client authentication with revoked cert results in server no response.
Trustin Lee
tlee at redhat.com
Wed Apr 8 18:10:38 EDT 2009
I've just checked in the experimental workaround for this particular
issue. Honestly I don't understand why SSLEngine.unwrap() is stuck
there. It is not supposed to behave like that. Please build from the
trunk and let me know if my fix works.
Thanks,
— Trustin Lee, http://gleamynode.net/
On Thu, Apr 9, 2009 at 6:55 AM, Trustin Lee <tlee at redhat.com> wrote:
> This is interesting. Let me investigate on this issue further.
>
> It is correct to close the channel when you get SSLHandshakeException.
>
> — Trustin Lee, http://gleamynode.net/
>
>
> On Thu, Apr 9, 2009 at 6:40 AM, huican ping <pinghuican at gmail.com> wrote:
>> The threadDump file is attached.
>>
>> The CPU usage is low, it seems stuck at SSLEngine.unwrap().
>>
>> The exception in the exceptionCaught() I can see is
>> SSLHandshakeException, and I close() the channel after.
>>
>> Do you have any suggestion what I should do when I got SSLHandshakeException?
>> It could be the clean up issue after I got ssl exception.
>>
>>
>> On Wed, Apr 8, 2009 at 1:21 AM, Trustin Lee <tlee at redhat.com> wrote:
>>> Hi Huican,
>>>
>>> Thanks for reporting the problem first of all.
>>>
>>> Could you provide the full thread dump which can be obtained by kill
>>> -3 or jstack command? The attached screenshot doesn't reveal enough
>>> information to track down the problem.
>>>
>>> — Trustin Lee, http://gleamynode.net/
>>>
>>>
>>>
>>> On Tue, Apr 7, 2009 at 3:43 AM, huican ping <pinghuican at gmail.com> wrote:
>>>> Hello Trustin,
>>>>
>>>> I am attaching a yourkit picture showing the blocked threads after I
>>>> sent in 4 messages.
>>>> You can see our code exceptionCaught(), and netty lib channel close(),
>>>> and it stuck at the SSLEngineImpl code.
>>>>
>>>> I will see whether I can generate something else.
>>>>
>>>> On Fri, Apr 3, 2009 at 1:23 AM, Trustin Lee <tlee at redhat.com> wrote:
>>>>
>>>>> Did you find something useful in the full thread dump in client and
>>>>> server? Your application might have been stuck somewhere. Please
>>>>> post the full thread dump of the both side.
>>>>>
>>>>> If you don't think this is the case where the full thread dump reveals
>>>>> the cause of the problem, please attach small test application that
>>>>> reproduces the problem.
>>>>>
>>>>> Thanks,
>>>>>
>>>>> — Trustin Lee, http://gleamynode.net/
>>>>>
>>>>> _______________________________________________
>>>>> netty-users mailing list
>>>>> netty-users at lists.jboss.org
>>>>> https://lists.jboss.org/mailman/listinfo/netty-users
>>>>>
>>>>
>>>> _______________________________________________
>>>> netty-users mailing list
>>>> netty-users at lists.jboss.org
>>>> https://lists.jboss.org/mailman/listinfo/netty-users
>>>>
>>>>
>>>
>>> _______________________________________________
>>> netty-users mailing list
>>> netty-users at lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/netty-users
>>>
>>
>> _______________________________________________
>> netty-users mailing list
>> netty-users at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/netty-users
>>
>>
>
More information about the netty-users
mailing list