[
https://issues.apache.org/jira/browse/HADOOP-15813?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16773612#comment-16773612
]
Hudson commented on HADOOP-15813:
---------------------------------
SUCCESS: Integrated in Jenkins build Hadoop-trunk-Commit #16014 (See
[https://builds.apache.org/job/Hadoop-trunk-Commit/16014/])
HADOOP-15813. Enable more reliable SSL connection reuse. Contributed by
(weichiu: rev a87e458432609b7a35a2abd6410b02e8a2ffc974)
* (edit)
hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/ssl/SSLFactory.java
> Enable more reliable SSL connection reuse
> -----------------------------------------
>
> Key: HADOOP-15813
> URL: https://issues.apache.org/jira/browse/HADOOP-15813
> Project: Hadoop Common
> Issue Type: Bug
> Components: common
> Affects Versions: 2.6.0
> Reporter: Daryn Sharp
> Assignee: Daryn Sharp
> Priority: Major
> Fix For: 2.10.0, 3.0.4, 3.3.0, 2.8.6, 3.2.1, 2.9.3, 3.1.3
>
> Attachments: HADOOP-15813.patch, HADOOP-15813.patch, KMS
> throughput.png, profiler after HADOOP-15813.png, profiler prior to
> HADOOP-15813.png
>
>
> The java keep-alive cache relies on instance equivalence of the SSL socket
> factory. In many java versions, SSLContext#getSocketFactory always returns a
> new instance which completely breaks the cache. Clients flooding a service
> with lingering per-request connections that can lead to port exhaustion. The
> hadoop SSLFactory should cache the socket factory associated with the context.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
