[jira] [Created] (HTTPCLIENT-2324) Apache HttpClient 5 blocks for double the duration set by requestTimeout when using TLS

Tue, 12 Mar 2024 08:13:21 -0700 

Tim Davidson created HTTPCLIENT-2324:
----------------------------------------

             Summary: Apache HttpClient 5 blocks for double the duration set by 
requestTimeout when using TLS
                 Key: HTTPCLIENT-2324
                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-2324
             Project: HttpComponents HttpClient
          Issue Type: Bug
          Components: HttpClient (classic)
    Affects Versions: 5.3.1
         Environment: OpenJDK Runtime Environment Corretto-17.0.8.7.1
            Reporter: Tim Davidson


I have an issue in my application using Spring's RestTemplate configured with 
Apache HttpClient 5 as the underlying http client. My application is calling a 
downstream legacy system, and while that system is "down" for maintenance, it 
still accepts connections (TLS handshake and all), but never returns a response.
The problem I'm having is when I set the request timeout at 8 seconds on the 
Apache client, requests sent to this downstream service are blocking for double 
that timeout setting (16 seconds).

I have this isolated to the Apache HttpClient, and have reproduced this 
behavior in a unit test using self-signed certs. Since the code necessary to 
reproduce is too long to post here, I have a repository with the test 
reproducing the issue here: 
[apache-httpclient-socket-timeout-test|https://github.com/tndavidson/apache-httpclient-socket-timeout-test]

You can see in the following logs that the read timeout does happen after the 
configured 8 seconds, but it is blocking for an additional 8 seconds to close 
the connection. This doesn't happen using HTTP, only HTTPS.
{code:java}
14:45:21.587 [main] DEBUG org.apache.hc.client5.http.wire -- http-outgoing-1 >> 
"[\r][\n]"
14:45:29.589 [main] DEBUG org.apache.hc.client5.http.wire -- http-outgoing-1 << 
"[read] I/O error: Read timed out"
14:45:29.589 [main] DEBUG o.a.h.c.h.i.i.DefaultManagedHttpClientConnection -- 
http-outgoing-1 Close connection
14:45:37.591 [main] DEBUG o.a.h.c.h.i.c.InternalHttpClient -- 
InternalConnectionEndpoint-7eb6b6b6 endpoint closed {code}
I've included two additional tests that show this issue is 1) not present when 
not configured for TLS, and 2) not present when configuring the same TLS 
configuration using the JDK's native HttpClient.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to