[jira] [Commented] (HTTPCLIENT-2135) TLS handshake timeouts cannot be controlled through RequestConfig

Thu, 11 Feb 2021 11:02:06 -0800 


    [ 
https://issues.apache.org/jira/browse/HTTPCLIENT-2135?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17283305#comment-17283305
 ] 

Ryan Schmitt commented on HTTPCLIENT-2135:
------------------------------------------

For my use case, I wrote a simple wrapper that enforces the {{connectTimeout}} 
during the TLS handshake:

{code:java}
    private static final class TlsHandshakeTimeoutSocketFactory implements 
LayeredConnectionSocketFactory {
        private final LayeredConnectionSocketFactory delegate;

        public TlsHandshakeTimeoutSocketFactory(LayeredConnectionSocketFactory 
delegate) {
            this.delegate = delegate;
        }

        @Override
        public Socket createSocket(HttpContext context) throws IOException {
            return delegate.createSocket(context);
        }

        @Override
        public Socket connectSocket(TimeValue connectTimeout, Socket socket, 
HttpHost host, InetSocketAddress remoteAddress, InetSocketAddress localAddress, 
HttpContext context) throws IOException {
            int soTimeout = socket.getSoTimeout();
            socket.setSoTimeout(connectTimeout.toMillisecondsIntBound());
            Socket ret = delegate.connectSocket(connectTimeout, socket, host, 
remoteAddress, localAddress,
                context);
            socket.setSoTimeout(soTimeout);
            return ret;
        }

        @Override
        public Socket createLayeredSocket(Socket socket, String target, int 
port, HttpContext context) throws IOException {
            return delegate.createLayeredSocket(socket, target, port, context);
        }
    }
{code}

> TLS handshake timeouts cannot be controlled through RequestConfig
> -----------------------------------------------------------------
>
>                 Key: HTTPCLIENT-2135
>                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-2135
>             Project: HttpComponents HttpClient
>          Issue Type: Bug
>          Components: HttpClient (classic)
>    Affects Versions: 5.0.3
>            Reporter: Ryan Schmitt
>            Priority: Major
>
> Apparently as a consequence of HTTPCLIENT-2091 and/or HTTPCLIENT-2099, TLS 
> handshake timeouts can no longer be specified through any of the three 
> {{RequestConfig}} timeout parameters (connect, connection request, response). 
> The only way to limit TLS handshake duration is through low-level socket 
> configuration (socket timeout), which of course affects more than just TLS 
> handshakes.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to