You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@hc.apache.org by ol...@apache.org on 2018/12/04 09:57:32 UTC

[2/2] httpcomponents-core git commit: SSLIOSession: Add `connectTimeout` constructor param

SSLIOSession: Add `connectTimeout` constructor param

This change adds low-level support for TLS handshake timeouts in the
class that actually performs the handshake. The contractual
`socketTimeout`, if set, will only be applied to the underlying
IOSession after the handshake is complete.


Project: http://git-wip-us.apache.org/repos/asf/httpcomponents-core/repo
Commit: http://git-wip-us.apache.org/repos/asf/httpcomponents-core/commit/ba9596f5
Tree: http://git-wip-us.apache.org/repos/asf/httpcomponents-core/tree/ba9596f5
Diff: http://git-wip-us.apache.org/repos/asf/httpcomponents-core/diff/ba9596f5

Branch: refs/heads/master
Commit: ba9596f5156dd89aa41b0ada1dd8c33cbe0ffa46
Parents: fa213df
Author: Ryan Schmitt <rs...@apache.org>
Authored: Fri Nov 30 15:44:20 2018 -0800
Committer: Oleg Kalnichevski <ol...@apache.org>
Committed: Tue Dec 4 10:42:23 2018 +0100

----------------------------------------------------------------------
 .../hc/core5/reactor/InternalDataChannel.java   |  3 ++-
 .../hc/core5/reactor/ssl/SSLIOSession.java      | 25 +++++++++++++++++---
 2 files changed, 24 insertions(+), 4 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/httpcomponents-core/blob/ba9596f5/httpcore5/src/main/java/org/apache/hc/core5/reactor/InternalDataChannel.java
----------------------------------------------------------------------
diff --git a/httpcore5/src/main/java/org/apache/hc/core5/reactor/InternalDataChannel.java b/httpcore5/src/main/java/org/apache/hc/core5/reactor/InternalDataChannel.java
index 48cf90b..3f2faf6 100644
--- a/httpcore5/src/main/java/org/apache/hc/core5/reactor/InternalDataChannel.java
+++ b/httpcore5/src/main/java/org/apache/hc/core5/reactor/InternalDataChannel.java
@@ -247,7 +247,8 @@ final class InternalDataChannel extends InternalChannel implements ProtocolIOSes
                         }
                     }
 
-                }))) {
+                },
+                null))) {
             throw new IllegalStateException("TLS already activated");
         }
     }

http://git-wip-us.apache.org/repos/asf/httpcomponents-core/blob/ba9596f5/httpcore5/src/main/java/org/apache/hc/core5/reactor/ssl/SSLIOSession.java
----------------------------------------------------------------------
diff --git a/httpcore5/src/main/java/org/apache/hc/core5/reactor/ssl/SSLIOSession.java b/httpcore5/src/main/java/org/apache/hc/core5/reactor/ssl/SSLIOSession.java
index 81bc5d6..98ada25 100644
--- a/httpcore5/src/main/java/org/apache/hc/core5/reactor/ssl/SSLIOSession.java
+++ b/httpcore5/src/main/java/org/apache/hc/core5/reactor/ssl/SSLIOSession.java
@@ -90,6 +90,7 @@ public class SSLIOSession implements IOSession {
     private volatile SSLMode sslMode;
     private volatile int status;
     private volatile boolean initialized;
+    private volatile Timeout socketTimeout;
     private TlsDetails tlsDetails;
 
     /**
@@ -112,7 +113,7 @@ public class SSLIOSession implements IOSession {
             final SSLSessionInitializer initializer,
             final SSLSessionVerifier verifier,
             final Callback<SSLIOSession> callback) {
-        this(targetEndpoint, session, sslMode, sslContext, SSLBufferMode.STATIC, initializer, verifier, callback);
+        this(targetEndpoint, session, sslMode, sslContext, SSLBufferMode.STATIC, initializer, verifier, callback, null);
     }
 
     /**
@@ -125,6 +126,7 @@ public class SSLIOSession implements IOSession {
      * @param sslBufferMode buffer management mode
      * @param initializer optional SSL session initializer. May be {@code null}.
      * @param verifier optional SSL session verifier. May be {@code null}.
+     * @param connectTimeout timeout to apply for the TLS/SSL handshake. May be {@code null}.
      *
      * @since 5.0
      */
@@ -136,7 +138,8 @@ public class SSLIOSession implements IOSession {
             final SSLBufferMode sslBufferMode,
             final SSLSessionInitializer initializer,
             final SSLSessionVerifier verifier,
-            final Callback<SSLIOSession> callback) {
+            final Callback<SSLIOSession> callback,
+            final Timeout connectTimeout) {
         super();
         Args.notNull(session, "IO session");
         Args.notNull(sslContext, "SSL context");
@@ -187,6 +190,12 @@ public class SSLIOSession implements IOSession {
 
         };
         this.bytesReadCount = new AtomicLong(0);
+
+        // Save the initial socketTimeout of the underlying IOSession, to be restored after the handshake is finished
+        this.socketTimeout = this.session.getSocketTimeout();
+        if (connectTimeout != null) {
+            this.session.setSocketTimeout(connectTimeout);
+        }
     }
 
     @Override
@@ -345,6 +354,7 @@ public class SSLIOSession implements IOSession {
                 handshaking = false;
                 break;
             case FINISHED:
+                this.session.setSocketTimeout(this.socketTimeout);
                 break;
             }
         }
@@ -790,7 +800,16 @@ public class SSLIOSession implements IOSession {
 
     @Override
     public void setSocketTimeout(final Timeout timeout) {
-        this.session.setSocketTimeout(timeout);
+        this.socketTimeout = timeout;
+
+        this.session.lock().lock();
+        try {
+            if (this.sslEngine.getHandshakeStatus() == HandshakeStatus.FINISHED) {
+                this.session.setSocketTimeout(timeout);
+            }
+        } finally {
+            this.session.lock().unlock();
+        }
     }
 
     @Override

Re: [2/2] httpcomponents-core git commit: SSLIOSession: Add `connectTimeout` constructor param

Posted by Oleg Kalnichevski <ol...@apache.org>.

On Tue, 2018-12-04 at 09:57 +0000, olegk@apache.org wrote:
> SSLIOSession: Add `connectTimeout` constructor param
> 
> This change adds low-level support for TLS handshake timeouts in the
> class that actually performs the handshake. The contractual
> `socketTimeout`, if set, will only be applied to the underlying
> IOSession after the handshake is complete.
> 
> 

Hi Ryan,

I had to re-organize the commit sequence in order to ensure there were
no commits while the project was in a non-SNAPSHOT state. At the moment
we do not use release branches to cut releases for the simplicity sake,
so active branches are in an effective state of freeze while a release
is ongoing. In other words please do not commit to a development branch
until the release vote has been closed and project version changed to a
SNAPSHOT.

Oleg

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org