-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Brian,
On 9/10/20 13:13, Brian Harris wrote: > We’re having an issue when upgrading Tomcat from 8.5.50 to 8.5.51. > Since moving to this version, requests sent to the http port are > failing with a 400 error code(bad request). The server.xml is > configured to redirect the http port to the https port. This has > worked for years and did not start failing until the upgrade. > Below is the connector config and the java class used to send a > test transaction to the server. > > I’ve searched the change log and the only change I can see that > might cause this is the Bug fix for bug 63966 – Charset of TLS > message is hard coded to ISO-8859-1. This bug fix was introduced > into 8.5.51. The reason I believe this might be the reason is when > we would send this request to tomcat 8.5.50 the reply Content-Type > would look like this: > > > > Content-Type: text/plain;charset=ISO-8859-1 > > > > With tomcat 8.5.51, I get this: > > Content-Type: text/html;charset=utf-8 > > > > Any ideas why I’m getting the 400 error when upgrading to 8.5.51 > and beyond ? > > > > Connector config: > > > > <Connector port="5555" protocol="HTTP/1.1" > > connectionTimeout="20000" > > redirectPort="7777" > > /> > > > > <Connector port="7777" protocol="HTTP/1.1" SSLEnabled="true" > > scheme="https" secure="true" > ciphers="TLS_DHE_DSS_WITH_AES_128_GCM_SHA256,TLS_DHE_DSS_WITH_AES_256_ GCM_SHA384,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_256_ GCM_SHA384,TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_ECDSA_WITH_AE S_256_GCM_SHA384,TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_RSA_WITH_ AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECD SA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECD HE_RSA_WITH_AES_256_GCM_SHA384" > > clientAuth="false" sslProtocol="TLS" > sslEnabledProtocols="TLSv1.2" > > keyAlias="myKey" > > keystore="NONE" > > keystorePass="password" > > keystoreType="PKCS11" > > keystoreProvider="myprovider" > > enableLookups="false" > > server="server" > > "/> > > > > > > Java class used to send the test transaction: > > > > package com.testing; > > > > import java.io.*; > > import java.net.*; > > import java.util.Date; > > import java.text.DateFormat; > > import java.text.SimpleDateFormat; > > > > public class RunTestTran{ > > > > public RunTestTran() { > > } > > > > public static void main(String [] args){ > > RunTestTran recordProcessorTest = new RunTestTran(); > > recordProcessorTest.runTran("localhost", 5555, > "/requestProcessor/rp"); > > } > > > > private void runTran(String ip, int port, String appName){ > > Socket socket = null; > > PrintWriter out = null; > > BufferedReader in = null; > > String dataToSend = ""; > > > > //Create socket connection > > try { > > socket = new Socket(ip, port); > > out = new PrintWriter(socket.getOutputStream(), true); > > in = new BufferedReader(new > InputStreamReader(socket.getInputStream())); > > } catch (Exception e) { > > System.out.println("Exception:" + e.toString() ); > > System.exit(1); > > } > > > > DateFormat dateFormat = new SimpleDateFormat("MMddHHmmsss"); > > //get current date time with Date() to create a 11 digit tran id > > Date date = new Date(); > > String tranId = dateFormat.format(date); > > String PRIMER_TRAN = " V " + tranId + "9999999999000000000JANE > DOE 100 Redwood Shores Pkwy Redwood City > CA94065000000000000000 PRIMER TRAN"; > > > > > > try{ > > dataToSend = URLEncoder.encode("inputRecord", "UTF-8") + "=" + > URLEncoder.encode(PRIMER_TRAN, "UTF-8"); > > > > }catch(Exception e){ > > System.out.println("Exception caught!" + e.toString()); > > } > > // send message > > StringBuffer sb = new StringBuffer(); > > sb.append("POST /" + appName + "/wrp HTTP/1.1\r\n"); > > // Try connection close-- see if it does close > > sb.append("Connection: close\r\n"); > > sb.append("Accept: image/gif, image/x-xbitmap, image/jpeg, > image/pjpeg, application/vnd.ms-powerpoint, > application/vnd.ms-excel, application/msword\n"); > > sb.append("Accept-Language: en-us\n"); > > sb.append("Accept-Encoding: gzip, deflate\n"); > > sb.append("User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows > NT 5.0)\n"); > > // Authorization > > sb.append("Authorization: Basic DK34a3RvbWVydGVzddkK7WCx\n"); > > sb.append("Host: " + ip + ":" + port + "\n"); > > sb.append("Content-Length: " + dataToSend.length() + "\r\n"); > > sb.append("Content-Type: application/x-www-form-urlencoded\r\n"); > > sb.append("\r\n"); > > sb.append(dataToSend); > > // Send data > > String text = sb.toString(); > > out.println(text); > > > > System.out.println("\nText sent " + text.length() + " bytes:"); > > System.out.println(text + "\n\n"); > > > > try{ > > String gotBack1 = in.readLine(); > > System.out.println("Text received:" + gotBack1 ); > > String gotBack = null; > > while ( (gotBack = in.readLine()) != null){ > > System.out.println("Text received:" + gotBack ); > > if ( (gotBack.indexOf("TQ!") != -1)){ > > break; > > } > > } > > } catch (Exception e){ > > System.out.println("Read failed! " + e.toString()); > > System.exit(1); > > } > > } } Half your headers have \n line-terminators rather than \r\n line-terminators. Is that intentional? It's certianly not /legal/. - -chris -----BEGIN PGP SIGNATURE----- Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/ iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAl9ah2sACgkQHPApP6U8 pFit/g/9FyJb2JlIDsBGZLO3pYl/Uqn62O32hWT92WuXNQ7mGObfikNC3KUxtMZV 0SjKWBc5Nfo4E6JJM502AQk5LGq/aWj/E0gGWBoJEcinkNkygFJr3e5NsOt4Czia PzsvhUwKw/NGNN8jO8GgORR8/52yhsADBWWBmQKaEIxhSKBRrsf9KVjlAosBXcK1 fJ5rWLKMTTShMRChyS8YtklWjuQtGVmNu3+Z0/1H/gN7DUBJWBRu5w5NBEzmGufm sdpzYUjVabdoywtIA03gjRPoamadfqFJ7SBU7PSaOKwtj1mamBfwmTTnsOH0I6QN whqFP7v74vBC4IKG8Ixe+kP8Go3uujRdC9Pu6dpxOfLLOtU8bCIVNXsFeR7jJX+m 3DdhWsddDuo6oLgKAJHpJ6/hsTX7DCou4TP1OmFs9N2m67CdYQ3Ih2JKf0RNJ6Pr ujMPCQSYYAM8QAsYRf58dXoX1I1hO79A0naSn2nMjBess+t9bAhClrg+A4QXVWGj 9HMvX2JFkFOXDM9vm+bqVZCAc/n0a3PcANpkoLbv/3IM3jbq8byaoaRqeGSxhZwd os+rSxn3oUSrAy7KwMVk4z2DQAUejj8LnSSTXQJD+8eWxYNxy6d5c3O1xZkwDL9B 1auo35soCcAI4Rm7Fu8irg38loH4BtMOv5TQplHSt1ir9rfQbcU= =iqK4 -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org