[
https://issues.apache.org/jira/browse/GEODE-8349?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17157688#comment-17157688
]
ASF GitHub Bot commented on GEODE-8349:
---------------------------------------
bschuchardt commented on a change in pull request #5363:
URL: https://github.com/apache/geode/pull/5363#discussion_r454631595
##########
File path:
geode-core/src/main/java/org/apache/geode/internal/tcp/ClusterConnection.java
##########
@@ -1142,31 +1154,46 @@ private Connection(ConnectionTable t, boolean
preserveOrder, InternalDistributed
InetSocketAddress addr =
new InetSocketAddress(remoteID.getInetAddress(),
remoteID.getDirectChannelPort());
- SocketChannel channel = SocketChannel.open();
- owner.addConnectingSocket(channel.socket(), addr.getAddress());
-
- try {
- channel.socket().setTcpNoDelay(true);
- channel.socket().setKeepAlive(SocketCreator.ENABLE_TCP_KEEP_ALIVE);
+ int connectTime = getP2PConnectTimeout(conduit.getDM().getConfig());
+ boolean useSSL = getConduit().useSSL();
+ if (useSSL) {
+ int socketBufferSize =
+ sharedResource ? SMALL_BUFFER_SIZE :
this.owner.getConduit().tcpBufferSize;
+ socket = getConduit().getSocketCreator().forAdvancedUse().connect(
+ new HostAndPort(remoteID.getHostName(),
remoteID.getDirectChannelPort()),
+ 0, null, false, socketBufferSize, true);
+ setSocketBufferSize(this.socket, false, socketBufferSize, true);
Review comment:
I'll add a comment there. Performance degrades if you mess with that
buffer size in a SSLSocket, but we want to set the local buffer-size variable
for message streamers.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
> reinstate use of SSLSocket for cluster communication
> ----------------------------------------------------
>
> Key: GEODE-8349
> URL: https://issues.apache.org/jira/browse/GEODE-8349
> Project: Geode
> Issue Type: Bug
> Components: membership, messaging
> Reporter: Bruce J Schuchardt
> Assignee: Bruce J Schuchardt
> Priority: Major
>
> We've found problems with "new IO"'s SSLEngine with respect to support for
> TLSV1. We've also seen anomalous performance using that secure
> communications mechanism. The introduction of the use of the "new IO"
> SSLEngine was originally to 1) reduce code complexity in the
> org.apache.geode.internal.tcp package and 2) to set the stage for its use in
> client/server communications so that selectors could be used in c/s
> communications.
> This ticket aims to reintroduce the use of SSLSocket in cluster
> communications without restoring the old, poorly tested SSL code paths. The
> new implementation should have as good or better performance than the
> previous"old IO" implementation and the more recent "new IO" SSLEngine
> implementation as well. This should be apparent in the CI benchmark jobs.
>
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
