Multiple call to exceptionCaught since 4.1.23 in case of Ssl Handshake Failure

Expected behavior

Before release 4.1.23, there was only ONE call to exceptionCaught method when an ssl handshake failure occurs

Actual behavior

Since release 4.1.23, exceptionCaught method is called twice. Looking in the stacktrace:

• it is called a first time, and it is related to the fireChannelRead method of the SslHandler,
• it is called a second time, and it is related to the fireChannelInactive method of the SslHandler,

Steps to reproduce

Try to connect to netty server with a client that does not trust the server CA certificate. The client will close the session with an Alert - Certificate Unknown error. Netty will call twice the exceptionCaught method.

Minimal yet complete reproducer code (or URL to code)

Clone this repository https://github.com/asanglard/dummyNettyServer and connect with an SSL client to the server which is running on port 8282. You may use your web browser (https://127.0.0.1:8282/)

Dummy exceptionCaught will be called twice for the same channel. error on client channel 69a6a755 : javax.net.ssl.SSLException: Received fatal alert: certificate_unknown - exception class: io.netty.handler.codec.DecoderException error on client channel 69a6a755 : javax.net.ssl.SSLException: Received fatal alert: certificate_unknown - exception class: io.netty.handler.codec.DecoderException

Netty version

I tested Netty 4.1.23 and 4.1.48 (last version). The behaviour is the same with these two versions.

JVM version (e.g. java -version)

java version “1.8.0_152-ea”

OS version (e.g. uname -a)

Mac OS Catalina 19.3.0 Darwin Kernel Version 19.3.0