hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Philippe Mouawad (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HTTPCLIENT-1302) AllowAllHostnameVerifier should not access session
Date Sun, 20 Jan 2013 20:20:12 GMT

    [ https://issues.apache.org/jira/browse/HTTPCLIENT-1302?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13558373#comment-13558373
] 

Philippe Mouawad commented on HTTPCLIENT-1302:
----------------------------------------------

But javadocs says:
 * The ALLOW_ALL HostnameVerifier essentially turns hostname verification
 * off. This implementation is a >>>>>>no-op<<<<<, and never
throws the SSLException.

In our case, requests hangs for 4-5 seconds for each request when using IP's without reverse
DNS

                
> AllowAllHostnameVerifier should not access session
> --------------------------------------------------
>
>                 Key: HTTPCLIENT-1302
>                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1302
>             Project: HttpComponents HttpClient
>          Issue Type: Bug
>          Components: HttpClient
>    Affects Versions: 4.2.3
>            Reporter: Philippe Mouawad
>             Fix For: 4.2.4
>
>
> Hello,
> We are facing a bug in JMeter:
> - https://issues.apache.org/bugzilla/show_bug.cgi?id=54449
> Analyzing code, I noticed AllowAllHostnameVerifier ends up calling AbstractVerifier#verify(String
host, SSLSocket ssl) which does more job than it should for AllowAllHostname policy

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org


Mime
View raw message