Java 10 - OK
Java 11 Oracle or Adopt - Fail
Chrome, Edge - OK
Firefox 60, Internet explorer 11 - Fail
Server is in our test environment on Linux. When I tryed to reproduce
this bug on my computer (Windows 10), bug did not occure. On our test
environment it occures irregularly, a few tests pass and then a test fail.
We will try update Linux on the server and use new tomcat 9.0.17.
Do you know, why request in tomcat contains two packets together?:
javax.net.ssl|DEBUG|34|https-jsse-nio-8444-exec-1|2019-03-18
15:40:31.201 CET|SSLEngineInputRecord.java:177|Raw read (
0000: 17 03 03 01 AB 00 00 00 00 00 00 00 01 19 58 D0 ..............X.
0010: 9C F7 ..... encrypted application data
...
01A0: 95 E4 79 AF B8 5C CE C2 36 CB 95 F3 34 FE D3 23 ..y..\..6...4..#
01B0: 14 03 03 00 01 01 16 03 .... Change cipher spec
...
)
When it is separated to two requests, all is ok, but when it is in one
request, error occures.
Jan
Dne 19.03.2019 v 13:26 Mark Thomas napsal(a):
Thanks for all that data.
Very strange. It is as if the server picks the wrong key to decrypt with.
Given you can reproduce this, I suggest trying different versions of
Java on the server to see if you can determine a pattern.
Also, if you are able to provide a test case that reliably
demonstrates this bug, that would be extremely helpful too.
Mark
On 19/03/2019 09:25, Jan Vomlel wrote:
Hello Mark,
communication is on
https://drive.google.com/open?id=12ZqbgKkHzGKzXk19ssIcJMX6iQBUE4fQ
file 18-03-2019-3-filtered-one-connection.pcapng
There is also full communication log from wireshark and catalina.out.
Critical packet contains data:
17 03 03 01 AB 00 00 00 00 00 00 00 01 19 58 D0
In wireshark it is followed by Change cipher spec, in catalina out
are this packets together in one request. Client was firefox 60.5.2esr.
Thanks, Jan
Dne 18.03.2019 v 12:08 Mark Thomas napsal(a):
On 18/03/2019 10:49, Jan Vomlel wrote:
Thank you Mark. I enabled the logger org.apache.coyote.http11.
I cannot paste line
org.apache.coyote.http11.Http11InputBuffer.parseRequestLine here,
because it contains not printable characters and copy paste doesnot
work.
It seems like bug in tomcat or jdk. ???
The client appears to be sending some unexpected binary data.
It could be something TLS related although I'd expect JSSE to just
handle that.
It could be part of a previous request but that would mean a
mis-behaving client.
Wireshark (or similar) should give us some more info.
Can you capture a Wireshark trace of a connection that fails like
this from the initial TCP handshake all the way to the point where
it fails? If you can put that somewhere we can get it and look at it
we might see something relevant. Note you can filter the data just
for the one connection. We shouldn't need anything else.
Thanks,
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
