-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Brian,
On 9/10/20 13:13, Brian Harris wrote:
> We’re having an issue when upgrading Tomcat from 8.5.50 to 8.5.51.
> Since moving to this version, requests sent to the http port are
> failing with a 400 error code(bad request). The server.xml is
> configured to redirect the http port to the https port. This has
> worked for years and did not start failing until the upgrade.
> Below is the connector config and the java class used to send a
> test transaction to the server.
>
> I’ve searched the change log and the only change I can see that
> might cause this is the Bug fix for bug 63966 – Charset of TLS
> message is hard coded to ISO-8859-1. This bug fix was introduced
> into 8.5.51. The reason I believe this might be the reason is when
> we would send this request to tomcat 8.5.50 the reply Content-Type
> would look like this:
>
>
>
> Content-Type: text/plain;charset=ISO-8859-1
>
>
>
> With tomcat 8.5.51, I get this:
>
> Content-Type: text/html;charset=utf-8
>
>
>
> Any ideas why I’m getting the 400 error when upgrading to 8.5.51
> and beyond ?
>
>
>
> Connector config:
>
>
>
> <Connector port="5555" protocol="HTTP/1.1"
>
> connectionTimeout="20000"
>
> redirectPort="7777"
>
> />
>
>
>
> <Connector port="7777" protocol="HTTP/1.1" SSLEnabled="true"
>
> scheme="https" secure="true"
> ciphers="TLS_DHE_DSS_WITH_AES_128_GCM_SHA256,TLS_DHE_DSS_WITH_AES_256_
GCM_SHA384,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_256_
GCM_SHA384,TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_ECDSA_WITH_AE
S_256_GCM_SHA384,TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_RSA_WITH_
AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECD
SA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECD
HE_RSA_WITH_AES_256_GCM_SHA384"
>
> clientAuth="false" sslProtocol="TLS"
> sslEnabledProtocols="TLSv1.2"
>
> keyAlias="myKey"
>
> keystore="NONE"
>
> keystorePass="password"
>
> keystoreType="PKCS11"
>
> keystoreProvider="myprovider"
>
> enableLookups="false"
>
> server="server"
>
> "/>
>
>
>
>
>
> Java class used to send the test transaction:
>
>
>
> package com.testing;
>
>
>
> import java.io.*;
>
> import java.net.*;
>
> import java.util.Date;
>
> import java.text.DateFormat;
>
> import java.text.SimpleDateFormat;
>
>
>
> public class RunTestTran{
>
>
>
> public RunTestTran() {
>
> }
>
>
>
> public static void main(String [] args){
>
> RunTestTran recordProcessorTest = new RunTestTran();
>
> recordProcessorTest.runTran("localhost", 5555,
> "/requestProcessor/rp");
>
> }
>
>
>
> private void runTran(String ip, int port, String appName){
>
> Socket socket = null;
>
> PrintWriter out = null;
>
> BufferedReader in = null;
>
> String dataToSend = "";
>
>
>
> //Create socket connection
>
> try {
>
> socket = new Socket(ip, port);
>
> out = new PrintWriter(socket.getOutputStream(), true);
>
> in = new BufferedReader(new
> InputStreamReader(socket.getInputStream()));
>
> } catch (Exception e) {
>
> System.out.println("Exception:" + e.toString() );
>
> System.exit(1);
>
> }
>
>
>
