You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@hc.apache.org by "ASF subversion and git services (Jira)" <ji...@apache.org> on 2021/09/04 08:51:00 UTC
[jira] [Commented] (HTTPCORE-684) Connection is unexpectedly closed
with http1.1, TLS, old nginx
[ https://issues.apache.org/jira/browse/HTTPCORE-684?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17409906#comment-17409906 ]
ASF subversion and git services commented on HTTPCORE-684:
----------------------------------------------------------
Commit 4bc58d4df935d43c5171d4c5174a180f2e78a739 in httpcomponents-core's branch refs/heads/HTTPCORE-684 from Oleg Kalnichevski
[ https://gitbox.apache.org/repos/asf?p=httpcomponents-core.git;h=4bc58d4 ]
HTTPCORE-684: async SSL i/o session fails to propagate end-of-stream events to the protocol handler. This can cause a failure in handling of identity transfer encoded HTTP/1.1 response messages
> Connection is unexpectedly closed with http1.1, TLS, old nginx
> ---------------------------------------------------------------
>
> Key: HTTPCORE-684
> URL: https://issues.apache.org/jira/browse/HTTPCORE-684
> Project: HttpComponents HttpCore
> Issue Type: Bug
> Affects Versions: 5.0.3, 5.1.1
> Environment: nginx version older 1.18.0
> Reporter: Vitalina Komarova
> Priority: Major
> Fix For: 5.1.2, 5.2-alpha1
>
> Attachments: broken_async_5_1.txt, broken_async_snapshot.txt, ok_async_without_body_5_1.txt, ok_sync_5_1.txt
>
>
> Hello.
> We use AsyncHttpClient from Apache HttpClient5 (version 5.1).
> We faced an error when connection is unexpectedly closed using TLS, forced HTTP/1.1, and nginx version older 1.18.0.
> In the log below the server responds with 200 OK and an empty body.
> We can see response headers but connection is prematurely closed.
> {code}
> [2021-08-16T20:22:50.950+03:00] … [headers] c-0000000000 << HTTP/1.1 200 OK
> [2021-08-16T20:22:50.950+03:00] … [headers] c-0000000000 << Server: nginx
> [2021-08-16T20:22:50.950+03:00] … [headers] c-0000000000 << Date: Mon, 16 Aug 2021 17:22:50 GMT
> [2021-08-16T20:22:50.951+03:00] … [headers] c-0000000000 << Content-Type: text/html; charset=UTF-8
> [2021-08-16T20:22:50.951+03:00] … [headers] c-0000000000 << Connection: close
> [2021-08-16T20:22:50.951+03:00] … [headers] c-0000000000 << Set-Cookie: <masked cookie>; expires=Sat, 21-Aug-2021 17:22:50 GMT; Max-Age=432000; path=/
> [2021-08-16T20:22:50.951+03:00] … [headers] c-0000000000 << Expires: Thu, 19 Nov 1981 08:52:00 GMT
> [2021-08-16T20:22:50.951+03:00] … [headers] c-0000000000 << Cache-Control: no-store, no-cache, must-revalidate
> [2021-08-16T20:22:50.951+03:00] … [headers] c-0000000000 << Pragma: no-cache
> [2021-08-16T20:22:50.954+03:00] … [HttpAsyncMainClientExec] ex-0000000001 consume response HTTP/1.1 200 OK, entity len -9223372036854775807
> [2021-08-16T20:22:50.967+03:00] … [HttpAsyncMainClientExec] ex-0000000001 execution failed: Connection is closed
> [2021-08-16T20:22:50.968+03:00] … [InternalAbstractHttpAsyncClient] ex-0000000001 request failed: Connection is closed
> [2021-08-16T20:22:50.968+03:00] … [PoolingAsyncClientConnectionManager] ep-0000000000 close IMMEDIATE
> [2021-08-16T20:22:50.968+03:00] … [DefaultManagedAsyncClientConnection] c-0000000000 Shutdown connection IMMEDIATE
> {code}
>
> That happens with the almost default configuration of the HTTP client (only versionPolicy and tlsStrategy are configured).
> To reproduce such behavior all of these conditions must be met:
> 1) Server must be accessed via nginx version older 1.18.0 (I tested 1.16.1 and 1.18.0);
> 2) A request contains a body;
> 3) A response doesn't contain "Content-Length" header;
> 4) TLS is used.
> 5) HTTP/1.1 is used.
>
> I think there is a bug. We've tried httpclient5 (classic, version 5.1) and AsyncHttpClient (Netty based). Both of them work correctly.
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org