RE: Strange connection error

Mon, 14 Jun 2021 06:13:31 -0700 

Thanks for replies.  Everything is working for me now, and I have a bit more of 
an understanding of how this all works. :)

Mark Claassen
Senior Software Engineer

Donnell Systems, Inc.
130 South Main Street
Leighton Plaza Suite 375
South Bend, IN  46601
E-mail: mailto:mclaas...@ocie.net
Voice: (574)232-3784
Fax: (574)232-4014

Disclaimer:
The opinions provided herein do not necessarily state or reflect 
those of Donnell Systems, Inc.(DSI). DSI makes no warranty for and 
assumes no legal liability or responsibility for the posting. 
-----Original Message-----
From: Mark Thomas <ma...@apache.org> 
Sent: Friday, June 11, 2021 5:00 PM
To: users@tomcat.apache.org
Subject: Re: Strange connection error

On 11/06/2021 21:01, Mark A. Claassen wrote:
> RESOLVED.  (Sort of,  I have questions) I had to add a -TLSv1.3
>       protocols="all -SSLv3 -TLSv1 -TLSv1.3"
> 
> https://stackoverflow.com/questions/57601284/java-11-and-12-ssl-socket
> s-fail-on-a-handshake-failure-error-with-tlsv1-3-enable
> 
> Why does the version of Tomcat matter?  I thought OpenSSL was managing all 
> this.
> Where is the line between all them?

OpenSSL only does what it is told.

 From the 9.0.x changelog

9.0.13
...
Add TLS 1.3 support for the APR/Native connector and the NIO/NIO2 connector 
when using the OpenSSL backed JSSE implementation.
...

