Fix server trying to close the SSLsession in a loop #38
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Purpose
After the HTTPS response is written back to the client, the server tries to close the connection and the SSLIOSession. Prior to JDK 8 261 versions (& Prior to Oracle JDK 11.0.2), after SSLIOSession closes the outBound connection, the Handshake status is returned as NEED_UNWRAP. When such status is returned, we set the new event Mask as Read EventMask. In the new JDK versions it is returned as NOT_HANDSHAKING. In such cases, the SSLSession is not getting closed properly, and the server is constantly trying to close the connection which causes the CPU spike. We debugged the JDK code, and we were able to find a commit, which might have caused this behaviour. With this JDK commit, TransportContext Handshake status is returned as NOT_HANDSHAKING even after closeOutbound() is called. (The issue is reproducible for both TLSv1.2 and TLSv1.3)
This issue can be reproduced for any HTTPS request if Connection Keep Alive is disabled (or Connection: close header is present).