Only try to match SSLException message when debug logging is enabled.

Motivation:

We only want to log for the particular case when debug logging is enabled so we not need to try to match the message if this is not the case.

Modifications:

Guard with logger.isDebugEnabled()

Result:

Less overhead when debug logging is not enabled.
This commit is contained in:
Norman Maurer 2017-12-05 15:27:57 +01:00
parent 2eddc921ce
commit ca1e1fcddf

View File

@ -1506,13 +1506,15 @@ public class SslHandler extends ByteToMessageDecoder implements ChannelOutboundH
try { try {
engine.closeInbound(); engine.closeInbound();
} catch (SSLException e) { } catch (SSLException e) {
// only log in debug mode as it most likely harmless and latest chrome still trigger if (logger.isDebugEnabled()) {
// this all the time. // only log in debug mode as it most likely harmless and latest chrome still trigger
// // this all the time.
// See https://github.com/netty/netty/issues/1340 //
String msg = e.getMessage(); // See https://github.com/netty/netty/issues/1340
if (msg == null || !msg.contains("possible truncation attack")) { String msg = e.getMessage();
logger.debug("{} SSLEngine.closeInbound() raised an exception.", ctx.channel(), e); if (msg == null || !msg.contains("possible truncation attack")) {
logger.debug("{} SSLEngine.closeInbound() raised an exception.", ctx.channel(), e);
}
} }
} }
} }