1052821 – Unnecessary DNS lookup when accessing web console with https

Bug 1052821 - Unnecessary DNS lookup when accessing web console with https

Summary: Unnecessary DNS lookup when accessing web console with https

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	JBoss Enterprise Application Platform 6
Classification:	JBoss
Component:	Domain Management
Sub Component:
Version:	6.2.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	urgent
Severity:	urgent
Target Milestone:	DR4
Target Release:	EAP 6.4.0
Assignee:	Darran Lofthouse
QA Contact:	Petr Kremensky
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	1148532 1151621
TreeView+	depends on / blocked

Reported:	2014-01-14 06:35 UTC by Hisanobu Okuda
Modified:	2019-08-19 12:41 UTC (History)
CC List:	3 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:	If a client connects to the server and the SSL session is initiated there is an attempt to resolve the clients host name. If the clients name is an address this involves a DNS look up to attempt to discover the name. This caused performance hit on every connection from a remote client while the DNS lookup is performed, in addition to this if the DNS server is unavailable this can introduce a long delay. This issue has ben fixed in JBoss EAP 6.4. A DNS lookup is now eliminated on the server when a client attempts to connect and establish a SSL session.
Clone Of:
Clones:	1151621 (view as bug list)
Environment:
Last Closed:
Type:	Bug
Embargoed:

Attachments	(Terms of Use)

Description Hisanobu Okuda 2014-01-14 06:35:36 UTC

Description of problem:
Accessing web console in EAP6 via https is very slow when DNS is down.

It is caused by getHostName() in httpserver-1.0.1.Final-redhat-3-sources/org/jboss/sun/net/httpserver/SSLStreams.java:-

73:        engine = sslctx.createSSLEngine (addr.getHostName(), addr.getPort());

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1. configure https for <http-interface security-realm="ManagementRealm">
2. kill DNS server
3. access https://localhost:9443

Actual results:


Expected results:


Additional info:

Comment 1 Hisanobu Okuda 2014-02-14 01:23:25 UTC

No need to resolve a hostname. The below is enough:-

73:        engine = sslctx.createSSLEngine (addr.getHostAddress(), addr.getPort());

Comment 4 Petr Kremensky 2014-11-14 06:23:37 UTC

The fix is present in EAP 6.4.0.DR9 codebase.

Note You need to log in before you can comment on or make changes to this bug.