingReadingMode.java:76)
    11. org.jivesoftware.openfire.net.SocketReader.run(SocketReader.java:138)
    11 frames
  4. Java RT
    Thread.run
    1. java.lang.Thread.run(Thread.java:745)
    1 frame