You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by "Miller, Kevin R" <ke...@lmco.com> on 2010/08/16 22:06:23 UTC
Random file generation
I am running Tomcat 6.0.26 on a Solaris 10 system. The Tomcat server is configured to listen to HTTPS communications on port 8443. When browsing to the Tomcat server remotely using the following syntax everything works as expected:
https://10.10.10.10:8443/
If however we accidentally leave out the "s" in https like this:
http://10.10.10.10:8443/
The Tomcat server responds with a 7 byte .exe file to download. Each time we make the request again it generates a new .exe file with a different name (cd64dni2.exe or z0v8671g.exe for example). The exe fail fails to execute on a windows system. The contents of all of the exe files are exactly the same (binary data)
If I run an od on the file I get the following:
$od cd64dni2.exe
0000000 001425 000001 001002 000012
0000007
Can anyone explain what this file is and why it is getting generated?
Re: EXTERNAL: Re: Random file generation
Posted by Peter Crowther <pe...@melandra.com>.
On 16 August 2010 23:44, Miller, Kevin R <ke...@lmco.com> wrote:
> Any idea what this data is that is being sent to me?
>
> I'd expect it to be the start of the SSL negotiation. You're trying to do
something unexpected, namely treating a SSL connection as if it wasn't one.
Unsurprisingly, this doesn't work.
- Peter
RE: EXTERNAL: Re: Random file generation
Posted by "Miller, Kevin R" <ke...@lmco.com>.
My initial testing was with Firefox running on Solaris 10. I just tested with Firefox 3.6.8 on Windows XP and got the same behavior. One difference is that windows did not try to name it a .exe file it instead just called it a random name with the .part extension. When I attempted to use Internet Explorer 7 I did not reveive the prompt to save the file but instead got a web page that had (5 square boxes to represent binary data).
Any idea what this data is that is being sent to me? I also ran a snoop from the system running tomcat and was able to confirm that Tomcat did send the 7 bytes of data.
-----Original Message-----
From: André W
Sent: Monday, August 16, 2010 2:18 PM
To: Tomcat Users List
Subject: EXTERNAL: Re: Random file generation
Miller, Kevin R wrote:
> I am running Tomcat 6.0.26 on a Solaris 10 system. The Tomcat server is configured to listen to HTTPS communications on port 8443. When browsing to the Tomcat server remotely using the following syntax everything works as expected:
> https://10.10.10.10:8443/
>
> If however we accidentally leave out the "s" in https like this:
> http://10.10.10.10:8443/
>
> The Tomcat server responds with a 7 byte .exe file to download. Each time we make the request again it generates a new .exe file with a different name (cd64dni2.exe or z0v8671g.exe for example). The exe fail fails to execute on a windows system. The contents of all of the exe files are exactly the same (binary data)
>
> If I run an od on the file I get the following:
> $od cd64dni2.exe
> 0000000 001425 000001 001002 000012
> 0000007
>
>
> Can anyone explain what this file is and why it is getting generated?
>
Not before we are sure that it is really being generated.
Which browser are you using, and have you tried another one to check if the symptoms are
the same ?
Additionally, get a browser plugin such as Fiddler2 (for IE) or HttpFox (for Firefox),
activate the plugin, then look at what your browser is *really* receiving from the server.
Purpose :
Some versions of IE have a habit of "second-guessing" the server (which it should not be
doing according to the HTTP RFC), and deciding itself that what the server sends back is
this or that, even when the server says otherwise.
You will want to make sure that your Tomcat is really sending back this "thing", and that
it is not just the browser saying that it is this thing.
Note that the plugins above are invaluable tools to quickly diagnose browser/server
conversation issues, so you will not lose your time downloading and installing one of them
anway.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Random file generation
Posted by André Warnier <aw...@ice-sa.com>.
Miller, Kevin R wrote:
> I am running Tomcat 6.0.26 on a Solaris 10 system. The Tomcat server is configured to listen to HTTPS communications on port 8443. When browsing to the Tomcat server remotely using the following syntax everything works as expected:
> https://10.10.10.10:8443/
>
> If however we accidentally leave out the "s" in https like this:
> http://10.10.10.10:8443/
>
> The Tomcat server responds with a 7 byte .exe file to download. Each time we make the request again it generates a new .exe file with a different name (cd64dni2.exe or z0v8671g.exe for example). The exe fail fails to execute on a windows system. The contents of all of the exe files are exactly the same (binary data)
>
> If I run an od on the file I get the following:
> $od cd64dni2.exe
> 0000000 001425 000001 001002 000012
> 0000007
>
>
> Can anyone explain what this file is and why it is getting generated?
>
Not before we are sure that it is really being generated.
Which browser are you using, and have you tried another one to check if the symptoms are
the same ?
Additionally, get a browser plugin such as Fiddler2 (for IE) or HttpFox (for Firefox),
activate the plugin, then look at what your browser is *really* receiving from the server.
Purpose :
Some versions of IE have a habit of "second-guessing" the server (which it should not be
doing according to the HTTP RFC), and deciding itself that what the server sends back is
this or that, even when the server says otherwise.
You will want to make sure that your Tomcat is really sending back this "thing", and that
it is not just the browser saying that it is this thing.
Note that the plugins above are invaluable tools to quickly diagnose browser/server
conversation issues, so you will not lose your time downloading and installing one of them
anway.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Random file generation
Posted by Peter Crowther <pe...@melandra.com>.
In other words: "If I try to interpret the SSL handshake from Tomcat as if
it were a byte stream to be interpreted by my browser, the byte stream the
server happens to generate has the first two bytes 'MZ' and my browser can't
interpret it as anything other than a Windows executable."
That such an action results in unexpected behaviour shouldn't be a surprise,
surely?
- Peter
On 16 August 2010 21:06, Miller, Kevin R <ke...@lmco.com> wrote:
> I am running Tomcat 6.0.26 on a Solaris 10 system. The Tomcat server is
> configured to listen to HTTPS communications on port 8443. When browsing to
> the Tomcat server remotely using the following syntax everything works as
> expected:
> https://10.10.10.10:8443/
>
> If however we accidentally leave out the "s" in https like this:
> http://10.10.10.10:8443/
>
> The Tomcat server responds with a 7 byte .exe file to download. Each time
> we make the request again it generates a new .exe file with a different name
> (cd64dni2.exe or z0v8671g.exe for example). The exe fail fails to execute
> on a windows system. The contents of all of the exe files are exactly the
> same (binary data)
>
> If I run an od on the file I get the following:
> $od cd64dni2.exe
> 0000000 001425 000001 001002 000012
> 0000007
>
>
> Can anyone explain what this file is and why it is getting generated?
>