[
https://issues.apache.org/jira/browse/HTTPCORE-319?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13497607#comment-13497607
]
Scott Stanton edited comment on HTTPCORE-319 at 11/14/12 11:55 PM:
-------------------------------------------------------------------
I'm having a hard time reproducing this problem in any small context. It's an
infrequent race condition, but it's definitely happening often enough to be a
critical problem for me.
I am using a HttpAsyncRequestExecutor with DefaultHttpClientIODispatch,
DefaultConnectingIOReactor, SSLNHttpClientConnectionFactory. I am still trying
to get a memory dump from a hung server, but the one time I was able to attach
with a debugger, it looked like the stream was at EOF but for some reason it
kept registering for interest in readable events.
The one other detail that might help with repro is that I'm using the
BouncyCastle crypto suite as the default security provider. It may behave a
little differently from the oracle crypto stack, although I would expect that
to be at a lower layer.
was (Author: stanton):
I'm having a hard time reproducing this problem in any small context. It's
an infrequent race condition, but it's definitely happening often enough to be
a critical problem for me.
I am using a HttpAsyncRequestExecutor with DefaultHttpClientIODispatch,
DefaultConnectingIOReactor, SSLNHttpClientConnectionFactory. I am still trying
to get a memory dump from a hung server, but the one time I was able to attach
with a debugger, it looked like the stream was at EOF but for some reason it
kept registering for interest in readable events.
> SSLIOSession goes into a loop if the server rejects an invalid certificate
> --------------------------------------------------------------------------
>
> Key: HTTPCORE-319
> URL: https://issues.apache.org/jira/browse/HTTPCORE-319
> Project: HttpComponents HttpCore
> Issue Type: Bug
> Components: HttpCore NIO
> Affects Versions: 4.2.2
> Reporter: Scott Stanton
> Priority: Blocker
>
> To reproduce:
> * Set up an SSL server that requests certificates from the client.
> * Set up a client with an expired SSL certificate.
> * Establish a connection from the client to the server using BaseNIOReactor
> and SSLIOSession.
> The server will proceed through the handshake until the client supplies its
> certificate in response to the CertificateRequest message. At this point,
> the server's certificate verification will fail and it will close the
> connection.
> The client socket will become readable due to the EOF and the
> SSLIOSession.isAppInputReady() method is called to handle the EOF. The
> bytesRead gets set to -1, which sets this.endOfStream = true. Nothing ever
> sets the session into the CLOSING or CLOSED state, so it keeps looping on the
> readable EOF event.
> I'm not sure what the best approach to fixing this should be. It appears
> that if I close the session manually with the debugger from inside
> isAppInputReady, the system proceeds normally from that point, however I
> don't know what the implications of doing that might be.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
