[
https://issues.apache.org/jira/browse/HTTPCLIENT-1478?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14143161#comment-14143161
]
Chris Kistner commented on HTTPCLIENT-1478:
-------------------------------------------
I also reckon this ticket shouldn't be closed just yet!
I'm still having SSL Handshake not being timed out with httpClient 4.3.5, even
if I set the timeout with like:
{noformat}SocketConfig sc = SocketConfig.custom()
.setSoTimeout(Settings.getHttpTimeoutConnect())
.build();{noformat}
I went and did a crude patch on httpClient 4.3.5 of setting a default 60s
timeout if the SSL socket timeout was not set:
{noformat}---
src/main/java/org/apache/http/conn/ssl/SSLConnectionSocketFactory.java | 3 +++
1 file changed, 3 insertions(+)
diff --git
a/src/main/java/org/apache/http/conn/ssl/SSLConnectionSocketFactory.java
b/src/main/java/org/apache/http/conn/ssl/SSLConnectionSocketFactory.java
index c175fd2..9e7d7b9 100644
--- a/src/main/java/org/apache/http/conn/ssl/SSLConnectionSocketFactory.java
+++ b/src/main/java/org/apache/http/conn/ssl/SSLConnectionSocketFactory.java
@@ -265,6 +265,9 @@ public class SSLConnectionSocketFactory implements
LayeredConnectionSocketFactor
target,
port,
true);
+ if (sslsock.getSoTimeout() == 0) {
+ sslsock.setSoTimeout(60000);
+ }
if (supportedProtocols != null) {
sslsock.setEnabledProtocols(supportedProtocols);
}
-- {noformat}
> https calls ignore http.socket.timeout during SSL Handshake
> -----------------------------------------------------------
>
> Key: HTTPCLIENT-1478
> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1478
> Project: HttpComponents HttpClient
> Issue Type: Bug
> Components: HttpConn
> Affects Versions: 4.3 Final, 4.3.1, 4.3.2, 4.3.3
> Environment: All
> Reporter: Jonah Schwartz
> Priority: Minor
> Fix For: 4.3.4
>
>
> https calls ignore http.socket.timeout during SSL Handshake. This can result
> in a https call hanging forever waiting for socket read.
> In both SSLSocketFactory and SSLConnectionSocketFactory,
> sslsock.startHandshake(); is called before socket timeout is set on the
> socket. This means timeout is not respected during the SSL handshake, and the
> thread can hang with a stacktrace that looks like this:
> org.apache.http.impl.client.AbstractHttpClient.doExecute
> org.apache.http.impl.client.DefaultRequestDirector.execute
> org.apache.http.impl.client.DefaultRequestDirector.tryConnect
> org.apache.http.impl.conn.ManagedClientConnectionImpl.open
> org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection
> org.apache.http.conn.ssl.SSLSocketFactory.connectSocket
> org.apache.http.conn.ssl.SSLSocketFactory.connectSocket
> sun.security.ssl.SSLSocketImpl.startHandshake
> sun.security.ssl.SSLSocketImpl.startHandshake
> sun.security.ssl.SSLSocketImpl.performInitialHandshake
> sun.security.ssl.SSLSocketImpl.readRecord
> sun.security.ssl.InputRecord.read
> sun.security.ssl.InputRecord.readV3Record
> sun.security.ssl.InputRecord.readFully
> java.net.SocketInputStream.read
> java.net.SocketInputStream.socketRead0
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
