hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "LI Changshu (JIRA)" <j...@apache.org>
Subject [jira] [Comment Edited] (HTTPCLIENT-1478) https calls ignore http.socket.timeout during SSL Handshake
Date Fri, 05 May 2017 12:07:04 GMT

    [ https://issues.apache.org/jira/browse/HTTPCLIENT-1478?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15998229#comment-15998229
] 

LI Changshu edited comment on HTTPCLIENT-1478 at 5/5/17 12:06 PM:
------------------------------------------------------------------

I encountered this issue on verson 4.5.2, and using a proxy to access a https host. The soTimeout
is set as the following:
{code:borderStyle=solid}
        RequestConfig.Builder requestConfigBuilder = RequestConfig.custom()
                .setConnectionRequestTimeout(30000)
                .setConnectTimeout(30000)
                .setSocketTimeout(30000);
{code}

It turns out that sock.getSoTimeout() is 0 while ssl handshaking (Set breakpoint at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.upgrade(DefaultHttpClientConnectionOperator.java:192).

The problem is fixed as the following:
{code:borderStyle=solid}
        PoolingHttpClientConnectionManager cm = new PoolingHttpClientConnectionManager();
        // Set soTimeout here to affect socketRead in the phase of ssl handshake. Note that
        // the RequestConfig.setSocketTimeout will take effect only after the ssl handshake
completed.
        cm.setDefaultSocketConfig(SocketConfig.custom().setSoTimeout(30000).build());
{code}



was (Author: ricolcs):
I encountered this issue on verson 4.5.2, and using a proxy to access a https host. The soTimeout
is set as the following:
{code:borderStyle=solid}
        RequestConfig.Builder requestConfigBuilder = RequestConfig.custom()
                .setConnectionRequestTimeout(30000)
                .setConnectTimeout(30000)
                .setSocketTimeout(30000);
{code}

It turns out that sock.getSoTimeout() is 0 while ssl handshaking. (Set breakpoint at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.upgrade(DefaultHttpClientConnectionOperator.java:192))

The problem is fixed as the following:
{code:borderStyle=solid}
        PoolingHttpClientConnectionManager cm = new PoolingHttpClientConnectionManager();
        // Set soTimeout here to affect socketRead in the phase of ssl handshake. Note that
        // the RequestConfig.setSocketTimeout will take effect only after the ssl handshake
completed.
        cm.setDefaultSocketConfig(SocketConfig.custom().setSoTimeout(30000).build());
{code}


> https calls ignore http.socket.timeout during SSL Handshake
> -----------------------------------------------------------
>
>                 Key: HTTPCLIENT-1478
>                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1478
>             Project: HttpComponents HttpClient
>          Issue Type: Bug
>          Components: HttpClient (classic)
>    Affects Versions: 4.3 Final, 4.3.1, 4.3.2, 4.3.3
>         Environment: All
>            Reporter: Jonah Schwartz
>            Priority: Minor
>             Fix For: 4.3.4
>
>
> https calls ignore http.socket.timeout during SSL Handshake. This can result in a https
call hanging forever waiting for socket read. 
> In both SSLSocketFactory and SSLConnectionSocketFactory, sslsock.startHandshake(); is
called before socket timeout is set on the socket. This means timeout is not respected during
the SSL handshake, and the thread can hang with a stacktrace that looks like this:
> org.apache.http.impl.client.AbstractHttpClient.doExecute
> org.apache.http.impl.client.DefaultRequestDirector.execute
> org.apache.http.impl.client.DefaultRequestDirector.tryConnect
> org.apache.http.impl.conn.ManagedClientConnectionImpl.open
> org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection
> org.apache.http.conn.ssl.SSLSocketFactory.connectSocket
> org.apache.http.conn.ssl.SSLSocketFactory.connectSocket
> sun.security.ssl.SSLSocketImpl.startHandshake
> sun.security.ssl.SSLSocketImpl.startHandshake
> sun.security.ssl.SSLSocketImpl.performInitialHandshake
> sun.security.ssl.SSLSocketImpl.readRecord
> sun.security.ssl.InputRecord.read
> sun.security.ssl.InputRecord.readV3Record
> sun.security.ssl.InputRecord.readFully
> java.net.SocketInputStream.read
> java.net.SocketInputStream.socketRead0



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org


Mime
View raw message