Details
-
Type:
Bug
-
Status: Closed
-
Resolution: Fixed
-
Affects Version/s: None
-
Fix Version/s: None
-
Component/s: None
-
Labels:
Description
An attempt to establish an SSL connection to MariaDB server 5.1.60, 5.2.10, 5.3.2, 5.3.3 through MySQL Connector/J (5.1.18) fails with the exception below.
The same connection to MariaDB 5.2.9 and 5.3.1 works fine, as well as MySQL 5.1.60.
In maria-5.2 tree the problem appeared between revno 3050 and 3052 – 3050 works, 3052 does not.
Originally the problem was reported in AskMonty Knowledgebase (http://kb.askmonty.org/en/ssl-with-other-clients-than-the-original-mariadb-client)
com.mysql.jdbc.exceptions.jdbc4.CommunicationsException: Communications link failure
The last packet successfully received from the server was 1,400 milliseconds ago. The last packet sent successfully to the server was 1,355 milliseconds ago.
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:532)
at com.mysql.jdbc.Util.handleNewInstance(Util.java:411)
at com.mysql.jdbc.SQLError.createCommunicationsException(SQLError.java:1116)
at com.mysql.jdbc.ExportControlled.transformSocketToSSLSocket(ExportControlled.java:105)
at com.mysql.jdbc.MysqlIO.negotiateSSLConnection(MysqlIO.java:4664)
at com.mysql.jdbc.MysqlIO.doHandshake(MysqlIO.java:1354)
at com.mysql.jdbc.ConnectionImpl.coreConnect(ConnectionImpl.java:2336)
at com.mysql.jdbc.ConnectionImpl.connectOneTryOnly(ConnectionImpl.java:2369)
at com.mysql.jdbc.ConnectionImpl.createNewIO(ConnectionImpl.java:2153)
at com.mysql.jdbc.ConnectionImpl.<init>(ConnectionImpl.java:792)
at com.mysql.jdbc.JDBC4Connection.<init>(JDBC4Connection.java:47)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:532)
at com.mysql.jdbc.Util.handleNewInstance(Util.java:411)
at com.mysql.jdbc.ConnectionImpl.getInstance(ConnectionImpl.java:381)
at com.mysql.jdbc.NonRegisteringDriver.connect(NonRegisteringDriver.java:305)
at java.sql.DriverManager.getConnection(DriverManager.java:620)
at java.sql.DriverManager.getConnection(DriverManager.java:169)
at test.main(test.java:25)
Caused by: javax.net.ssl.SSLException: Unsupported record version Unknown-0.0
at sun.security.ssl.InputRecord.readV3Record(InputRecord.java:394)
at sun.security.ssl.InputRecord.read(InputRecord.java:376)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:850)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1190)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1217)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1201)
at com.mysql.jdbc.ExportControlled.transformSocketToSSLSocket(ExportControlled.java:90)
... 17 more
Below is the code of the java test to reproduce the failure. It is based on ConnectionRegressionTest.testBug25545 from Connector/J test suite. The same test (code, class, connector, test certificates) is attached to the bug. Extract the contents of the archive, start MariaSB server with the certificates from ssl_test/ssl-test-certs on port 3306, cd ssl_test, run '. ./run'.
- Java test:
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.Properties;
public class test
{
public static void main (String argv[])
{
String dbUrl = "jdbc:mysql:///test";
String trustStorePath = "ssl-test-certs/test-cert-store";
System.setProperty("javax.net.ssl.keyStore", trustStorePath);
System.setProperty("javax.net.ssl.keyStorePassword", "password");
System.setProperty("javax.net.ssl.trustStore", trustStorePath);
System.setProperty("javax.net.ssl.trustStorePassword", "password");
Connection sslConn = null;
try {
Properties props = new Properties();
props.setProperty("useSSL", "true");
props.setProperty("requireSSL", "true");
sslConn = DriverManager.getConnection(dbUrl, props);
ResultSet valueRs = sslConn.createStatement().executeQuery("SELECT CONNECTION_ID()");
if (!valueRs.next())
String conId = valueRs.getObject(1).toString();
System.out.println("Established connection " + conId + "\n" );
}
catch (Exception e)
}
}
- End of java test
Gliffy Diagrams
Attachments
Activity
- All
- Comments
- Work Log
- History
- Activity
- Transitions
Re: SSL connection through MySQL Connector/J fails with javax.net.ssl.SSLException: Unsupported record version Unknown-0.0
Re: SSL connection through MySQL Connector/J fails with javax.net.ssl.SSLException: Unsupported record version Unknown-0.0
Also filed in JIRA as MDEV-140
Launchpad bug id: 930145
ssl_test.tar.gz
LPexportBug930145_ssl_test.tar.gz