Your patch has been applied, and will be available in TC 5.0.17 & 4.1.30.
----- Original Message ----- From: "Alex Chan" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Sunday, January 11, 2004 9:40 PM Subject: SSL Socket does not timeout when no handshake occurs > I have found that if a connection is initiated on the SSL port but the > client does not participate in the SSL handshake, the socket seems to hang > around indefinitely. The test I used was to telnet to the secure port > without typing/sending any further data. > > When doing the same to the non-secure port, the socket will timeout > according to the connectionTimeout parameter. > > I noticed in the code PoolTcpEndPoint.java, in the TcpWorkerThread.runIt() > method, that > endpoint.setSocketOptions(s) is called after > endpoint.getServerSocketFactory().handshake(s). > I tried moving the call to setSocketOptions() before handshake() and the SSL > socket times out according to the connectionTimeout. > > As I am a relatively new Tomcat user, I'm not sure what are the > impact/implications of this change. > Any feedback, particularly as to whether you agree this is a problem, would > be most appreciated. > > Thanks in advance, > - Alex >
This message is intended only for the use of the person(s) listed above as the intended recipient(s), and may contain information that is PRIVILEGED and CONFIDENTIAL. If you are not an intended recipient, you may not read, copy, or distribute this message or any attachment. If you received this communication in error, please notify us immediately by e-mail and then delete all copies of this message and any attachments. In addition you should be aware that ordinary (unencrypted) e-mail sent through the Internet is not secure. Do not send confidential or sensitive information, such as social security numbers, account numbers, personal identification numbers and passwords, to us via ordinary (unencrypted) e-mail.
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
