Seconds delay at the client side during the SSL handshake causes the server to close the connection.
Delay is caused by DNS search performed, As known we were seeing some difficulties with completing and sometimes even getting the SSL handshake started with an SFCB endpoint. Some of that seemed to be a badly configured nameserver, but we were looking for a solution that would isolate us from that behavior.
File at 'org.sblim.cimclient.internal.http.HttpClient.java' In method " private void resetSocket() throws IOException {"
We have this code:
if (socketConnectWithTimeout) {
this.iSocket = factory.createSocket();
if (this.iSocket != null) this.iSocket.connect(new InetSocketAddress(this.iUrl
.getHost(), this.iUrl.getPort()), timeout);
} else {
this.iSocket = factory.createSocket(this.iUrl.getHost(), this.iUrl.getPort());
}
We need change to :
if (socketConnectWithTimeout) {
// PMR 43439,001,866
// feature 173985
if(factory instanceof SSLSocketFactory){
Socket sock = new Socket();
sock.connect(new InetSocketAddress(this.iUrl.getHost(), this.iUrl.getPort()), timeout);
this.iSocket = (SSLSocket) ((SSLSocketFactory) factory).createSocket(sock, this.iUrl.getHost(), this.iUrl.getPort(), true);
}else{
this.iSocket = factory.createSocket();
if (this.iSocket != null) this.iSocket.connect(new InetSocketAddress(this.iUrl
.getHost(), this.iUrl.getPort()), timeout);
}
\} else \{ this.iSocket = factory.createSocket\(this.iUrl.getHost\(\), this.iUrl.getPort\(\)\); \}
In this case, the host will be set by the String "host" passed in. Therefore, there will be no delay because the the DNS search is no longer performed.
the file taking bug
Reassigning categories, Java Client is the sunset 1.x code stream
Patch sent for community review. During a 2 week period any
exploiter may comment on the patch, request changes or turn it
down completely (with good reason). For the time being the patch is part of the "Experimental" branch in CVS.
Patch against HEAD
The community review has completed and we received no substantial criticism. Therefore the patch has been approved and merged into the "HEAD" branch. The next release will pick it up.
The patch was picked up by release 2.1.11 and will therefore be closed.