tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bill Barker" <>
Subject Re: SSL Socket does not timeout when no handshake occurs
Date Tue, 13 Jan 2004 05:12:37 GMT
Your patch has been applied, and will be available in TC 5.0.17 & 4.1.30.

----- Original Message ----- 
From: "Alex Chan" <>
To: <>
Sent: Sunday, January 11, 2004 9:40 PM
Subject: SSL Socket does not timeout when no handshake occurs

> I have found that if a connection is initiated on the SSL port but the
> client does not participate in the SSL handshake, the socket seems to hang
> around indefinitely. The test I used was to telnet to the secure port
> without typing/sending any further data.
> When doing the same to the non-secure port, the socket will timeout
> according to the connectionTimeout parameter.
> I noticed in the code, in the TcpWorkerThread.runIt()
> method, that
> endpoint.setSocketOptions(s) is called after
> endpoint.getServerSocketFactory().handshake(s).
> I tried moving the call to setSocketOptions() before handshake() and the
> socket times out according to the connectionTimeout.
> As I am a relatively new Tomcat user, I'm not sure what are the
> impact/implications of this change.
> Any feedback, particularly as to whether you agree this is a problem,
> be most appreciated.
> Thanks in advance,
> - Alex

View raw message