[HTTPCORE-357] Option to disable DNS lookup on SSLIOSession - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 4.3
Fix Version/s: 4.4-alpha1
Component/s: HttpCore NIO
Labels:
None

Description

The class org.apache.http.nio.reactor.ssl.SSLIOSession is performing a DNS lookup in line 125:
if (address instanceof InetSocketAddress)

{ String hostname = ((InetSocketAddress) address).getHostName(); int port = ((InetSocketAddress) address).getPort(); this.sslEngine = sslContext.createSSLEngine(hostname, port); }

else

{ this.sslEngine = sslContext.createSSLEngine(); }

This lookup is not necessary to create the SSL engine (the method without parameters works the same), and it causes performance issues if the DNS server configured is not very fast. In my case, using a single thread, when receiving 50 requests at the same time, the SSL handshake takes more than two minutes and the clients are timing out. Checking the java thread stack, the thread is always stuck on this lookup, waiting for the DNS server which sometimes takes around 4 seconds to answer.

When not using SSL there's no lookup so everything works.

If this lookup makes sense in some cases (I don't know much on SSL internals), maybe there should be an option to disable the lookup

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

HTTPCORE-357.patch
23/Nov/13 16:38
3 kB
Oleg Kalnichevski

Activity

People

Assignee:: Unassigned

Reporter:: Isaac Cruz Ballesteros

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 18/Oct/13 11:00

Updated:: 24/Jan/14 11:57

Resolved:: 24/Jan/14 11:57