[Bug 53281] Tomcat returns garbage data with HTTP/0.9 200 OK header when SSL port is accessed using http

[bugzilla]

https://issues.apache.org/bugzilla/show_bug.cgi?id=53281

--- Comment #17 from saurabh <saurabhsul...@yahoo.co.in> ---
(In reply to Konstantin Preißer from comment #14)
> (In reply to saurabh from comment #12)
> > Created attachment 30912 [details]
> > HTTP 0.9 response from the server
> > 
> > I tried the identical steps that have been provided and the browser receives
> > garbage value with HTTP/0.9 response. I've attached the Live HTTP headers
> > capture of the same.
> 
> Just because some Browser Add-on reports a "HTTP/0.9 200 OK" response it
> doesn't necessarily mean that this is what Tomcat is actually sending
> (otherwise you should have seen that response when you are connecting with
> telnet.
> 
> My guess would be that the add-on (or even the browser) is trying to
> interpret SSL bytes as plain HTTP response, and because it fails, displayes
> some "HTTP/0.9" response.
> 
> I verified this by setting up Tomcat 6.0.37 with a SSL connector using JSSE,
> and downloadeding the Live HTTP headers addon for Firefox. I use a tool to
> intercept the TCP connections and record the exact data packets that were
> sent.
> 
> I then opened the URL "http://localhost:8443/"; with Firefox. This is what
> was sent from Firefox to Tomcat (309 bytes):
> 
> 47 45 54 20 2F 20 48 54 54 50 2F 31 2E 31 0D 0A   GET / HTTP/1.1..
> 48 6F 73 74 3A 20 6C 6F 63 61 6C 68 6F 73 74 3A   Host: localhost:
> 38 34 34 33 0D 0A 55 73 65 72 2D 41 67 65 6E 74   8443..User-Agent
> 3A 20 4D 6F 7A 69 6C 6C 61 2F 35 2E 30 20 28 57   : Mozilla/5.0 (W
> 69 6E 64 6F 77 73 20 4E 54 20 36 2E 33 3B 20 57   indows NT 6.3; W
> 4F 57 36 34 3B 20 72 76 3A 32 34 2E 30 29 20 47   OW64; rv:24.0) G
> 65 63 6B 6F 2F 32 30 31 30 30 31 30 31 20 46 69   ecko/20100101 Fi
> 72 65 66 6F 78 2F 32 34 2E 30 0D 0A 41 63 63 65   refox/24.0..Acce
> 70 74 3A 20 74 65 78 74 2F 68 74 6D 6C 2C 61 70   pt: text/html,ap
> 70 6C 69 63 61 74 69 6F 6E 2F 78 68 74 6D 6C 2B   plication/xhtml+
> 78 6D 6C 2C 61 70 70 6C 69 63 61 74 69 6F 6E 2F   xml,application/
> 78 6D 6C 3B 71 3D 30 2E 39 2C 2A 2F 2A 3B 71 3D   xml;q=0.9,*/*;q=
> 30 2E 38 0D 0A 41 63 63 65 70 74 2D 4C 61 6E 67   0.8..Accept-Lang
> 75 61 67 65 3A 20 64 65 2D 64 65 2C 64 65 3B 71   uage: de-de,de;q
> 3D 30 2E 38 2C 65 6E 2D 75 73 3B 71 3D 30 2E 35   =0.8,en-us;q=0.5
> 2C 65 6E 3B 71 3D 30 2E 33 0D 0A 41 63 63 65 70   ,en;q=0.3..Accep
> 74 2D 45 6E 63 6F 64 69 6E 67 3A 20 67 7A 69 70   t-Encoding: gzip
> 2C 20 64 65 66 6C 61 74 65 0D 0A 43 6F 6E 6E 65   , deflate..Conne
> 63 74 69 6F 6E 3A 20 6B 65 65 70 2D 61 6C 69 76   ction: keep-aliv
> 65 0D 0A 0D 0A                                    e....
> 
> 
> This is what Tomcat responded (7 bytes):
> 15 03 01 00 02 02 0A                              .......
> (Connection closed)
> 
> 
> This is what Live HTTP headers reported:
> 
> http://localhost:8443/
> 
> GET / HTTP/1.1
> Host: localhost:8443
> User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:24.0) Gecko/20100101
> Firefox/24.0
> Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
> Accept-Language: de-de,de;q=0.8,en-us;q=0.5,en;q=0.3
> Accept-Encoding: gzip, deflate
> Connection: keep-alive
> 
> HTTP/0.9 200 OK
> ----------------------------------------------------------
> 
> 
> As you can see, Tomcat didn't returin anything like "HTTP/0.9 200 OK" plain
> text in its SSL response although Live HTTP Headers reports this. Instead it
> sends some some SSL reply (though I do not have examined what kind of reply
> it is), since actually you are sending some garbage to a SSL connector here.
> 
> If Tomcat could be enhanced to recognize a erroneously sent plain HTTP
> request to a HTTPS/SSL connector (like HTTPD does) is another question.

I tried to figure out the SSL bytes --> 15 03 01 00 02 02 0A using the
following link:

http://pic.dhe.ibm.com/infocenter/tpfhelp/current/index.jsp?topic=%2Fcom.ibm.ztpf-ztpfdf.doc_put.cur%2Fgtps5%2Fs5rcd.html

This is what I think those bytes mean:

0x15 --> SSL3_RT_ALERT
0x03 0x01 --> TLS1_VERSION
0x00 0x02 --> Length of data in the record (excluding the header itself)
0x02 --> SSL3_MT_SERVER_HELLO or SSL3_AL_FATAL
0x0A --> SSL3_AD_UNEXPECTED_MESSAGE

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org