> DateFormat dateFormat = new SimpleDateFormat("MMddHHmmsss");
>
> //get current date time with Date() to create a 11 digit tran id
>
> Date date = new Date();
>
> String tranId = dateFormat.format(date);
>
> String PRIMER_TRAN = " V " + tranId + "9999999999000000000JANE
> DOE 100 Redwood Shores Pkwy Redwood City
> CA94065000000000000000 PRIMER TRAN";
>
>
>
>
>
> try{
>
> dataToSend = URLEncoder.encode("inputRecord", "UTF-8") + "=" +
> URLEncoder.encode(PRIMER_TRAN, "UTF-8");
>
>
>
> }catch(Exception e){
>
> System.out.println("Exception caught!" + e.toString());
>
> }
>
> // send message
>
> StringBuffer sb = new StringBuffer();
>
> sb.append("POST /" + appName + "/wrp HTTP/1.1\r\n");
>
> // Try connection close-- see if it does close
>
> sb.append("Connection: close\r\n");
>
> sb.append("Accept: image/gif, image/x-xbitmap, image/jpeg,
> image/pjpeg, application/vnd.ms-powerpoint,
> application/vnd.ms-excel, application/msword\n");
>
> sb.append("Accept-Language: en-us\n");
>
> sb.append("Accept-Encoding: gzip, deflate\n");
>
> sb.append("User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows
> NT 5.0)\n");
>
> // Authorization
>
> sb.append("Authorization: Basic DK34a3RvbWVydGVzddkK7WCx\n");
>
> sb.append("Host: " + ip + ":" + port + "\n");
>
> sb.append("Content-Length: " + dataToSend.length() + "\r\n");
>
> sb.append("Content-Type: application/x-www-form-urlencoded\r\n");
>
> sb.append("\r\n");
>
> sb.append(dataToSend);
>
> // Send data
>
> String text = sb.toString();
>
> out.println(text);
>
>
>
> System.out.println("\nText sent " + text.length() + " bytes:");
>
> System.out.println(text + "\n\n");
>
>
>
> try{
>
> String gotBack1 = in.readLine();
>
> System.out.println("Text received:" + gotBack1 );
>
> String gotBack = null;
>
> while ( (gotBack = in.readLine()) != null){
>
> System.out.println("Text received:" + gotBack );
>
> if ( (gotBack.indexOf("TQ!") != -1)){
>
> break;
>
> }
>
> }
>
> } catch (Exception e){
>
> System.out.println("Read failed! " + e.toString());
>
> System.exit(1);
>
> }
>
> } }
Half your headers have \n line-terminators rather than \r\n
line-terminators. Is that intentional? It's certianly not /legal/.
- -chris
-----BEGIN PGP SIGNATURE-----
Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/
iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAl9ah2sACgkQHPApP6U8
pFit/g/9FyJb2JlIDsBGZLO3pYl/Uqn62O32hWT92WuXNQ7mGObfikNC3KUxtMZV
0SjKWBc5Nfo4E6JJM502AQk5LGq/aWj/E0gGWBoJEcinkNkygFJr3e5NsOt4Czia
PzsvhUwKw/NGNN8jO8GgORR8/52yhsADBWWBmQKaEIxhSKBRrsf9KVjlAosBXcK1
fJ5rWLKMTTShMRChyS8YtklWjuQtGVmNu3+Z0/1H/gN7DUBJWBRu5w5NBEzmGufm
sdpzYUjVabdoywtIA03gjRPoamadfqFJ7SBU7PSaOKwtj1mamBfwmTTnsOH0I6QN
whqFP7v74vBC4IKG8Ixe+kP8Go3uujRdC9Pu6dpxOfLLOtU8bCIVNXsFeR7jJX+m
3DdhWsddDuo6oLgKAJHpJ6/hsTX7DCou4TP1OmFs9N2m67CdYQ3Ih2JKf0RNJ6Pr
ujMPCQSYYAM8QAsYRf58dXoX1I1hO79A0naSn2nMjBess+t9bAhClrg+A4QXVWGj
9HMvX2JFkFOXDM9vm+bqVZCAc/n0a3PcANpkoLbv/3IM3jbq8byaoaRqeGSxhZwd
os+rSxn3oUSrAy7KwMVk4z2DQAUejj8LnSSTXQJD+8eWxYNxy6d5c3O1xZkwDL9B
1auo35soCcAI4Rm7Fu8irg38loH4BtMOv5TQplHSt1ir9rfQbcU=
=iqK4
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
