On Thu, 14 Apr 2022 18:26:00 GMT, Daniel Fuchs <dfu...@openjdk.org> wrote:
> java/net/httpclient/http2/TLSConnection.java has been observed failing (even > though rarely) in test jobs. > > The issue is that the handler used on the the server sides maintains a > volatile `sslSession` field which it sets when receiving a request, so that > the client can check which SSLParameters were negotiated after receiving the > response. > However that field is set a little too late: after writing the request body > bytes. This means that sometimes the client is able to receive the last byte > before the server has updated the field, and can observe the previous value, > which was set by the previous request. Checking of SSL parameters on the > client side then usually fails, as it is looking at the wrong session. > > The proposed fix is very simple: just update the `sslSession` field a little > earlier - before writing the response. This pull request has now been integrated. Changeset: 1e22c70f Author: Daniel Fuchs <dfu...@openjdk.org> URL: https://git.openjdk.java.net/jdk/commit/1e22c70ff2e010740cb22856a642dd4afa1017cc Stats: 4 lines in 1 file changed: 2 ins; 1 del; 1 mod 8284892: java/net/httpclient/http2/TLSConnection.java fails intermittently Reviewed-by: djelinski, jpai, michaelm ------------- PR: https://git.openjdk.java.net/jdk/pull/8249
