Avoid unnecessary ssl error log caused by jdk bug (apache#16709)

HTHou · web-flow · commit 9d4c41092a85 · 2025-11-10T09:43:43.000+08:00
diff --git a/iotdb-client/service-rpc/src/main/java/org/apache/iotdb/rpc/NettyTNonblockingTransport.java b/iotdb-client/service-rpc/src/main/java/org/apache/iotdb/rpc/NettyTNonblockingTransport.java
@@ -168,10 +168,11 @@ protected void initChannel(SocketChannel ch) throws Exception {
                                   "SSL handshake completed successfully for {}:{}", host, port);
                             }
                           } else {
-                            if (!future
-                                .cause()
-                                .getMessage()
-                                .contains("SslHandler removed before handshake completed")) {
+                            if (future.cause().getMessage() != null
+                                && !future
+                                    .cause()
+                                    .getMessage()
+                                    .contains("SslHandler removed before handshake completed")) {
                               logger.warn(
                                   "SSL handshake failed for {}:{}", host, port, future.cause());
                             } else if (logger.isDebugEnabled()) {
diff --git a/iotdb-client/service-rpc/src/main/java/org/apache/iotdb/rpc/TElasticFramedTransport.java b/iotdb-client/service-rpc/src/main/java/org/apache/iotdb/rpc/TElasticFramedTransport.java
@@ -132,13 +132,21 @@ public int read(byte[] buf, int off, int len) throws TTransportException {
       if (e.getCause() instanceof SocketTimeoutException) {
         throw new TTransportException(TTransportException.TIMED_OUT, e.getCause());
       }
-      // When client with SSL shut down due to time out. Some unnecessary error logs may be printed.
-      // Adding this workaround to avoid the problem.
-      if (e.getCause() instanceof SSLHandshakeException
-          && e.getCause().getCause() != null
-          && e.getCause().getCause() instanceof EOFException) {
-        throw new TTransportException(TTransportException.END_OF_FILE, e.getCause());
+      if (e.getCause() instanceof SSLHandshakeException) {
+        // There is an unsolved JDK bug https://bugs.openjdk.org/browse/JDK-8221218.
+        // Adding this workaround to avoid the error log printed.
+        if (e.getMessage()
+            .contains("Insufficient buffer remaining for AEAD cipher fragment (2).")) {
+          throw new TTransportException(TTransportException.END_OF_FILE, e.getCause());
+        }
+        // When client with SSL shutdown due to time out. Some unnecessary error logs may be
+        // printed.
+        // Adding this workaround to avoid the problem.
+        if (e.getCause().getCause() != null && e.getCause().getCause() instanceof EOFException) {
+          throw new TTransportException(TTransportException.END_OF_FILE, e.getCause());
+        }
       }
+
       if (e.getCause() instanceof SSLException
           && e.getMessage().contains("Unsupported or unrecognized SSL message")) {
         SocketAddress remoteAddress = null;
