[
https://issues.apache.org/jira/browse/HTTPCORE-583?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Edward Gao updated HTTPCORE-583:
--------------------------------
Description:
Hi, we recently are upgrading for our prod system to amazon latest jdk 11.
and found a issue.
The case is weird and hard to reproduce.
So here I try to describe it more clearly enough.
In summary, the case is: the method (not know why this is unformated even I
copied into a text editor):
{code:java}
org.apache.http.nio.reactor.ssl.SSLIOSession#doHandshake
{code}
in this method, it implements:
{code:java}
// below code I added some metrics for help to diagnose.
// you can ignore it
private void doHandshake() throws SSLException {
SSLMetrics.handshakeAll.incrementAndGet();
boolean handshaking = true;
SSLEngineResult result = null;
int handshakeNeedWrapTimes = 0;
SocketAddress addr = null;
boolean printed = false;
try {
while (handshaking) {
SSLMetrics.handshakeAllInnerLoop.incrementAndGet();
switch (this.sslEngine.getHandshakeStatus()) {
case NEED_WRAP:
handshakeNeedWrapTimes ++;
// Generate outgoing handshake data
SSLMetrics.handshakeAllNeedWrap.incrementAndGet();
// Acquire buffer
final ByteBuffer outEncryptedBuf = this.outEncrypted.acquire();
// some extra code to help diagnose
if (!printed && handshakeNeedWrapTimes > PRINT_THRESHOLD) {
try {
addr = this.session.getRemoteAddress();
if (addr != null) {
System.out.println("[sslmetricsprinter-handshake][" + addr + "][" +
handshakeNeedWrapTimes + "]");
}
} catch (Exception e) {}
printed = true;
}
// Just wrap an empty buffer because there is no data to write.
result = doWrap(ByteBuffer.allocate(0), outEncryptedBuf);
if (result.getStatus() != Status.OK) {
handshaking = false;
}
break;
case NEED_UNWRAP:
// other cases ignored...
}
}
{code}
our metrics show the need_wrap count is increased 3000 times of jdk8 runtime.
!image-2019-07-18-09-45-13-130.png!
and I checked the version 5. found this is changed.
{code:java}
Bug fix: corrected handling of NEED_WRAP handshake status during graceful SSL
session termination
!image-2019-07-18-09-52-10-100.png!
{code}
it's on tag: 0088ef6
So I have below questions:
# Can you guys fix this on the version 4.4?
# if not, is it safe for us to merge this two snippets code back to http
manually? but it has two snippets one in the while loop and one in the
updateEventMask method. do we need to back port whether two methods or only
while loop code?
was:
Hi, we recently are upgrading for our prod system to amazon latest jdk 11.
and found a issue.
The case is weird and hard to reproduce.
So here I try to describe it more clearly enough.
In summary, the case is: the method (not know why this is unformated even I
copied into a text editor):
{code}
org.apache.http.nio.reactor.ssl.SSLIOSession#doHandshake
{code}
in this method, it implements:
{code}
// below code I added some metrics for help to diagnose.
// you can ignore it
private void doHandshake() throws SSLException {
SSLMetrics.handshakeAll.incrementAndGet();
boolean handshaking = true;
SSLEngineResult result = null;
int handshakeNeedWrapTimes = 0;
SocketAddress addr = null;
boolean printed = false;
try {
while (handshaking) {
SSLMetrics.handshakeAllInnerLoop.incrementAndGet();
switch (this.sslEngine.getHandshakeStatus()) {
case NEED_WRAP:
handshakeNeedWrapTimes ++;
// Generate outgoing handshake data
SSLMetrics.handshakeAllNeedWrap.incrementAndGet();
// Acquire buffer
final ByteBuffer outEncryptedBuf = this.outEncrypted.acquire();
// some extra code to help diagnose
if (!printed && handshakeNeedWrapTimes > PRINT_THRESHOLD) {
try {
addr = this.session.getRemoteAddress();
if (addr != null) {
System.out.println("[sslmetricsprinter-handshake][" + addr + "][" +
handshakeNeedWrapTimes + "]");
}
} catch (Exception e) {}
printed = true;
}
// Just wrap an empty buffer because there is no data to write.
result = doWrap(ByteBuffer.allocate(0), outEncryptedBuf);
if (result.getStatus() != Status.OK) {
handshaking = false;
}
break;
case NEED_UNWRAP:
// other cases ignored...
