You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by bu...@apache.org on 2017/01/05 09:41:00 UTC
[Bug 60555] New: run by ssl and port:443 close_wait
https://bz.apache.org/bugzilla/show_bug.cgi?id=60555
Bug ID: 60555
Summary: run by ssl and port:443 close_wait
Product: Tomcat 8
Version: 8.5.4
Hardware: PC
OS: Linux
Status: NEW
Severity: normal
Priority: P2
Component: Connectors
Assignee: dev@tomcat.apache.org
Reporter: draculav@hotmail.com
Target Milestone: ----
tomcat-embed-core-8.5.4
our service use springboot '1.4.0.RELEASE'
centos 6.5
SSL:
server.ssl.key-store=classpath:cert/aaaaa.ca.pfx
server.ssl.key-store-password=aaaaa
server.ssl.keyStoreType=PKCS12
After start, then use shell :
#!/usr/bin/bash
while true ;
do
curl -k https://IP/app/current/queryCurrent.action
echo ""
done
and exec the command : netstat -antp | grep CLOSE_WAIT
tcp 0 0 ********::443 ********:45138 CLOSE_WAIT
21773/java
tcp 0 0 ********::443 ********::44910 CLOSE_WAIT
21773/java
tcp 0 0 ********::443 ********::44464 CLOSE_WAIT
21773/java
tcp 0 0 ********::443 ********::45234 CLOSE_WAIT
21773/java
tcp 0 0 ********::443 ********::43768 CLOSE_WAIT
21773/java
tcp 0 0 ********::443 ********::44216 CLOSE_WAIT
21773/java
......
nondecreasing
run without ssl no problem
code line 1399 in org.apache.tomcat.util.net.NioEndpoint
Using HTTP always get true
and When CLOSE_WAIT appears always "handshake == SelectionKey.OP_READ" and
never change(Even if the client is closed)
These CLOSE_WAIT lived for more than 12 hours yet
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 60555] run by ssl and port:443 close_wait
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=60555
hiki <dr...@hotmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|DUPLICATE |FIXED
Status|RESOLVED |CLOSED
--- Comment #2 from hiki <dr...@hotmail.com> ---
Thanks. Has been upgraded to 8.5.6 and the problem is solved
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 60555] run by ssl and port:443 close_wait
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=60555
--- Comment #4 from Vaibhav Bhandari <vb...@vmware.com> ---
@hiki's comments seems right and thats why a port to 7.0 line would be needed.
We have hit this issue in 7.0 tomcat version.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 60555] run by ssl and port:443 close_wait
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=60555
--- Comment #6 from Vaibhav Bhandari <vb...@vmware.com> ---
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/NioEndpoint.java?r1=1757813&r2=1757903&diff_format=h
This is the change that needs to be ported to 7.0
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 60555] run by ssl and port:443 close_wait
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=60555
--- Comment #3 from hiki <dr...@hotmail.com> ---
(In reply to Mark Thomas from comment #1)
>
> *** This bug has been marked as a duplicate of bug 60035 ***
Thanks ,the problem is solved,
but I don't think the relationship with r1746551 is direct
I think the main solution to this problem is the following code
org.apache.tomcat.util.net.NioEndpoint
if (socket.isHandshakeComplete()) {
// No TLS handshaking required. Let the handler
// process this socket / event combination.
handshake = 0;
} else if (event == SocketEvent.STOP || event ==
SocketEvent.DISCONNECT ||
event == SocketEvent.ERROR) {
// Unable to complete the TLS handshake. Treat it
as
// if the handshake failed.
handshake = -1;
} else {
handshake = socket.handshake(key.isReadable(),
key.isWritable());
// The handshake process reads/writes from/to the
// socket. status may therefore be OPEN_WRITE once
// the handshake completes. However, the handshake
// happens when the socket is opened so the status
// must always be OPEN_READ after it completes. It
// is OK to always set this as it is only used if
// the handshake completes.
event = SocketEvent.OPEN_READ;
}
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 60555] run by ssl and port:443 close_wait
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=60555
Vaibhav Bhandari <vb...@vmware.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |vbhandari@vmware.com
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 60555] run by ssl and port:443 close_wait
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=60555
Mark Thomas <ma...@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution|--- |DUPLICATE
--- Comment #1 from Mark Thomas <ma...@apache.org> ---
*** This bug has been marked as a duplicate of bug 60035 ***
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 60555] run by ssl and port:443 close_wait
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=60555
Mark Thomas <ma...@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|--- |FIXED
Status|REOPENED |RESOLVED
--- Comment #7 from Mark Thomas <ma...@apache.org> ---
This report, as originally described, is not reproducible on Tomcat 8.0.x and
earlier. While sockets in CLOSE_WAIT are observed, they do not remain in that
state for more than a few seconds. Further, analysis of this issue with
8.5.x/trunk showed that it was introduced by r1746551 and that r1757903 was the
correct fix for that issue.
You can not be observing the same problem on 7.0.x, even if the symptoms are
identical, as r1746551 was not back-ported to 8.0.x or earlier.
Since the root causes are different there is no basis to conclude that the
required fix is the same.
Please open a new issue and provide the steps to reproduce on a clean install
of the latest stable release of any of the supported branches (currently 7.0.x,
8.0.x, 8.5.x and 9.0.x).
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 60555] run by ssl and port:443 close_wait
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=60555
Vaibhav Bhandari <vb...@vmware.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|FIXED |---
Status|CLOSED |REOPENED
--- Comment #5 from Vaibhav Bhandari <vb...@vmware.com> ---
Reopening as porting to 7.0 version is needed.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org