[
https://issues.apache.org/jira/browse/HTTPCLIENT-1478?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16251554#comment-16251554
]
Yaniv Nahoum edited comment on HTTPCLIENT-1478 at 11/14/17 3:33 PM:
--------------------------------------------------------------------
Ran into the same issue myself in version 4.5.0 (repackaged by RedHat for Jboss
EAP 7.0). If you're making a direct ssl connection, no proxy/tunneling then you
should be fine by just setting the RequestConfig timeouts (connect and read).
BUT, if you're going through a proxy, and for some reason it doesn't return -
your thread will hang indefinitely. The fix mentioned above
(http://svn.apache.org/viewvc/httpcomponents/httpclient/branches/4.3.x/httpclient/src/main/java/org/apache/http/conn/ssl/SSLConnectionSocketFactory.java?r1=1560975&r2=1626784)
does not work for the tunneling flow.
Bottom line, as already mentioned - set a default SocketConfig on your
connection manager as explained in the comment above by LI Changshu.
was (Author: yanivnahoum):
Ran into the same issue myself in version 4.5.0 (repackaged by RedHat for Jboss
EAP 7.0). If you're making a direct ssl connection, no proxy/tunneling then you
should be fine by just setting the RequestConfig timeouts (connect and read).
BUT, if you're going through a proxy , and for some reason it doesn't return -
your thread will hang indefinitely. The fix mentioned above
(http://svn.apache.org/viewvc/httpcomponents/httpclient/branches/4.3.x/httpclient/src/main/java/org/apache/http/conn/ssl/SSLConnectionSocketFactory.java?r1=1560975&r2=1626784)
does not work for the tunneling flow.
Bottom line, as already mentioned - set a default SocketConfig on your
connection manager as explained in the comment above by LI Changshu.
> https calls ignore http.socket.timeout during SSL Handshake
> -----------------------------------------------------------
>
> Key: HTTPCLIENT-1478
> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1478
> Project: HttpComponents HttpClient
> Issue Type: Bug
> Components: HttpClient (classic)
> Affects Versions: 4.3 Final, 4.3.1, 4.3.2, 4.3.3
> Environment: All
> Reporter: Jonah Schwartz
> Priority: Minor
> Fix For: 4.3.4
>
>
> https calls ignore http.socket.timeout during SSL Handshake. This can result
> in a https call hanging forever waiting for socket read.
> In both SSLSocketFactory and SSLConnectionSocketFactory,
> sslsock.startHandshake(); is called before socket timeout is set on the
> socket. This means timeout is not respected during the SSL handshake, and the
> thread can hang with a stacktrace that looks like this:
> org.apache.http.impl.client.AbstractHttpClient.doExecute
> org.apache.http.impl.client.DefaultRequestDirector.execute
> org.apache.http.impl.client.DefaultRequestDirector.tryConnect
> org.apache.http.impl.conn.ManagedClientConnectionImpl.open
> org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection
> org.apache.http.conn.ssl.SSLSocketFactory.connectSocket
> org.apache.http.conn.ssl.SSLSocketFactory.connectSocket
> sun.security.ssl.SSLSocketImpl.startHandshake
> sun.security.ssl.SSLSocketImpl.startHandshake
> sun.security.ssl.SSLSocketImpl.performInitialHandshake
> sun.security.ssl.SSLSocketImpl.readRecord
> sun.security.ssl.InputRecord.read
> sun.security.ssl.InputRecord.readV3Record
> sun.security.ssl.InputRecord.readFully
> java.net.SocketInputStream.read
> java.net.SocketInputStream.socketRead0
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
