client authentication with revoked cert results in server no response.
Trustin Lee
tlee at redhat.com
Wed Apr 8 18:13:32 EDT 2009
FYI, the revision # is 1157
— Trustin Lee, http://gleamynode.net/
On Thu, Apr 9, 2009 at 7:10 AM, Trustin Lee <tlee at redhat.com> wrote:
> I've just checked in the experimental workaround for this particular
> issue. Honestly I don't understand why SSLEngine.unwrap() is stuck
> there. It is not supposed to behave like that. Please build from the
> trunk and let me know if my fix works.
>
> Thanks,
>
> — Trustin Lee, http://gleamynode.net/
>
>
>
> On Thu, Apr 9, 2009 at 6:55 AM, Trustin Lee <tlee at redhat.com> wrote:
>> This is interesting. Let me investigate on this issue further.
>>
>> It is correct to close the channel when you get SSLHandshakeException.
>>
>> — Trustin Lee, http://gleamynode.net/
>>
>>
>> On Thu, Apr 9, 2009 at 6:40 AM, huican ping <pinghuican at gmail.com> wrote:
>>> The threadDump file is attached.
>>>
>>> The CPU usage is low, it seems stuck at SSLEngine.unwrap().
>>>
>>> The exception in the exceptionCaught() I can see is
>>> SSLHandshakeException, and I close() the channel after.
>>>
>>> Do you have any suggestion what I should do when I got SSLHandshakeException?
>>> It could be the clean up issue after I got ssl exception.
>>>
>>>
>>> On Wed, Apr 8, 2009 at 1:21 AM, Trustin Lee <tlee at redhat.com> wrote:
>>>> Hi Huican,
>>>>
>>>> Thanks for reporting the problem first of all.
>>>>
>>>> Could you provide the full thread dump which can be obtained by kill
>>>> -3 or jstack command? The attached screenshot doesn't reveal enough
>>>> information to track down the problem.
>>>>
>>>> — Trustin Lee, http://gleamynode.net/
>>>>
>>>>
>>>>
>>>> On Tue, Apr 7, 2009 at 3:43 AM, huican ping <pinghuican at gmail.com> wrote:
>>>>> Hello Trustin,
>>>>>
>>>>> I am attaching a yourkit picture showing the blocked threads after I
>>>>> sent in 4 messages.
>>>>> You can see our code exceptionCaught(), and netty lib channel close(),
>>>>> and it stuck at the SSLEngineImpl code.
>>>>>
>>>>> I will see whether I can generate something else.
>>>>>
>>>>> On Fri, Apr 3, 2009 at 1:23 AM, Trustin Lee <tlee at redhat.com> wrote:
>>>>>
>>>>>> Did you find something useful in the full thread dump in client and
>>>>>> server? Your application might have been stuck somewhere. Please
>>>>>> post the full thread dump of the both side.
>>>>>>
>>>>>> If you don't think this is the case where the full thread dump reveals
>>>>>> the cause of the problem, please attach small test application that
>>>>>> reproduces the problem.
>>>>>>
>>>>>> Thanks,
>>>>>>
>>>>>> — Trustin Lee, http://gleamynode.net/
>>>>>>
>>>>>> _______________________________________________
>>>>>> netty-users mailing list
>>>>>> netty-users at lists.jboss.org
>>>>>> https://lists.jboss.org/mailman/listinfo/netty-users
>>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> netty-users mailing list
>>>>> netty-users at lists.jboss.org
>>>>> https://lists.jboss.org/mailman/listinfo/netty-users
>>>>>
>>>>>
>>>>
>>>> _______________________________________________
>>>> netty-users mailing list
>>>> netty-users at lists.jboss.org
>>>> https://lists.jboss.org/mailman/listinfo/netty-users
>>>>
>>>
>>> _______________________________________________
>>> netty-users mailing list
>>> netty-users at lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/netty-users
>>>
>>>
>>
>
More information about the netty-users
mailing list