summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorBrian Carlstrom <bdc@google.com>2010-04-18 11:42:20 -0700
committerBrian Carlstrom <bdc@google.com>2010-04-18 19:10:47 -0700
commit2e9f166eba309e50c1c1f52ff8d2694f058ab2cf (patch)
tree8d543425b53be6a3ea065c7fc92bdca448632656
parent335d1d4d38ed77fd20bf2bd2a25e1293f994cc25 (diff)
downloadexternal_apache-http-2e9f166eba309e50c1c1f52ff8d2694f058ab2cf.zip
external_apache-http-2e9f166eba309e50c1c1f52ff8d2694f058ab2cf.tar.gz
external_apache-http-2e9f166eba309e50c1c1f52ff8d2694f058ab2cf.tar.bz2
b/2599994 Should call prepareSocket on underlying socket, not layered socket
DefaultClientConnectionOperator.openConnection was recently changed to use LayeredSocketFactory.createSocket(Socket, ...) to create an SSLSocket around a plain java.net.Socket. However, this means code in LayeredSocketFactory.createSocket(Socket, ...) is called before socket options such as timeout are set by DefaultClientConnectionOperator.prepareSocket. However, the default org.apache.http.conn.ssl.SSLSocketFactory.createSocket(Socket, ...) performes the SSL handshake to perform hostname verification, meaning the handshake is performed without timeouts set. This change to DefaultClientConnectionOperator.openConnection moves the call prepareSocket to be on the underlying java.net.Socket before it is has the SSLSocket layered on top of it to prevent hangs during SSL handshakes. Change-Id: If705cc1acfe524281ec1338f73eccf7c0f4d1227
-rw-r--r--src/org/apache/http/impl/conn/DefaultClientConnectionOperator.java14
1 files changed, 12 insertions, 2 deletions
diff --git a/src/org/apache/http/impl/conn/DefaultClientConnectionOperator.java b/src/org/apache/http/impl/conn/DefaultClientConnectionOperator.java
index 854b2b0..67e6bb0 100644
--- a/src/org/apache/http/impl/conn/DefaultClientConnectionOperator.java
+++ b/src/org/apache/http/impl/conn/DefaultClientConnectionOperator.java
@@ -148,6 +148,18 @@ public class DefaultClientConnectionOperator
sock = connsock;
conn.opening(sock, target);
}
+ /*
+ * prepareSocket is called on the just connected
+ * socket before the creation of the layered socket to
+ * ensure that desired socket options such as
+ * TCP_NODELAY, SO_RCVTIMEO, SO_LINGER will be set
+ * before any I/O is performed on the socket. This
+ * happens in the common case as
+ * SSLSocketFactory.createSocket performs hostname
+ * verification which requires that SSL handshaking be
+ * performed.
+ */
+ prepareSocket(sock, context, params);
if (layered_sf != null) {
Socket layeredsock = layered_sf.createSocket(sock,
target.getHostName(),
@@ -156,10 +168,8 @@ public class DefaultClientConnectionOperator
if (layeredsock != sock) {
conn.opening(layeredsock, target);
}
- prepareSocket(layeredsock, context, params);
conn.openCompleted(sf.isSecure(layeredsock), params);
} else {
- prepareSocket(sock, context, params);
conn.openCompleted(sf.isSecure(sock), params);
}
break;