hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Thijs ten Hoeve (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HTTPCLIENT-1478) https calls ignore http.socket.timeout during SSL Handshake
Date Tue, 08 Jul 2014 08:47:35 GMT

    [ https://issues.apache.org/jira/browse/HTTPCLIENT-1478?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14054661#comment-14054661
] 

Thijs ten Hoeve commented on HTTPCLIENT-1478:
---------------------------------------------

Oleg: Thanks for your quick reply. Unfortunately I do still think there is a bug there. 
If I set a breakpoint on the line that you mentioned, and evaluate socketConfig.getSoTimeout()
there then I get 0. So a timeout is never set on the created socket.
The socketConfig == SocketConfig.DEFAULT and is set in the calling function on line 316 http://hc.apache.org/httpcomponents-client-4.3.x/httpclient/xref/org/apache/http/impl/conn/PoolingHttpClientConnectionManager.html#316

We use a custom RoutePlanner because we are working with a number of proxies, but I don't
think that is the cause of this problem (Of course I'd gladly hear it if it were), and besides
that we do not really do any odd things in this use case.
As a work around we are going  to use an SSLConnectionSocketFactory that sets a timeout in
the prepareSocket function, but of course we'd rather forgo that extra bit of code.





> https calls ignore http.socket.timeout during SSL Handshake
> -----------------------------------------------------------
>
>                 Key: HTTPCLIENT-1478
>                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1478
>             Project: HttpComponents HttpClient
>          Issue Type: Bug
>          Components: HttpConn
>    Affects Versions: 4.3 Final, 4.3.1, 4.3.2, 4.3.3
>         Environment: All
>            Reporter: Jonah Schwartz
>            Priority: Minor
>             Fix For: 4.3.4
>
>
> https calls ignore http.socket.timeout during SSL Handshake. This can result in a https
call hanging forever waiting for socket read. 
> In both SSLSocketFactory and SSLConnectionSocketFactory, sslsock.startHandshake(); is
called before socket timeout is set on the socket. This means timeout is not respected during
the SSL handshake, and the thread can hang with a stacktrace that looks like this:
> org.apache.http.impl.client.AbstractHttpClient.doExecute
> org.apache.http.impl.client.DefaultRequestDirector.execute
> org.apache.http.impl.client.DefaultRequestDirector.tryConnect
> org.apache.http.impl.conn.ManagedClientConnectionImpl.open
> org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection
> org.apache.http.conn.ssl.SSLSocketFactory.connectSocket
> org.apache.http.conn.ssl.SSLSocketFactory.connectSocket
> sun.security.ssl.SSLSocketImpl.startHandshake
> sun.security.ssl.SSLSocketImpl.startHandshake
> sun.security.ssl.SSLSocketImpl.performInitialHandshake
> sun.security.ssl.SSLSocketImpl.readRecord
> sun.security.ssl.InputRecord.read
> sun.security.ssl.InputRecord.readV3Record
> sun.security.ssl.InputRecord.readFully
> java.net.SocketInputStream.read
> java.net.SocketInputStream.socketRead0



--
This message was sent by Atlassian JIRA
(v6.2#6252)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org


Mime
View raw message