Could zero packet length make IE go crazy?

Thu, 9 Sep 1999 17:26:58 -0700 

Hi,
We have a openssl_0.9.4 + Apache_1.3.6, on Solaris 2.6.

a.from http--->https goes okay. (a purchase for to fill)
b.fillout for and press enter---> 
(Internet explorer cannot open internet site http://xxx.xxx.xxx/login 
The server returned an invalid or unrecognizable response)
c.click on continue, resend the form again, and everything is good.

We didn't see anything on the server log, so I was thinking this is
on a low level. First I did a tcpdump on the serverside. The log seems
like apache+ssl sends out a couple packets with zero-size (only the
header), and then the brower replies, and server sends some packets
with zero-size again, and browser freaked out.

Browser used is IE4.0/x86, (Netscape doesn't have this problem). 
IE 5.0/X86 gives another errormessage:
(Cannot find server or DNS error)

Thanks for help. (Clients are using a lot of IE.....)

The tcpdump record after submitting the form: (8 packets ssl)

=======================begin tcpdump=============================
13:19:53.720257 mtlweb02 > montreal.sitepak.com: icmp: echo reply (DF)
                         4500 0054 18bf 4000 ff01 f876 d13a 5322
                         cdcd 7848 0000 9962 fbb0 0000 38ec d737
                         6fc5 0000 0809 0a0b 0c0d 0e0f 1011 1213
                         1415 1617 1819
13:19:54.875067 montreal.sitepak.com.64384 > gallimardmontreal.com.443: P
1572:
                         4500 0290 0ba7 4000 7406 8e4a cdcd 7848
                         d13a 5326 fb80 01bb 5860 9b51 3197 2597
                         5018 2091 1f93 0000 1703 0002 6322 0d20
                         4dbe 22bf 2492
13:19:54.875149 montreal.sitepak.com.64384 > gallimardmontreal.com.443: F
2188:
                         4500 0028 0ca7 4000 7406 8fb2 cdcd 7848
                         d13a 5326 fb80 01bb 5860 9db9 3197 2597
                         5011 2091 da47 0000 0000 0000 0000
13:19:54.875182 gallimardmontreal.com.443 > montreal.sitepak.com.64384: R
83198
                         4500 0028 18c0 4000 ff06 f898 d13a 5326
                         cdcd 7848 01bb fb80 3197 2597 0000 0000
                         5004 2238 cec7 0000
13:19:54.875195 gallimardmontreal.com.443 > montreal.sitepak.com.64384: R
83198
                         4500 0028 18c1 4000 7406 8398 d13a 5326
                         cdcd 7848 01bb fb80 3197 2597 0000 0000
                         5004 0000 f0ff 0000
13:19:54.878730 montreal.sitepak.com.64394 > gallimardmontreal.com.443: P
688:1
                         4500 0290 0da7 4000 7406 8c4a cdcd 7848
                         d13a 5326 fb8a 01bb 5860 a964 31a1 4d33
                         5018 1cfb 8fcd 0000 1703 0002 638f be78
                         e013 9fa4 7282
13:19:54.878760 gallimardmontreal.com.443 > montreal.sitepak.com.64394: R
83265
                         4500 0028 18c2 4000 ff06 f896 d13a 5326
                         cdcd 7848 01bb fb8a 31a1 4d33 0000 0000
                         5004 2238 a717 0000
13:19:54.878882 montreal.sitepak.com.64394 > gallimardmontreal.com.443: F
1304:
                         4500 0028 0ea7 4000 7406 8db2 cdcd 7848
                         d13a 5326 fb8a 01bb 5860 abcc 31a1 4d33
                         5011 1cfb a81a 0000 0000 0000 0000
13:19:54.878907 gallimardmontreal.com.443 > montreal.sitepak.com.64394: R
83265
                         4500 0028 18c3 4000 7406 8396 d13a 5326
                         cdcd 7848 01bb fb8a 31a1 4d33 0000 0000
                         5004 0000 c94f 0000
13:19:55.869180 montreal.sitepak.com.64430 > mtlweb02.domain: 33675+ (38)
                         4500 0042 b789 0000 3411 64af cdcd 7848
                         d13a 5322 fbae 0035 002e f892 838b 0100
                         0001 0000 0000 0000 086d 746c 7765 6230
                         3207 7369 7465
==================================end tcpdump===========================

We name it pack1 through packet10, with packet2 through packet9 as
the ssl transfer.

packet2:        some data goes to ssl/apache server. Is that length 0x0290
                bytes? 
packet3:        the packet langth is 0x0028 (40 bytes) in header, but there
                are actually 6 extra bytes trailing. Weirdo. This from
                IE to server
packet4:        server returns a packet of zero-byte body. (packet length
                0x0028, is just the header length)
packet5:        server sends another packet of zero-length to browser.
packet6:        browser sends out some data again. Length 0x0290.
packet7:        server sends out another zero-length packet.
packet8:        browser sends out another thing that's like packet3.
packet9:        server sends back something. 
(At this point browser said:
(Internet explorer cannot open internet site http://xxx.xxx.xxx/login
The server returned an invalid or unrecognizable response)


 
Shuo Lin
Sitepak: nouvelle vision Internet pour l'entreprise
http://www.sitepak.com

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to