> java/net/httpclient/http2/TLSConnection.java has been observed failing (even > though rarely) in test jobs. > > The issue is that the handler used on the the server sides maintains a > volatile `sslSession` field which it sets when receiving a request, so that > the client can check which SSLParameters were negotiated after receiving the > response. > However that field is set a little too late: after writing the request body > bytes. This means that sometimes the client is able to receive the last byte > before the server has updated the field, and can observe the previous value, > which was set by the previous request. Checking of SSL parameters on the > client side then usually fails, as it is looking at the wrong session. > > The proposed fix is very simple: just update the `sslSession` field a little > earlier - before writing the response.
Daniel Fuchs has updated the pull request incrementally with one additional commit since the last revision: Copyright update ------------- Changes: - all: https://git.openjdk.java.net/jdk/pull/8249/files - new: https://git.openjdk.java.net/jdk/pull/8249/files/91626f6d..6bdb7a62 Webrevs: - full: https://webrevs.openjdk.java.net/?repo=jdk&pr=8249&range=01 - incr: https://webrevs.openjdk.java.net/?repo=jdk&pr=8249&range=00-01 Stats: 1 line in 1 file changed: 0 ins; 0 del; 1 mod Patch: https://git.openjdk.java.net/jdk/pull/8249.diff Fetch: git fetch https://git.openjdk.java.net/jdk pull/8249/head:pull/8249 PR: https://git.openjdk.java.net/jdk/pull/8249
