[jira] [Commented] (HTTPCLIENT-2278) SSLIOSession should catch UnsupportedOperationException from SSLEngine.getApplicationProtocol

[Arun Katkere (Jira)]

    [ 
https://issues.apache.org/jira/browse/HTTPCLIENT-2278?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17726282#comment-17726282
 ] 

Arun Katkere commented on HTTPCLIENT-2278:
------------------------------------------

It is not a question of using an old stack here. A well known vendor as far as 
I can tell does not implement the method in question and that we are not 
probably seeing more reports here probably says as much about level of usage of 
new for 5.x async client functionality (yes I am aware async client was a 
different product under the same umbrella and is wide(ish)ly used and well 
loved, however previous async client did not have this issue).

Is there a non-deprecated workaround (or is it possible to provide one)? 
[https://hc.apache.org/httpcomponents-client-5.2.x/current/httpclient5/apidocs/org/apache/hc/client5/http/ssl/ClientTlsStrategyBuilder.html#setTlsDetailsFactory-org.apache.hc.core5.function.Factory-]
 is deprecated. 

> SSLIOSession should catch UnsupportedOperationException from 
> SSLEngine.getApplicationProtocol
> ---------------------------------------------------------------------------------------------
>
>                 Key: HTTPCLIENT-2278
>                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-2278
>             Project: HttpComponents HttpClient
>          Issue Type: Bug
>          Components: HttpClient (async)
>    Affects Versions: 5.2.1
>            Reporter: Arun Katkere
>            Priority: Major
>
> When SSLEngine implementation is old and does not override 
> getApplicationProtocol from SSLEngine, HttpClient async fails with:
> java.lang.UnsupportedOperationException
> at javax.net.ssl.SSLEngine.getApplicationProtocol(SSLEngine.java:1283)
> at 
> org.apache.hc.core5.reactor.ssl.SSLIOSession.doHandshake(SSLIOSession.java:429)
> at 
> org.apache.hc.core5.reactor.ssl.SSLIOSession.access$100(SSLIOSession.java:74)
> at 
> org.apache.hc.core5.reactor.ssl.SSLIOSession$1.inputReady(SSLIOSession.java:201)
> at 
> org.apache.hc.core5.reactor.InternalDataChannel.onIOEvent(InternalDataChannel.java:142)
> at 
> org.apache.hc.core5.reactor.InternalChannel.handleIOEvent(InternalChannel.java:51)
> at 
> org.apache.hc.core5.reactor.SingleCoreIOReactor.processEvents(SingleCoreIOReactor.java:178)
> at 
> org.apache.hc.core5.reactor.SingleCoreIOReactor.doExecute(SingleCoreIOReactor.java:127)
> at 
> org.apache.hc.core5.reactor.AbstractSingleCoreIOReactor.execute(AbstractSingleCoreIOReactor.java:86)
> at org.apache.hc.core5.reactor.IOReactorWorker.run(IOReactorWorker.java:44)
> at java.lang.Thread.run(Thread.java:750)
> Instead, SSLIOSession should catch UnsupportedOperationException from 
> getApplicationProtocol call and fall back to HTTP1_1. getApplicationProtocol 
> was added in a later version of Java 8, and not all SSL libraries support it.
> tlsDetailsFactory from DefaultClientTlsStrategy can be potentially used to 
> work around this, but it is deprecated.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@hc.apache.org
For additional commands, e-mail: dev-h...@hc.apache.org