[jira] [Comment Edited] (CXF-9093) Client does not send entire payload (if size ~> 2500 bytes) when hc5, TLS1.3 are used

Thu, 02 Jan 2025 18:52:05 -0800 


    [ 
https://issues.apache.org/jira/browse/CXF-9093?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17909449#comment-17909449
 ] 

Andriy Redko edited comment on CXF-9093 at 1/3/25 2:51 AM:
-----------------------------------------------------------

[~bocamel] I am able to reproduce the behavior only when chunking is disabled:

        HTTPConduit http = (HTTPConduit) client.getConduit();
        http.getClient().setAllowChunking(false);

Could you please help me out with chunking enabled:
 
        HTTPConduit http = (HTTPConduit) client.getConduit();
        http.getClient().setAllowChunking(true);


was (Author: reta):
[~bocamel] I am able to reproduce the behavior only when chunking is disabled:

        HTTPConduit http = (HTTPConduit) client.getConduit();
        http.getClient().setAllowChunking(false);

Could you please help me out with to try with chunking enabled:
 
        HTTPConduit http = (HTTPConduit) client.getConduit();
        http.getClient().setAllowChunking(true);

> Client does not send entire payload (if size ~> 2500 bytes) when hc5, TLS1.3 
> are used
> -------------------------------------------------------------------------------------
>
>                 Key: CXF-9093
>                 URL: https://issues.apache.org/jira/browse/CXF-9093
>             Project: CXF
>          Issue Type: Bug
>          Components: JAX-RS
>    Affects Versions: 4.1.0
>            Reporter: John Yin
>            Priority: Major
>
> With two different servers (one from ServiceNow and one from Zendesk), if my 
> CXF client uses HC5 (cxf-rt-transports-http-hc5-4.1.0.jar is in classpath), 
> the size of the JSON payload + HTTP headers ~> 2500 bytes, and TLS 1.3 is 
> used, then the client would not send the entire payload to server.  Both 
> sides would idle after the SSL handshake and client sends a small packet 
> until either the server closes the connection (resulting 
> connectionClosedException) or client times out, depending on the server 
> configuration.
> If any of the three conditions is changed, i.e., 1) not using hc5, 2) 
> reducing the payload size so that payload+headers < 2000 bytes, or 3) forcing 
> the use of TLS1.2, the problem would go away.  
> This does not happen with every TLS1.3 server.  For some TLS1.3 servers, I 
> have not encountered the issue.
> I am not sure if this is a CXF client problem, but since it happens against 
> two different servers, I thought I should report it to CXF.  My Wireshark log 
> does not reveal much info given that the data are encrypted and I do not have 
> the server's private key.
> Thanks!



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to