[jira] [Commented] (HTTPCLIENT-2278) SSLIOSession should catch UnsupportedOperationException from SSLEngine.getApplicationProtocol

[Gary D. Gregory (Jira)]

    [ 
https://issues.apache.org/jira/browse/HTTPCLIENT-2278?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17726190#comment-17726190
 ] 

Gary D. Gregory commented on HTTPCLIENT-2278:
---------------------------------------------

In the same theme, I've had to deal with this type of UOE issue in the JDBC 
world. As an end user of a JDBC driver, there is nothing I could do but adapt 
my code  to handle the exception in some way that would not blow up the 
containing app.

We might not be able to do anything useful in this case and have to decline the 
ticket but I wanted to relay my experience as this is not as uncommon a 
situation as one might think.

So if there is something vaguely reasonable we could do, we should consider it. 
I don't know what that vaguely reasonable change would be in this case though.

> SSLIOSession should catch UnsupportedOperationException from 
> SSLEngine.getApplicationProtocol
> ---------------------------------------------------------------------------------------------
>
>                 Key: HTTPCLIENT-2278
>                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-2278
>             Project: HttpComponents HttpClient
>          Issue Type: Bug
>          Components: HttpClient (async)
>    Affects Versions: 5.2.1
>            Reporter: Arun Katkere
>            Priority: Major
>
> When SSLEngine implementation is old and does not override 
> getApplicationProtocol from SSLEngine, HttpClient async fails with:
> java.lang.UnsupportedOperationException
> at javax.net.ssl.SSLEngine.getApplicationProtocol(SSLEngine.java:1283)
> at 
> org.apache.hc.core5.reactor.ssl.SSLIOSession.doHandshake(SSLIOSession.java:429)
> at 
> org.apache.hc.core5.reactor.ssl.SSLIOSession.access$100(SSLIOSession.java:74)
> at 
> org.apache.hc.core5.reactor.ssl.SSLIOSession$1.inputReady(SSLIOSession.java:201)
> at 
> org.apache.hc.core5.reactor.InternalDataChannel.onIOEvent(InternalDataChannel.java:142)
> at 
> org.apache.hc.core5.reactor.InternalChannel.handleIOEvent(InternalChannel.java:51)
> at 
> org.apache.hc.core5.reactor.SingleCoreIOReactor.processEvents(SingleCoreIOReactor.java:178)
> at 
> org.apache.hc.core5.reactor.SingleCoreIOReactor.doExecute(SingleCoreIOReactor.java:127)
> at 
> org.apache.hc.core5.reactor.AbstractSingleCoreIOReactor.execute(AbstractSingleCoreIOReactor.java:86)
> at org.apache.hc.core5.reactor.IOReactorWorker.run(IOReactorWorker.java:44)
> at java.lang.Thread.run(Thread.java:750)
> Instead, SSLIOSession should catch UnsupportedOperationException from 
> getApplicationProtocol call and fall back to HTTP1_1. getApplicationProtocol 
> was added in a later version of Java 8, and not all SSL libraries support it.
> tlsDetailsFactory from DefaultClientTlsStrategy can be potentially used to 
> work around this, but it is deprecated.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@hc.apache.org
For additional commands, e-mail: dev-h...@hc.apache.org