[MDEV-2440] LP:930145 - SSL connection through MySQL Connector/J fails with javax.net.ssl.SSLException: Unsupported record version Unknown-0.0 Created: 2012-02-10  Updated: 2015-02-02  Resolved: 2012-10-04

Status: Closed
Project: MariaDB Server
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Bug
Reporter: Elena Stepanova Assignee: Vladislav Vaintroub
Resolution: Fixed Votes: 0
Labels: Launchpad

Attachments: XML File LPexportBug930145.xml     File LPexportBug930145_ssl_test.tar.gz    

 Description   

An attempt to establish an SSL connection to MariaDB server 5.1.60, 5.2.10, 5.3.2, 5.3.3 through MySQL Connector/J (5.1.18) fails with the exception below.
The same connection to MariaDB 5.2.9 and 5.3.1 works fine, as well as MySQL 5.1.60.
In maria-5.2 tree the problem appeared between revno 3050 and 3052 – 3050 works, 3052 does not.

Originally the problem was reported in AskMonty Knowledgebase (http://kb.askmonty.org/en/ssl-with-other-clients-than-the-original-mariadb-client)

com.mysql.jdbc.exceptions.jdbc4.CommunicationsException: Communications link failure

The last packet successfully received from the server was 1,400 milliseconds ago. The last packet sent successfully to the server was 1,355 milliseconds ago.
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:532)
at com.mysql.jdbc.Util.handleNewInstance(Util.java:411)
at com.mysql.jdbc.SQLError.createCommunicationsException(SQLError.java:1116)
at com.mysql.jdbc.ExportControlled.transformSocketToSSLSocket(ExportControlled.java:105)
at com.mysql.jdbc.MysqlIO.negotiateSSLConnection(MysqlIO.java:4664)
at com.mysql.jdbc.MysqlIO.doHandshake(MysqlIO.java:1354)
at com.mysql.jdbc.ConnectionImpl.coreConnect(ConnectionImpl.java:2336)
at com.mysql.jdbc.ConnectionImpl.connectOneTryOnly(ConnectionImpl.java:2369)
at com.mysql.jdbc.ConnectionImpl.createNewIO(ConnectionImpl.java:2153)
at com.mysql.jdbc.ConnectionImpl.<init>(ConnectionImpl.java:792)
at com.mysql.jdbc.JDBC4Connection.<init>(JDBC4Connection.java:47)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:532)
at com.mysql.jdbc.Util.handleNewInstance(Util.java:411)
at com.mysql.jdbc.ConnectionImpl.getInstance(ConnectionImpl.java:381)
at com.mysql.jdbc.NonRegisteringDriver.connect(NonRegisteringDriver.java:305)
at java.sql.DriverManager.getConnection(DriverManager.java:620)
at java.sql.DriverManager.getConnection(DriverManager.java:169)
at test.main(test.java:25)
Caused by: javax.net.ssl.SSLException: Unsupported record version Unknown-0.0
at sun.security.ssl.InputRecord.readV3Record(InputRecord.java:394)
at sun.security.ssl.InputRecord.read(InputRecord.java:376)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:850)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1190)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1217)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1201)
at com.mysql.jdbc.ExportControlled.transformSocketToSSLSocket(ExportControlled.java:90)
... 17 more

Below is the code of the java test to reproduce the failure. It is based on ConnectionRegressionTest.testBug25545 from Connector/J test suite. The same test (code, class, connector, test certificates) is attached to the bug. Extract the contents of the archive, start MariaSB server with the certificates from ssl_test/ssl-test-certs on port 3306, cd ssl_test, run '. ./run'.

  1. Java test:

import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.Properties;

public class test
{
public static void main (String argv[])
{
String dbUrl = "jdbc:mysql:///test";
String trustStorePath = "ssl-test-certs/test-cert-store";

System.setProperty("javax.net.ssl.keyStore", trustStorePath);
System.setProperty("javax.net.ssl.keyStorePassword", "password");
System.setProperty("javax.net.ssl.trustStore", trustStorePath);
System.setProperty("javax.net.ssl.trustStorePassword", "password");

Connection sslConn = null;

try {
Properties props = new Properties();
props.setProperty("useSSL", "true");
props.setProperty("requireSSL", "true");
sslConn = DriverManager.getConnection(dbUrl, props);

ResultSet valueRs = sslConn.createStatement().executeQuery("SELECT CONNECTION_ID()");
if (!valueRs.next())

{ System.out.println("No result set, something is wrong"); }

String conId = valueRs.getObject(1).toString();
System.out.println("Established connection " + conId + "\n" );

}
catch (Exception e)

{ System.out.println("Could not connect... " + e + "\n"); e.printStackTrace(); }

}
}

  1. End of java test

 Comments   
Comment by Elena Stepanova [ 2012-02-10 ]

Re: SSL connection through MySQL Connector/J fails with javax.net.ssl.SSLException: Unsupported record version Unknown-0.0

Comment by Elena Stepanova [ 2012-02-10 ]

ssl_test.tar.gz
LPexportBug930145_ssl_test.tar.gz

Comment by Elena Stepanova [ 2012-02-10 ]

Re: SSL connection through MySQL Connector/J fails with javax.net.ssl.SSLException: Unsupported record version Unknown-0.0
Also filed in JIRA as MDEV-140

Comment by Rasmus Johansson (Inactive) [ 2012-02-14 ]

Launchpad bug id: 930145

Generated at Thu Feb 08 06:41:52 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.