Thanks (again) Tim.
-paul
On 1/3/13 4:31 PM, Tim Quinn wrote:
> Hi, again, Paul.
>
> Given the port involved, it doesn't seem that this is related to admin
> security which is what I'm familiar with.
>
> I'm forwarding this to the Grizzly folks in case they have any insight.
>
> - Tim
>
>
> On Jan 3, 2013, at 3:08 PM, paul.hendley_at_oracle.com
> <mailto:paul.hendley_at_oracle.com> wrote:
>
>> Hi Tim,
>> thanks for the quick reply.
>>
>> The cts client is trying to establish and https connection to a
>> servlet using a secure web service port of 1044
>> (The url looks like:
>> https://localhost:1044/clientcert_web/ServletSecTest )
>> This secure web service port would correspond to the
>> "network-listener" with protocol="http-listener-2" in domain.xml
>>
>> The (cts) Client test code resembles:
>>
>> URL newURL = new URL(url);
>> //open HttpsURLConnection using TSHttpsURLConnection
>> TSHttpsURLConnection httpsURLConn =
>> getHttpsURLConnection(newURL);
>> --> InputStream content =
>> (InputStream)httpsURLConn.getInputStream(); // CHOKES HERE
>> BufferedReader in = new BufferedReader (new
>> InputStreamReader (content));
>>
>>
>> This is trying to read the content from the servlet.
>>
>> thanks,
>> paul
>>
>>
>> On 1/3/13 3:56 PM, Tim Quinn wrote:
>>> Hi, Paul.
>>>
>>> Is the test trying to send an admin message to GlassFish (e.g., to
>>> port 4848) or an application message (e.g., to port 8080)?
>>>
>>> There was a Grizzly integration of 2.3-rc1 on Dec. 29 (build 69 is
>>> from the 27th).
>>>
>>>
>>> - Tim
>>>
>>> On Jan 3, 2013, at 2:41 PM, paul.hendley_at_oracle.com
>>> <mailto:paul.hendley_at_oracle.com> wrote:
>>>
>>>> Hi All.
>>>>
>>>> I am seeing a CTS test failure that is related to a socket
>>>> connection reset. (See stack trace of my test run at end of this
>>>> email)
>>>> It seems that SSL is the underlying piece that may be causeing the
>>>> socket connection reset.
>>>>
>>>> This error did not appear in promoted build glassfish-4.0-b69 but
>>>> I did notice it in the nighly that I used yesterday. So it appears
>>>> that something occurred between GF build 69 and the nighly I from
>>>> yesterday. (After looking at it some more today, I confirmed that
>>>> it happens in last nights build too.)
>>>>
>>>> I checked the server.log and did not see anything useful in there.
>>>> I turned on the (GF) logging.properties to FINEST for the two
>>>> security loggers (one included ssl) but still didn't notice
>>>> anything useful.
>>>>
>>>> I am using Java 1.7.0_09 for both my CTS test client and my GF
>>>> appserver (on mac w/ mountain lion).
>>>>
>>>> Also, If I switch back to the promoted GF b69, the test passes but
>>>> when I switch to the more recently nightlies, and execute the same
>>>> CTS test code it fails again.
>>>>
>>>> (fwiw - a quick check online indicated a possible solution might be
>>>> to increase thread-pools but that didn't seem to help.)
>>>>
>>>> Does anyone know of any recent work that might have affected SSL
>>>> connections? Or better yet, how to get around it?
>>>>
>>>> Lastly, I'm attaching a more detailed log that contains the SSL
>>>> debugging info (set using jvm arg of "-Djavax.net.debug=all")
>>>> This doesn't make a whole lot of sense to me but I did see that
>>>> *line 7148* of the attached file seems to be stating:
>>>> "[javatest.batch] main, SEND TLSv1 ALERT: fatal, description =
>>>> unexpected_message
>>>> [javatest.batch] Padded plaintext before ENCRYPTION: len = 32"
>>>>
>>>> Does this mean anything to anyone?