Mark



> 
> Thanks,
> 
> Mark Claassen
> Senior Software Engineer
> 
> Donnell Systems, Inc.
> 130 South Main Street
> Leighton Plaza Suite 375
> South Bend, IN  46601
> E-mail: mailto:mclaas...@ocie.net
> Voice: (574)232-3784
> Fax: (574)232-4014
>    
> -------------------------------------------
> Confidentiality Notice: OCIESERVICE
> -------------------------------------------
> The contents of this e-mail message and any attachments are intended solely 
> for the addressee(s) named in this message. This communication is intended to 
> be and to remain confidential. If you are not the intended recipient of this 
> message, or if this message has been addressed to you in error, please 
> immediately alert the sender by reply e-mail and then delete this message and 
> its attachments. Do not deliver, distribute, copy, disclose the contents or 
> take any action in reliance upon the information contained in the 
> communication or any attachments.
> 
> 
> -----Original Message-----
> From: Mark A. Claassen <mclaas...@ocie.net>
> Sent: Friday, June 11, 2021 3:42 PM
> To: Tomcat Users List <users@tomcat.apache.org>
> Subject: RE: Strange connection error
> 
> I have tried so many things, I am getting a bit confused. :)
> 
> The exception was probably using the NIO connector.  With the APR one I get:
> FINER: Destroying socket [140,404,292,849,904] java.lang.Exception
>          at 
> org.apache.tomcat.util.net.AprEndpoint.destroySocketInternal(AprEndpoint.java:750)
>          at 
> org.apache.tomcat.util.net.AprEndpoint.access$200(AprEndpoint.java:80)
>          at org.apache.tomcat.util.net.AprEndpoint$P
> 
> Mark Claassen
> Senior Software Engineer
> 
> Donnell Systems, Inc.
> 130 South Main Street
> Leighton Plaza Suite 375
> South Bend, IN  46601
> E-mail: mailto:mclaas...@ocie.net
> Voice: (574)232-3784
> Fax: (574)232-4014
>    
> -------------------------------------------
> Confidentiality Notice: OCIESERVICE
> -------------------------------------------
> The contents of this e-mail message and any attachments are intended solely 
> for the addressee(s) named in this message. This communication is intended to 
> be and to remain confidential. If you are not the intended recipient of this 
> message, or if this message has been addressed to you in error, please 
> immediately alert the sender by reply e-mail and then delete this message and 
> its attachments. Do not deliver, distribute, copy, disclose the contents or 
> take any action in reliance upon the information contained in the 
> communication or any attachments.
> 
> 
> -----Original Message-----
> From: Mark A. Claassen <mclaas...@ocie.net>
> Sent: Friday, June 11, 2021 3:27 PM
> To: Tomcat Users List <users@tomcat.apache.org>
> Subject: Re: Strange connection error
> 
> I turned all the logging to .FINEST, re-enabled the HTTP APR connector (which 
> produces the odd access log entry) and got this exception.  Now, I just need 
> to figure out what caused this.
> 
> java.io.EOFException
>          at 
> org.apache.tomcat.util.net.NioEndpoint$NioSocketWrapper.fillReadBuffer(NioEndpoint.java:1345)
>          at 
> org.apache.tomcat.util.net.NioEndpoint$NioSocketWrapper.read(NioEndpoint.java:1255)
>          at 
> org.apache.coyote.http11.Http11InputBuffer.fill(Http11InputBuffer.java:799)
>          at 
> org.apache.coyote.http11.Http11InputBuffer.parseRequestLine(Http11InputBuffer.java:359)
>          at 
> org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:261)
>          at 
> org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
>          at 
> org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:893)
>          at 
> org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1707)
>          at 
> org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
>          at 
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
>          at 
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
>          at 
> org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
>          at java.lang.Thread.run(Thread.java:748)
> 
> 
> Also, I am not sure why OpenSSL is complaining about the keys when it did not 
> with the earlier version of Tomcat?
> 
> Jun 11, 2021 3:13:34 PM 
> org.apache.tomcat.util.net.openssl.OpenSSLEngine getLastError
> FINE: OpenSSL error: [336462231] message: [error:140E0197:SSL 
> routines:SSL_shutdown:shutdown while in init] Jun 11, 2021 3:13:34 PM 
> org.apache.tomcat.util.net.openssl.OpenSSLEngine getLastError
> FINE: OpenSSL error: [337604709] message: [error:141F7065:SSL 
> routines:final_key_share:no suitable key share]
> 
> 
> Mark Claassen
> Senior Software Engineer
> 
> Donnell Systems, Inc.
> 130 South Main Street
> Leighton Plaza Suite 375
> South Bend, IN  46601
> E-mail: mailto:mclaas...@ocie.net
> Voice: (574)232-3784
> Fax: (574)232-4014
>    
> -------------------------------------------
> Confidentiality Notice: OCIESERVICE
> -------------------------------------------
> The contents of this e-mail message and any attachments are intended solely 
> for the addressee(s) named in this message. This communication is intended to 
> be and to remain confidential. If you are not the intended recipient of this 
> message, or if this message has been addressed to you in error, please 
> immediately alert the sender by reply e-mail and then delete this message and 
> its attachments. Do not deliver, distribute, copy, disclose the contents or 
> take any action in reliance upon the information contained in the 
> communication or any attachments.
> 
> 
> -----Original Message-----
> From: calder <calder....@gmail.com>
> Sent: Thursday, June 10, 2021 7:36 PM
> To: Tomcat Users List <users@tomcat.apache.org>
> Subject: [Possible Spam] Re: Strange connection error
> Importance: Low
> 
> On Thu, Jun 10, 2021, 15:11 Mark A. Claassen <mclaas...@ocie.net> wrote:
> 
> 
>> Anyway, I will do some research on the debugging technique mentioned 
>> earlier.
>>
> 
> 
> https://support.f5.com/csp/article/K50557518
> 
>>
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
> 
> B KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKCB  
> [  X  ܚX KK[XZ[
>   \ \  ][  X  ܚX P X ]
>   \X K ܙ B  ܈Y][ۘ[  [X[  K[XZ[
>   \ \  Z[ X ]
>   \X K ܙ B
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Reply via email to