You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@hc.apache.org by "Oleg Kalnichevski (Jira)" <ji...@apache.org> on 2021/09/03 11:50:00 UTC

[jira] [Commented] (HTTPCLIENT-2173) Connection is unexpectedly closed with http1.1, TLS, old nginx

    [ https://issues.apache.org/jira/browse/HTTPCLIENT-2173?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17409463#comment-17409463 ] 

Oleg Kalnichevski commented on HTTPCLIENT-2173:
-----------------------------------------------

[~horyukova] While looking into your report I found out that all versions of HttpCore 5.x were not correctly terminating message exchanges with an entity enclosing request and an identity transfer encoded response. I also added more integration tests for various message exchages with an identity transfer encoded response.

This commit _may_ or _may not_ fix your particular issue but I would really appreciate if could you upgrade to this HttpCore snapshot [1], re-test your code locally and let me know the outcome. In the meantime I will be trying to deploy nginx to Docker and see if I can reproduce the defect in my environment.

Oleg

[1] https://github.com/apache/httpcomponents-core/tree/identity_te_bug_fix

> Connection is unexpectedly closed with http1.1, TLS, old nginx 
> ---------------------------------------------------------------
>
>                 Key: HTTPCLIENT-2173
>                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-2173
>             Project: HttpComponents HttpClient
>          Issue Type: Bug
>          Components: HttpClient (async)
>    Affects Versions: 5.0.4, 5.1
>         Environment: nginx version older 1.18.0
>            Reporter: Vitalina Komarova
>            Priority: Major
>             Fix For: 5.1.1, 5.2-alpha1
>
>         Attachments: broken_async_5_1.txt, broken_async_snapshot.txt, ok_async_without_body_5_1.txt, ok_sync_5_1.txt
>
>
> Hello.
> We use AsyncHttpClient from Apache HttpClient5 (version 5.1).
> We faced an error when connection is unexpectedly closed using TLS, forced HTTP/1.1, and nginx version older 1.18.0.
> In the log below the server responds with 200 OK and an empty body.
> We can see response headers but connection is prematurely closed.
> {code}
> [2021-08-16T20:22:50.950+03:00] … [headers] c-0000000000 << HTTP/1.1 200 OK
> [2021-08-16T20:22:50.950+03:00] … [headers] c-0000000000 << Server: nginx
> [2021-08-16T20:22:50.950+03:00] … [headers] c-0000000000 << Date: Mon, 16 Aug 2021 17:22:50 GMT
> [2021-08-16T20:22:50.951+03:00] … [headers] c-0000000000 << Content-Type: text/html; charset=UTF-8
> [2021-08-16T20:22:50.951+03:00] … [headers] c-0000000000 << Connection: close
> [2021-08-16T20:22:50.951+03:00] … [headers] c-0000000000 << Set-Cookie: <masked cookie>; expires=Sat, 21-Aug-2021 17:22:50 GMT; Max-Age=432000; path=/
> [2021-08-16T20:22:50.951+03:00] … [headers] c-0000000000 << Expires: Thu, 19 Nov 1981 08:52:00 GMT
> [2021-08-16T20:22:50.951+03:00] … [headers] c-0000000000 << Cache-Control: no-store, no-cache, must-revalidate
> [2021-08-16T20:22:50.951+03:00] … [headers] c-0000000000 << Pragma: no-cache
> [2021-08-16T20:22:50.954+03:00] … [HttpAsyncMainClientExec] ex-0000000001 consume response HTTP/1.1 200 OK, entity len -9223372036854775807
> [2021-08-16T20:22:50.967+03:00] … [HttpAsyncMainClientExec] ex-0000000001 execution failed: Connection is closed
> [2021-08-16T20:22:50.968+03:00] … [InternalAbstractHttpAsyncClient] ex-0000000001 request failed: Connection is closed
> [2021-08-16T20:22:50.968+03:00] … [PoolingAsyncClientConnectionManager] ep-0000000000 close IMMEDIATE
> [2021-08-16T20:22:50.968+03:00] … [DefaultManagedAsyncClientConnection] c-0000000000 Shutdown connection IMMEDIATE
> {code}
>  
> That happens with the almost default configuration of the HTTP client (only versionPolicy and tlsStrategy are configured). 
> To reproduce such behavior all of these conditions must be met:
> 1) Server must be accessed via nginx version older 1.18.0 (I tested 1.16.1 and 1.18.0);
> 2) A request contains a body;
> 3) A response doesn't contain "Content-Length" header;
> 4) TLS is used.
> 5) HTTP/1.1 is used.
>  
> I think there is a bug. We've tried httpclient5 (classic, version 5.1) and AsyncHttpClient (Netty based). Both of them work correctly.
>  



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org