>>>>
>>>> thanks,
>>>> paul
>>>>
>>>>
>>>> [javatest.batch] 01-03-2013 13:58:56: ERROR: Test case throws
>>>> exception: clientCertTest: FAILED
>>>> [javatest.batch] 01-03-2013 13:58:56: ERROR: Exception at:
>>>> [javatest.batch] 01-03-2013 13:58:56: ERROR:
>>>> java.net.SocketException: Connection reset
>>>> [javatest.batch] at
>>>> java.net.SocketInputStream.read(SocketInputStream.java:189)
>>>> [javatest.batch] at
>>>> java.net.SocketInputStream.read(SocketInputStream.java:121)
>>>> [javatest.batch] at
>>>> sun.security.ssl.InputRecord.readFully(InputRecord.java:312)
>>>> [javatest.batch] at
>>>> sun.security.ssl.InputRecord.read(InputRecord.java:350)
>>>> [javatest.batch] at
>>>> sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:927)
>>>> [javatest.batch] at
>>>> sun.security.ssl.SSLSocketImpl.waitForClose(SSLSocketImpl.java:1723)
>>>> [javatest.batch] at
>>>> sun.security.ssl.HandshakeOutStream.flush(HandshakeOutStream.java:122)
>>>> [javatest.batch] at
>>>> sun.security.ssl.Handshaker.sendChangeCipherSpec(Handshaker.java:941)
>>>> [javatest.batch] at
>>>> sun.security.ssl.ClientHandshaker.sendChangeCipherAndFinish(ClientHandshaker.java:1084)
>>>> [javatest.batch] at
>>>> sun.security.ssl.ClientHandshaker.serverHelloDone(ClientHandshaker.java:1003)
>>>> [javatest.batch] at
>>>> sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:282)
>>>> [javatest.batch] at
>>>> sun.security.ssl.Handshaker.processLoop(Handshaker.java:868)
>>>> [javatest.batch] at
>>>> sun.security.ssl.Handshaker.process_record(Handshaker.java:804)
>>>> [javatest.batch] at
>>>> sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1032)
>>>> [javatest.batch] at
>>>> sun.security.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:884)
>>>> [javatest.batch] at
>>>> sun.security.ssl.AppInputStream.read(AppInputStream.java:102)
>>>> [javatest.batch] at
>>>> java.io.BufferedInputStream.fill(BufferedInputStream.java:235)
>>>> [javatest.batch] at
>>>> java.io.BufferedInputStream.read1(BufferedInputStream.java:275)
>>>> [javatest.batch] at
>>>> java.io.BufferedInputStream.read(BufferedInputStream.java:334)
>>>> [javatest.batch] at
>>>> sun.net.www.http.HttpClient.parseHTTPHeader(HttpClient.java:633)
>>>> [javatest.batch] at
>>>> sun.net.www.http.HttpClient.parseHTTP(HttpClient.java:579)
>>>> [javatest.batch] at
>>>> sun.net.www.http.HttpClient.parseHTTP(HttpClient.java:604)
>>>> [javatest.batch] at
>>>> sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1322)
>>>> [javatest.batch] at
>>>> sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254)
>>>> [javatest.batch] at
>>>> com.sun.ts.lib.implementation.sun.javaee.SunRIHttpsURLConnection.getInputStream(SunRIHttpsURLConnection.java:137)
>>>> [javatest.batch] at
>>>> com.sun.ts.lib.porting.TSHttpsURLConnection.getInputStream(TSHttpsURLConnection.java:154)
>>>> [javatest.batch] at
>>>> com.sun.ts.tests.servlet.spec.security.clientcert.Client.clientCertTest(Client.java:123)
>>>> [javatest.batch] at
>>>> sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>>>> [javatest.batch] at
>>>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
>>>> [javatest.batch] at
>>>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
>>>> [javatest.batch] at
>>>> java.lang.reflect.Method.invoke(Method.java:601)
>>>> [javatest.batch] at
>>>> com.sun.ts.lib.harness.EETest.run(EETest.java:550)
>>>> [javatest.batch] at
>>>> com.sun.ts.lib.harness.EETest.getPropsReady(EETest.java:446)
>>>> [javatest.batch] at
>>>> com.sun.ts.lib.harness.EETest.run(EETest.java:305)
>>>> [javatest.batch] at
>>>> com.sun.ts.lib.harness.EETest.run(EETest.java:257)
>>>> [javatest.batch] at
>>>> com.sun.ts.tests.servlet.spec.security.clientcert.Client.main(Client.java:57)
>>>>
>>>> <foo_nightly.txt>
>>>
>>
>