You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@geode.apache.org by "Vahram Aharonyan (JIRA)" <ji...@apache.org> on 2017/09/12 15:47:00 UTC
[jira] [Comment Edited] (GEODE-3563) SSL socket handling problems
in TCPConduit run
[ https://issues.apache.org/jira/browse/GEODE-3563?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16163144#comment-16163144 ]
Vahram Aharonyan edited comment on GEODE-3563 at 9/12/17 3:46 PM:
------------------------------------------------------------------
Hi [~amb], we don't have a pull request created for this ticket yet. We have some thoughts on this like :
1. putting timeout before configuring SSL socket as it was done in GEODE-2898, GEODE-3023 to avoid any blocking situation.
2. handle SSL exception and do some cleanup work to close the socket in run function.
Does this seem to be reasonable?
Thanks,
Vahram.
was (Author: vaharonyan):
Hi Anthony, we don't have a pull request created for this ticket yet. We have some thoughts on this like :
1. putting timeout before configuring SSL socket as it was done in GEODE-2898, GEODE-3023 to avoid any blocking situation.
2. handle SSL exception and do some cleanup work to close the socket in run function.
Does this seem to be reasonable?
Thanks,
Vahram.
> SSL socket handling problems in TCPConduit run
> ----------------------------------------------
>
> Key: GEODE-3563
> URL: https://issues.apache.org/jira/browse/GEODE-3563
> Project: Geode
> Issue Type: Bug
> Components: client/server
> Reporter: Vahram Aharonyan
> Fix For: 1.2.1
>
>
> Here are two cases that seems to problematic in TCPConduit.run flow:
> 1. TCPConduit.run() has no action performed for the case when SSLException is thrown from sslSocket.startHandshake(), as a result the socket remains open.
> Catch block from the end of configureServerSSLSocket() will just report a fatal error(even it seem that this portion is going to be removed in 1.2.1 according to GEODE-3393) and re-throw the exception.
> 2. configureServerSSLSocket call is performed without setting socket timeout before that. This can bring to run thread blocking case if read initiated from the SSL handshake flow will not return. Linking to similar issues observed with other acceptors previously: GEODE-2898, GEODE-3023.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)