}
}
{code}
our metrics show the need_wrap count is increased 3000 times of jdk8 runtime.
!image-2019-07-18-09-45-13-130.png!
and I checked the version 5. found this is changed.
{code}
Bug fix: corrected handling of NEED_WRAP handshake status during graceful SSL
session termination
!image-2019-07-18-09-52-10-100.png!
{code}
it's on tag: 0088ef6
So I have below questions:
# Can you guys fix this on the version 4.4?
# if not, is it safe for us to merge this two snippets code back to http
manually?
> The getHandshakestatus always return need_wrap and cost a lot of cpu increase
> in jdk11
> --------------------------------------------------------------------------------------
>
> Key: HTTPCORE-583
> URL: https://issues.apache.org/jira/browse/HTTPCORE-583
> Project: HttpComponents HttpCore
> Issue Type: Bug
> Components: HttpCore NIO
> Affects Versions: 4.4.11
> Reporter: Edward Gao
> Priority: Major
> Attachments: image-2019-07-18-09-45-13-130.png,
> image-2019-07-18-09-52-10-100.png
>
>
> Hi, we recently are upgrading for our prod system to amazon latest jdk 11.
> and found a issue.
> The case is weird and hard to reproduce.
> So here I try to describe it more clearly enough.
> In summary, the case is: the method (not know why this is unformated even I
> copied into a text editor):
> {code:java}
> org.apache.http.nio.reactor.ssl.SSLIOSession#doHandshake
> {code}
> in this method, it implements:
> {code:java}
> // below code I added some metrics for help to diagnose.
> // you can ignore it
> private void doHandshake() throws SSLException {
> SSLMetrics.handshakeAll.incrementAndGet();
> boolean handshaking = true;
> SSLEngineResult result = null;
> int handshakeNeedWrapTimes = 0;
> SocketAddress addr = null;
> boolean printed = false;
> try {
> while (handshaking) {
> SSLMetrics.handshakeAllInnerLoop.incrementAndGet();
> switch (this.sslEngine.getHandshakeStatus()) {
> case NEED_WRAP:
> handshakeNeedWrapTimes ++;
> // Generate outgoing handshake data
> SSLMetrics.handshakeAllNeedWrap.incrementAndGet();
> // Acquire buffer
> final ByteBuffer outEncryptedBuf = this.outEncrypted.acquire();
>
> // some extra code to help diagnose
> if (!printed && handshakeNeedWrapTimes > PRINT_THRESHOLD) {
> try {
> addr = this.session.getRemoteAddress();
> if (addr != null) {
> System.out.println("[sslmetricsprinter-handshake][" + addr + "][" +
> handshakeNeedWrapTimes + "]");
> }
> } catch (Exception e) {}
> printed = true;
> }
> // Just wrap an empty buffer because there is no data to write.
> result = doWrap(ByteBuffer.allocate(0), outEncryptedBuf);
> if (result.getStatus() != Status.OK) {
> handshaking = false;
> }
> break;
> case NEED_UNWRAP:
> // other cases ignored...
> }
> }
> {code}
>
> our metrics show the need_wrap count is increased 3000 times of jdk8 runtime.
> !image-2019-07-18-09-45-13-130.png!
>
> and I checked the version 5. found this is changed.
> {code:java}
> Bug fix: corrected handling of NEED_WRAP handshake status during graceful SSL
> session termination
> !image-2019-07-18-09-52-10-100.png!
> {code}
> it's on tag: 0088ef6
> So I have below questions:
> # Can you guys fix this on the version 4.4?
> # if not, is it safe for us to merge this two snippets code back to http
> manually? but it has two snippets one in the while loop and one in the
> updateEventMask method. do we need to back port whether two methods or only
> while loop code?
--
This message was sent by Atlassian JIRA
(v7.6.14#76016)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
