[
https://issues.apache.org/jira/browse/CXF-9093?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17911291#comment-17911291
]
Andriy Redko commented on CXF-9093:
-----------------------------------
Awesome, thanks [~bocamel], I am closing this issue, we have a workaround but
the fix is needed in HttpCore (linked issue).
> Client does not send entire payload (if size ~> 2500 bytes) when hc5, TLS1.3
> are used
> -------------------------------------------------------------------------------------
>
> Key: CXF-9093
> URL: https://issues.apache.org/jira/browse/CXF-9093
> Project: CXF
> Issue Type: Bug
> Components: JAX-RS
> Affects Versions: 4.1.0
> Reporter: John Yin
> Priority: Major
>
> With two different servers (one from ServiceNow and one from Zendesk), if my
> CXF client uses HC5 (cxf-rt-transports-http-hc5-4.1.0.jar is in classpath),
> the size of the JSON payload + HTTP headers ~> 2500 bytes, and TLS 1.3 is
> used, then the client would not send the entire payload to server. Both
> sides would idle after the SSL handshake and client sends a small packet
> until either the server closes the connection (resulting
> connectionClosedException) or client times out, depending on the server
> configuration.
> If any of the three conditions is changed, i.e., 1) not using hc5, 2)
> reducing the payload size so that payload+headers < 2000 bytes, or 3) forcing
> the use of TLS1.2, the problem would go away.
> This does not happen with every TLS1.3 server. For some TLS1.3 servers, I
> have not encountered the issue.
> I am not sure if this is a CXF client problem, but since it happens against
> two different servers, I thought I should report it to CXF. My Wireshark log
> does not reveal much info given that the data are encrypted and I do not have
> the server's private key.
> Thanks!
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
