Ah, crap...

I think I'll have to issue a 2.2.5 which fall back to the non-experimental SSL processor asap...

(And, yes, there are some expected work to be done on the new SSLEngine wrapper in the 'experimental' SSL processor)



On 13/01/2025 16:20, Christopher Popp wrote:
We updated to 2.2.4 and were getting some connection failures for clients using 
TLS 1.3. Debugging it we noticed a new experimental non blocking SSL processor 
was enabled by default as part of 2.2.4. (See 
SslFilter.setUseNonBlockingPipeline and SslFilter.nonBlockingPipeline).

Turning this off with a call to set use nonblocking pipeline(false) to use the 
pre-2.2.4 handler got our TLS 1.3 clients connecting reliably again.

--
*Emmanuel Lécharny* P. +33 (0)6 08 33 32 61
elecha...@apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@mina.apache.org
For additional commands, e-mail: users-h...@mina.apache.org

Reply via email to