Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SSLContext gets initialized too early #4757

Closed
bomgar opened this issue Mar 29, 2021 · 2 comments · Fixed by #4764
Closed

SSLContext gets initialized too early #4757

bomgar opened this issue Mar 29, 2021 · 2 comments · Fixed by #4764

Comments

@bomgar
Copy link

bomgar commented Mar 29, 2021

Hi,

I have an application that modifies the java Security stack during runtime. This includes the SSL setup. Before this happens I use Jersey to make some http (not https) calls. This causes the SSLContext to initialize

The issue is the static final field here: org.glassfish.jersey.client.internal.HttpUrlConnector

    private static final SSLSocketFactory DEFAULT_SSL_SOCKET_FACTORY = HttpsURLConnection.getDefaultSSLSocketFactory();

This initializes the SSLContext even if the client is only used for http.

So this is called:

    public static synchronized SSLContext getDefault()
            throws NoSuchAlgorithmException {
        if (defaultContext == null) {
            defaultContext = SSLContext.getInstance("Default");
        }
        return defaultContext;
    }

The default context does not get created again after that even if i modify the Security settings.

This should only happen when SSL is actually used for the first time.
@jansupol
Copy link
Contributor

jansupol commented Apr 6, 2021

This seems to go right against #4566.

@jansupol
Copy link
Contributor

jansupol commented Apr 6, 2021

We may use LazyValue that uses the double-checked-locking. The LazyValue ought to be better for the native image, too.

@jansupol jansupol mentioned this issue Apr 7, 2021
Merged
@jansupol jansupol linked a pull request Apr 7, 2021 that will close this issue
Lazy synchronized SSL Context initialization in the HttpUrlConnector #4764
Merged
@jansupol jansupol mentioned this issue Jul 27, 2021
Open
@dtbaum dtbaum mentioned this issue Oct 5, 2023
Merged
@jansupol jansupol mentioned this issue Nov 8, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Lazy synchronized SSL Context initialization in the HttpUrlConnector jansupol/jersey
2 participants
@bomgar @jansupol