https://kotlinlang.org logo
#ktor
Title
# ktor
a

albrechtroehm

07/11/2022, 11:33 AM
Hey everyone, I’m struggling with SSL and the ktor client. For some reason when i try to do a GET request with an HttpClient(CIO) i receive a
Failed to parse HTTP response: unexpected EOF
. After searching for a while I stumbled upon a java example where they were using this command:
System.setProperty("jdk.tls.maxHandshakeMessageSize", "65536")
. It did not change a thing when using HttpClient(CIO) but with HttpClient(Apache) the call is going through just fine now. Is there some other way to change the message size for CIO or should i just stick with the Apache engine?
a

Aleksei Tirman [JB]

07/11/2022, 4:30 PM
Could you please share a code snippet to reproduce this problem?
a

albrechtroehm

07/11/2022, 5:03 PM
Copy code
@Nested
inner class TestEngines {

    @Test
    fun `Get on apache`() {
        runBlocking {
            val apacheClient = HttpClient(Apache) {
                engine {
                    sslContext = SslSettings.getSSLContext(env.tlsKeyFile, env.tlsKeyPassword)
                }
            }
            // System.setProperty("jdk.tls.maxHandshakeMessageSize", "65536")
            val response = apacheClient.get(Url(host + endpoint))
            println(response)
        }
        
        // Error without setting "jdk.tls.maxHandshakeMessageSize": 
        // Caused by: javax.net.ssl.SSLProtocolException: The size of the handshake message (37509) exceeds the maximum allowed size (32768)
        // at java.base/sun.security.ssl.SSLEngineInputRecord.decodeInputRecord(SSLEngineInputRecord.java:301)
        // at java.base/sun.security.ssl.SSLEngineInputRecord.decode(SSLEngineInputRecord.java:197)
        // at java.base/sun.security.ssl.SSLEngineInputRecord.decode(SSLEngineInputRecord.java:160)
    }

    @Test
    fun `Get on CIO`() {
        runBlocking {
            val cioClient = HttpClient(CIO) {
                engine {
                    https {
                        addKeyStore(SslSettings.getKeyStore(env.tlsKeyFile, env.tlsKeyPassword), env.tlsKeyPassword.toCharArray())
                        trustManager = SslSettings.DummyTrustManager()
                        // }
                    }
                }
            }
            val response = cioClient.get(Url(host + endpoint))
            println(response)
        }

        // ERROR :
        // Failed to parse HTTP response: unexpected EOF
        // java.io.EOFException: Failed to parse HTTP response: unexpected EOF
        // at io.ktor.client.engine.cio.UtilsKt$readResponse$2.invokeSuspend(utils.kt:132)
        // (Coroutine boundary)
        // at io.ktor.client.engine.HttpClientEngine$DefaultImpls.executeWithinCallContext(HttpClientEngine.kt:100)
        // at io.ktor.client.engine.HttpClientEngine$install$1.invokeSuspend(HttpClientEngine.kt:70)
        // at io.ktor.client.plugins.HttpSend$DefaultSender.execute(HttpSend.kt:138)
    }
}
I’m sorry but i cannot provide a full example at the moment, without sharing keys and so on. I will see if i can reproduce it somehow with an open api. Only the error message from the Apache engine got me to try out setting this property before doing the call. I had no clue where to look at with only the error from the CIO-engine.
I guess this will always happen if the server respond with a handshake message that is bigger then the default. Does anyone maybe know how to change the size for CIO?
91 Views