gnodet opened a new pull request, #22981: URL: https://github.com/apache/camel/pull/22981
[CAMEL-22525](https://issues.apache.org/jira/browse/CAMEL-22525) ## Summary - Add `getLocalPort()` to `AS2ServerConnection` and `AS2AsyncMDNServerConnection` to expose the actual bound port - Eliminate the TOCTOU race condition in AS2 tests by binding to port 0 (OS assigns a free port atomically) instead of pre-allocating a port with `AvailablePortFinder` which probes then closes a socket, leaving a window for another process to steal the port ## Root Cause `AvailablePortFinder.find()` opens a `ServerSocket` on port 0, records the assigned port, then **closes** the socket. When `AS2ServerConnection` later tries to bind to that port, another process may have already claimed it — a classic TOCTOU (time-of-check-to-time-of-use) race condition. This was particularly flaky on s390x CI where multiple processes compete for ports. The prior fix (SO_REUSEADDR in #22095) helped with TIME_WAIT state but didn't eliminate the fundamental race. ## Fix Instead of pre-allocating a port number, tests now: 1. Create `AS2ServerConnection` with port **0** — the OS assigns a free port atomically during `bind()` 2. Read the actual port back via the new `getLocalPort()` method 3. Use that port to configure the client This completely eliminates the race condition since port assignment and binding happen in a single atomic operation. ## Test plan - [x] All 94 camel-as2-api tests pass - [x] All 12 camel-as2-component tests pass (1 skipped: manual Mendelson test) - [x] Code formatted with `mvn formatter:format impsort:sort` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
