-
-
Notifications
You must be signed in to change notification settings - Fork 925
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
IO.select problems with SSL sockets on JRuby 1.7 on CentOS #414
Comments
This seems similar to #359, except that TCP sockets are working fine for me, I only have the problem with SSLSockets. |
I've now tried this out in Ubuntu, with the stock |
Could you show us the PEM file you are using? |
Certificate:
Keys:
|
Do you have a rough estimate on how often this blocks? Can you try jruby-openssl 0.8.0.pre3? I've tested it with the current master, Java 7u9 on Mac OS X 10.8.2, and got the following results: With jruby-openssl 0.7.7:
With jruby-openssl 0.8.0.pre3, I was able to execute 60+ iteration before I stopped.
|
I actually never ran into this issue on OS X, even with jruby-openssl 0.7.x My issue has been on Linux, I've tried CentOS and Ubuntu. After upgrading to jruby-openssl 0.8.0.pre3 my tests will now sometimes finish, but I am still seeing the issue ~50% of the time where the tests do not finish and the process spins at 100% CPU. |
I've duplicated this problem, and I think it's actually the reason my web server occasionally hangs for my clients (we sometimes need to read_nonblock for a specific case, and I think that occasionally this is hanging). I also can not duplicate on mac OS X. My testing platform:
Even when the script works, the CPU still goes through the roof. This is a major problem for us - our clients are losing their ability to use the web server - we would love to see some attention to it! |
I stand corrected - I've also been able to reproduce this issue on a mac. Here is the platform:
|
IO.select(ssl_socket) is not reliable on any implementation, due to the buffering that occurs internally for most SSL socket wrappers. Basically, IO.select does not know about those buffers. This is a known issue and we and ruby-core have not found a satisfactory solution. See https://bugs.ruby-lang.org/issues/8875. Now that may or may not explain this issue, but it would be very easy to get stuck in a loop if select kept claiming data was available (because the socket has data) but the SSLSocket does not consume it properly (because it's missing some handshake or other sequence). I'm going to close this, since it's both very old and relates to a known issue with IO.select(ssl_socket) that neither we nor MRI plan to fix. |
Indeed, however SSLSocket in the MRI has the method However in JRuby this method is still not implemented. Because of this, I cannot add JRuby support for a library that uses SSL Sockets. Are there any plans to implement BTW thank you @headius for the great work :) |
@ostinelli I had no idea the |
@kares @mkristian It should be reasonably easy to implement |
Calling
IO.select
onSSLSocket
's is not behaving correctly. In some casesIO.select
will never return (even though a timeout has been given) and in other cases it will erroneously report that the socket is ready for reading when it is not actually ready for reading.I am experiencing this issue using OpenJDK 1.7 on CentOS. The example code below works fine on OS X 10.8.2. In both cases I am using JRuby 1.7.1 (master).
Sorry the the example code can't be smaller, but setting up the SSL connection is a bit of a PITA.
The text was updated successfully, but these errors were encountered: