Pressed send too soon: SSLSocketFactory is not inherently thread-safe, because of the [gs]etHostNameVerifier() methods. Is there a need to change the HostNameVerifier after construction, or could the verifier be provided to the ctor? Alternatively, perhaps the field could be made volatile?
On 23/07/2009, sebb <[email protected]> wrote: > On 15/07/2009, Oleg Kalnichevski <[email protected]> wrote: > > Folks > > > > Please test your applications against 4.0-rc2 and report bugs if found. > > > > There have been three fixes since 4.0-rc1 > > > > * [HTTPCLIENT-860] HttpClient no longer converts redirects of PUT/POST > > to GET for status codes 301, 302, 307, as required by the HTTP spec. > > > > * [HTTPCLIENT-859] CookieIdentityComparator now takes path attribute > > into consideration when comparing cookies. > > > > * HttpClient will no longer send expired cookies back to the origin > > server. > > > > Please also find a few minutes to review the release packages. > > > > Packages: > > http://people.apache.org/~olegk/httpclient-4.0-rc2/ > > > I've started looking at thread-safety, beginning with > ThreadSafeClientConnManager. > That sems to be thread-safe, however one of the fields contains > ConnPoolByRoute. > This has non-final protected fields: > - freeConnections > - waitingThreads > which are created in the constructor; I think these should be made final. > > > The Interface RefQueueHandler is marked as deprecated, and only seems > to be used in AbstractConnPool and RefQueueWorker - could these be > deleted? > > > > Release notes: > > > http://svn.apache.org/repos/asf/httpcomponents/httpclient/trunk/RELEASE_NOTES.txt > > > > Oleg > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: > > [email protected] > > For additional commands, e-mail: > > [email protected] > > > > > --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
