On Wed, 2011-03-09 at 10:16 -0800, Travis T wrote: > > olegk wrote: > > > > Travis, > > > > It looks like the remote server once of a sudden drops the connection in > > the middle of the SSL handshake on the unsuspecting client. Looks very > > bizarre. > > > > I reviewed code of both versions and I found out there were some subtle > > differences in the algorithm used by SSLSocketFactory in HC 4.0.1 and HC > > 4.1 to create SSLSocket instances and to connect them to a remote > > endpoint. > > > > Could you please try out two things? > > > > (1) Please check the socket timeout value configured for the request and > > make sure it is not too aggressive (low) > > > > (2) Make a copy of SSLSocketFactory, > > > > http://svn.apache.org/repos/asf/httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/conn/ssl/SSLSocketFactory.java > > > > replace #createSocket method with this one > > > > --- > > public Socket createSocket(final HttpParams params) throws IOException { > > return this.socketfactory.createSocket(); > > } > > --- > > > > and configure HttpClient to use your implementation of SSLSocketFactory > > instead of the stock one. > > > > Oleg > > > > > > Oleg, > > Your new code fixed the issue! Thank you! > > So, it appears that the existing 4.1 code wasn't using the socket factory to > create the socket.
There is nothing wrong with the behavior of SSLSocketFactory in HC 4.1. Initially it creates a plain socket but then it uses SSL socket factory to put the SSL/TLS encryption layer on top of it. > I'll provide some details below, but my question is when > would I expect to get this fix in an official build? I want to move past > 4.0.1, but I don't want to use my own patched build. > 4.1.1 can be expected next week. Oleg --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
