Hi Uri,
no, it shouldn't the onComplete is called because SSLEngine closing
behavior is similar to handshake, same statuses returned, but it
shouldn't cause any high CPU usage.
WBR,
Alexey.
On 19.08.15 07:56, Broide Uri wrote:
>
> Hi Alexey,
>
> Reminding you that we reported a problem of High CPU usage in SSL.
>
> Could it be that this double hand check problem is related to it?
>
> Thanks
>
> Uri
>
> *From:*Ben-Yosef Efrat [mailto:Efrat.Ben-Yosef_at_comverse.com]
> *Sent:* Wednesday, August 19, 2015 3:37 PM
> *To:* users_at_grizzly.java.net
> *Subject:* RE: OnComplete called twice on SSLFilter
>
> Hi Alexey,
>
> Thanks!
>
> Do you need me to open a bug? When do you think I could have a fix
> (even a snapshot)?
>
> Thanks
>
> Efrat
>
> *From:*Oleksiy Stashok [mailto:oleksiy.stashok_at_oracle.com]
> *Sent:* Saturday, August 15, 2015 1:04 AM
> *To:* users_at_grizzly.java.net <mailto:users_at_grizzly.java.net>
> *Subject:* Re: OnComplete called twice on SSLFilter
>
> Hi Efrat,
>
> I see what you mean, the ssl tear down process can cause it, I'll
> investigate and fix.
>
> Thanks.
>
> WBR,
> Alexey.
>
> On 12.08.15 02:09, Ben-Yosef Efrat wrote:
>
> Hi Alexey,
>
> We see the following:
>
> 1.Client connects on the SSL socket – handshake is complete -> OK
>
> 2.When done, client closes and disconnect. The handleRead() is
> called and then:
>
> if (sslEngine != null && !isHandshaking(sslEngine)) {
>
> return unwrapAll(ctx, sslCtx);
>
> in unwrap all the following is called:
>
> if (isHandshaking(sslCtx.getSslEngine())) {
>
> input = rehandshake(ctx, sslCtx);
>
> if (input == null) {
>
> break;
>
> }
>
> }
>
> And then the notifyHandshakeComplete() and onComplete()
>
> I don’t understand why when closing the socket and the “if”
> caluese states “isHandshaking == false”, why the rehandshake?
>
> Thanks
>
> Efrat
>
> *From:*Oleksiy Stashok [mailto:oleksiy.stashok_at_oracle.com]
> *Sent:* Wednesday, August 12, 2015 10:07 AM
> *To:* users_at_grizzly.java.net <mailto:users_at_grizzly.java.net>
> *Subject:* Re: OnComplete called twice on SSLFilter
>
> Hi,
>
> well, yes on rehandshake both onStart and onComplete/onFailure
> will be called again.
>
> WBR,
> Alexey.
>
> On 10.08.15 03:18, Ben-Yosef Efrat wrote:
>
> Hello
>
> We encounter a case in which the onComplete() in the SSLFilter
> is called twice (on the second time I see “rehandshake” method
> in the call stack).
>
> As far as I understand, it should be called only once when the
> SSL handshake is complete…
>
> Please advise,
>
> Thanks
>
> Efrat
>
> ------------------------------------------------------------------------
>
> “This e-mail message may contain confidential, commercial or
> privileged information that constitutes proprietary
> information of Comverse Inc. or its subsidiaries. If you are
> not the intended recipient of this message, you are hereby
> notified that any review, use or distribution of this
> information is absolutely prohibited and we request that you
> delete all copies and contact us by e-mailing to:
> security_at_comverse.com <mailto:security_at_comverse.com>. Thank You.”
>
> ------------------------------------------------------------------------
>
> “This e-mail message may contain confidential, commercial or
> privileged information that constitutes proprietary information of
> Comverse Inc. or its subsidiaries. If you are not the intended
> recipient of this message, you are hereby notified that any
> review, use or distribution of this information is absolutely
> prohibited and we request that you delete all copies and contact
> us by e-mailing to: security_at_comverse.com
> <mailto:security_at_comverse.com>. Thank You.”
>
> ------------------------------------------------------------------------
>
> “This e-mail message may contain confidential, commercial or
> privileged information that constitutes proprietary information of
> Comverse Inc. or its subsidiaries. If you are not the intended
> recipient of this message, you are hereby notified that any review,
> use or distribution of this information is absolutely prohibited and
> we request that you delete all copies and contact us by e-mailing to:
> security_at_comverse.com <mailto:security_at_comverse.com>. Thank You.”
>
> ------------------------------------------------------------------------
> “This e-mail message may contain confidential, commercial or
> privileged information that constitutes proprietary information of
> Comverse Inc. or its subsidiaries. If you are not the intended
> recipient of this message, you are hereby notified that any review,
> use or distribution of this information is absolutely prohibited and
> we request that you delete all copies and contact us by e-mailing to:
> security_at_comverse.com. Thank You.”