hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Gaspard Petit (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HTTPCLIENT-1478) https calls ignore http.socket.timeout during SSL Handshake
Date Mon, 04 Jan 2016 16:58:40 GMT

    [ https://issues.apache.org/jira/browse/HTTPCLIENT-1478?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15081357#comment-15081357

Gaspard Petit commented on HTTPCLIENT-1478:

I had this issue with version 4.4.1. At first I ignored this thread because it was flagged
as resolved in 4.3.

I following Oleg's advice and the details about how to use a custom socket configuration from
this page: https://wiki.apache.org/HttpComponents/HttpClientConfiguration

It was fairly simple to do.

I do believe that using no timeout by default, both for the ssl socket and the request socket
and connection is an inconvenient decision. It renders the HTTPClients.createDefault() useless
and dangerous.  At worse, a default timeout of 5 minutes would be better than none.

That being said, thank you for giving hints on how to resolve the issue.

> https calls ignore http.socket.timeout during SSL Handshake
> -----------------------------------------------------------
>                 Key: HTTPCLIENT-1478
>                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1478
>             Project: HttpComponents HttpClient
>          Issue Type: Bug
>          Components: HttpConn
>    Affects Versions: 4.3 Final, 4.3.1, 4.3.2, 4.3.3
>         Environment: All
>            Reporter: Jonah Schwartz
>            Priority: Minor
>             Fix For: 4.3.4
> https calls ignore http.socket.timeout during SSL Handshake. This can result in a https
call hanging forever waiting for socket read. 
> In both SSLSocketFactory and SSLConnectionSocketFactory, sslsock.startHandshake(); is
called before socket timeout is set on the socket. This means timeout is not respected during
the SSL handshake, and the thread can hang with a stacktrace that looks like this:
> org.apache.http.impl.client.AbstractHttpClient.doExecute
> org.apache.http.impl.client.DefaultRequestDirector.execute
> org.apache.http.impl.client.DefaultRequestDirector.tryConnect
> org.apache.http.impl.conn.ManagedClientConnectionImpl.open
> org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection
> org.apache.http.conn.ssl.SSLSocketFactory.connectSocket
> org.apache.http.conn.ssl.SSLSocketFactory.connectSocket
> sun.security.ssl.SSLSocketImpl.startHandshake
> sun.security.ssl.SSLSocketImpl.startHandshake
> sun.security.ssl.SSLSocketImpl.performInitialHandshake
> sun.security.ssl.SSLSocketImpl.readRecord
> sun.security.ssl.InputRecord.read
> sun.security.ssl.InputRecord.readV3Record
> sun.security.ssl.InputRecord.readFully
> java.net.SocketInputStream.read
> java.net.SocketInputStream.socketRead0

This message was sent by Atlassian JIRA

To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org

View raw message