Last active
October 30, 2018 12:26
-
-
Save rraptorr/e9c20fbdac6cd5dea8481283bb058d15 to your computer and use it in GitHub Desktop.
Java TLS 1.3 resumption bug
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package btest; | |
| import java.io.InputStreamReader; | |
| import java.net.URL; | |
| public class NetHttp { | |
| private static void get(String u) { | |
| try { | |
| var url = new URL(u); | |
| var conn = url.openConnection(); | |
| conn.connect(); | |
| try (var in = conn.getInputStream(); var in2 = new InputStreamReader(in)) { | |
| var buf = new char[100]; | |
| while(true) { | |
| int read = in2.read(buf); | |
| if(read < 100) break; | |
| } | |
| System.out.println("ok"); | |
| } | |
| } catch (Exception e) { | |
| e.printStackTrace(); | |
| } | |
| } | |
| public static void main(String[] args) throws Exception { | |
| get("https://www.google.com"); // get the crypto stuff initialized, seems to increase chances of the problem appearing | |
| for (var i = 1; i <= 20; i++) { | |
| var t = new Thread(() -> { | |
| get("https://www.cloudflare.com"); | |
| }); | |
| t.start(); | |
| Thread.sleep(50); | |
| } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Choosing a high ping (>100ms) server seems to make the bug appear more often. On Linux one can add 100ms delay to all packets with: