Return-Path: Delivered-To: apmail-hc-dev-archive@www.apache.org Received: (qmail 17122 invoked from network); 19 Jul 2010 17:15:52 -0000 Received: from unknown (HELO mail.apache.org) (140.211.11.3) by 140.211.11.9 with SMTP; 19 Jul 2010 17:15:52 -0000 Received: (qmail 19146 invoked by uid 500); 19 Jul 2010 17:15:52 -0000 Delivered-To: apmail-hc-dev-archive@hc.apache.org Received: (qmail 19073 invoked by uid 500); 19 Jul 2010 17:15:51 -0000 Mailing-List: contact dev-help@hc.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "HttpComponents Project" Delivered-To: mailing list dev@hc.apache.org Received: (qmail 19065 invoked by uid 99); 19 Jul 2010 17:15:51 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 19 Jul 2010 17:15:51 +0000 X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: local policy) Received: from [193.56.114.206] (HELO smtp3.gemalto.com) (193.56.114.206) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 19 Jul 2010 17:15:43 +0000 Received: from ABSHUBBWP01.gemalto.com ([10.3.0.231]) by smtp3.gemalto.com (8.14.3/8.14.3) with ESMTP id o6JGfdSl018939 for ; Mon, 19 Jul 2010 18:41:40 +0200 Received: from ABSEXCFWP02.gemalto.com ([10.3.0.235]) by ABSHUBBWP01.gemalto.com ([10.3.0.231]) with mapi; Mon, 19 Jul 2010 19:15:22 +0200 From: DELHOSTE Fabrice To: "'HttpComponents Project'" Date: Mon, 19 Jul 2010 19:15:22 +0200 Subject: RE: HttpCore NIO & SSL behind proxy Thread-Topic: HttpCore NIO & SSL behind proxy Thread-Index: AcsnVz+FgA1NHiZ9T+CqOvtJXBVPxAAA+wBg Message-ID: <2AC4CDE070E15E40AC7CAE040B00F1500167B9CAED93@ABSEXCFWP02.gemalto.com> In-Reply-To: <1279553325.25217.23.camel@ubuntu> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: acceptlanguage: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-Virus-Checked: Checked by ClamAV on apache.org Thanks. I've added the test for SSL session attribute to BasicManagedIOSession.getS= ession (not sure if it can be done in upper calls at the moment). It works. No problem for contributing. I'll do it once it works. BR, Fabrice -----Original Message----- From: Oleg Kalnichevski [mailto:olegk@apache.org]=20 Sent: lundi 19 juillet 2010 17:29 To: HttpComponents Project Subject: RE: HttpCore NIO & SSL behind proxy On Mon, 2010-07-19 at 16:04 +0200, DELHOSTE Fabrice wrote: > Thanks Oleg and Asankha. >=20 > So, as you known, in httpclientasync, I changed the dispatcher to SSL and= after the first request (or a while), it gets stuck not publishing the nex= t request. >=20 > After analyzing and comparing HTTP vs HTTPS logs, actually, I may have fo= und my mistake. Changing to SSL dispatcher seems not enough; I must also se= t the SSL session to the OP_WRITE event in addition to the regular session = (in HttpExchangeImpl.requestCompleted): >=20 > private synchronized void requestCompleted(final ManagedIOSession sessi= on) { > this.managedSession =3D session; > IOSession iosession =3D session.getSession(); > iosession.setAttribute(InternalRequestExecutionHandler.HTTP_EXCHANGE,= this); > iosession.setEvent(SelectionKey.OP_WRITE); > SSLIOSession sslsession =3D (SSLIOSession) iosession.getAttribute("SS= L_SESSION"); > if (sslsession !=3D null) { > sslsession.setEvent(SelectionKey.OP_WRITE); > } > } >=20 > I guess that comes probably from the way SSLIOSession decorates the ioses= sion. >=20 Fabrice, The protocol code should always be using the SSL i/o session instead of the underlying plain i/o session, when available. You may want to consider tweaking BasicManagedIOSession class to return the instance of the SSL i/o session in case of a secure route. > Am I right? Is it the correct way to do it? >=20 > FYI, to achieve SSL as well as HTTP in httpclientasync, I actually made I= nternalClientEventDispatch a composite of DefaultClientIOEventDispatch and = SSLClientIOEventDispatch, forwarding to the right one depending on the sche= me of the target host. >=20 Please consider contributing it back to the project. Cheers Oleg > Cheers, > Fabrice >=20 > -----Original Message----- > From: Asankha Perera [mailto:asankha.apache@gmail.com] On Behalf Of Asank= ha C. Perera > Sent: vendredi 16 juillet 2010 21:57 > To: HttpComponents Project > Subject: Re: HttpCore NIO & SSL behind proxy >=20 > Hi Fabrice > > Two things you should try: > > (1) reproducing the problem with a test case. HttpCore has a number of > > test cases for non-blocking SSL and you could use those as a starting > > point. > > (2) reproducing the problem with I/O session event logging on. This > > should help find out whether I/O interests are set correctly (write > > events suspended by mistake). Logging is simply indispensable when > > troubleshooting concurrency issues. > > =20 > You could also try the "-Djavax.net.debug=3Dall" system property, which=20 > may give you a hint if the cause is SSL specific >=20 > cheers > asankha >=20 --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org For additional commands, e-mail: dev-help@hc.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org For additional commands, e-mail: dev-help@hc.apache.org