Skip to content

Instantly share code, notes, and snippets.

@rraptorr rraptorr/NetHttp.java
Last active Oct 30, 2018

Embed
What would you like to do?
Java TLS 1.3 resumption bug
package btest;
import java.io.InputStreamReader;
import java.net.URL;
public class NetHttp {
private static void get(String u) {
try {
var url = new URL(u);
var conn = url.openConnection();
conn.connect();
try (var in = conn.getInputStream(); var in2 = new InputStreamReader(in)) {
var buf = new char[100];
while(true) {
int read = in2.read(buf);
if(read < 100) break;
}
System.out.println("ok");
}
} catch (Exception e) {
e.printStackTrace();
}
}
public static void main(String[] args) throws Exception {
get("https://www.google.com"); // get the crypto stuff initialized, seems to increase chances of the problem appearing
for (var i = 1; i <= 20; i++) {
var t = new Thread(() -> {
get("https://www.cloudflare.com");
});
t.start();
Thread.sleep(50);
}
}
}
@rraptorr

This comment has been minimized.

Copy link
Owner Author

commented Oct 30, 2018

Choosing a high ping (>100ms) server seems to make the bug appear more often. On Linux one can add 100ms delay to all packets with:

tc qdisc add dev eth0 root netem delay 100ms
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.