[ 
https://issues.apache.org/jira/browse/HTTPCLIENT-2198?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Andrei Vasilev updated HTTPCLIENT-2198:
---------------------------------------
    Description: 
The HttpVersionPolicy when set via the new TlsConfig class is not respected due 
to the wrong data being passed between AbstractClientTlsStrategy and 
H2TlsSupport.

On line 138 of AbstractClientTlsStrategy, the 
H2TlsSupport.selectApplicationProtocols() method expects a type of 
HttpVersionPolicy to be provided, but AbstractClientTlsStrategy passes the 
entire TlsConfig. Since the types do not match H2TlsSupport defaults to the 
NEGOTIATE protocol and ignores the value set in TlsConfig.

This results in all sorts of random behavior depending on the target host being 
requested, but in all cases requests will fail with some sort of error. I have 
attached a sample program to reproduce the issue.

On a side note, the toString() method of TlsConfig also results in a 
NullPointerException if the cipher suites / protocols fields are not 
initialized and null is passed to Arrays.toList().

  was:
The HttpVersionPolicy when set via the new TlsConfig class is not respected due 
to the wrong data being passed between AbstractClientTlsStrategy and 
H2TlsSupport.

On line 138 of AbstractClientTlsStrategy, the 
H2TlsSupport.selectApplicationProtocols() method expects a type of 
HttpVersionPolicy to be provided, but AbstractClientTlsStrategy passes the 
entire TlsConfig. Since the types do not match H2TlsSupport defaults to the 
NEGOTIATE protocol and ignores the value set in TlsConfig.

This results in all sorts of random behavior depending on the target host being 
requested, but in all cases requests will fail with some sort of error. I have 
attached a sample program to reproduce the issue.

On a side note, the toString() method of TlsConfig also results in a 
NullPointerException if the cipher suites / protocols fields are not 
initialized due to the calling of Arrays.toList() without a null check.


> HttpVersionPolicy is not respected
> ----------------------------------
>
>                 Key: HTTPCLIENT-2198
>                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-2198
>             Project: HttpComponents HttpClient
>          Issue Type: Bug
>          Components: HttpClient (async)
>    Affects Versions: 5.2-alpha1
>            Reporter: Andrei Vasilev
>            Priority: Minor
>         Attachments: Main.java
>
>
> The HttpVersionPolicy when set via the new TlsConfig class is not respected 
> due to the wrong data being passed between AbstractClientTlsStrategy and 
> H2TlsSupport.
> On line 138 of AbstractClientTlsStrategy, the 
> H2TlsSupport.selectApplicationProtocols() method expects a type of 
> HttpVersionPolicy to be provided, but AbstractClientTlsStrategy passes the 
> entire TlsConfig. Since the types do not match H2TlsSupport defaults to the 
> NEGOTIATE protocol and ignores the value set in TlsConfig.
> This results in all sorts of random behavior depending on the target host 
> being requested, but in all cases requests will fail with some sort of error. 
> I have attached a sample program to reproduce the issue.
> On a side note, the toString() method of TlsConfig also results in a 
> NullPointerException if the cipher suites / protocols fields are not 
> initialized and null is passed to Arrays.toList().



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to