Hi Folks
I'm working on a Grizzly server (using 1.9.18). I have a number of long
lived SSL connected clients. I'm trying to run this configuration under a
load balancer. The balancer uses a health check that consists of a TCP
open-close cycle. It seems that after a number (exact count undetermined) of
these health check cycles one (or more - undetermined) of the SSL connected
clients gets its connection closed. The health check hits the same port as
the SSL client. I'm using the SSLReadFilter and the health check causes the
filter to start an SSL handshake which fails (and a stack trace is thrown -
see below).
Any pointers to how to diagnose this issue would be greatly appreciated. In
particular, is there a way to put a filter in front of the SSLReadFilter
that would catch the health check and throw it away?
Thanks
Brandon
Exception thrown when TCP open-close cycle hits the SSLReadFilter:
javax.net.ssl.SSLException: Inbound closed before receiving peer's
close_notify: possible truncation attack?
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:166)
at
com.sun.net.ssl.internal.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1356)
at
com.sun.net.ssl.internal.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1324)
at
com.sun.net.ssl.internal.ssl.SSLEngineImpl.closeInbound(SSLEngineImpl.java:1263)
at com.sun.grizzly.util.SSLUtils.doHandshake(SSLUtils.java:426)
at com.sun.grizzly.util.SSLUtils.doHandshake(SSLUtils.java:390)
at com.sun.grizzly.filter.SSLReadFilter.doHandshake(SSLReadFilter.java:242)
at com.sun.grizzly.filter.SSLReadFilter.execute(SSLReadFilter.java:173)
at
com.brivo.commandserv.communication.EnhancedSSLReadFilter.execute(EnhancedSSLReadFilter.java:40)
at
com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:135)
at
com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:102)
at
com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:88)
at
com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:53)
at
com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:57)
at com.sun.grizzly.ContextTask.run(ContextTask.java:69)
at
com.sun.grizzly.util.FixedThreadPool$BasicWorker.dowork(FixedThreadPool.java:379)
at
com.sun.grizzly.util.FixedThreadPool$BasicWorker.run(FixedThreadPool.java:360)
at java.lang.Thread.run(Thread.java:595)
Oct 22, 2009 1:52:43 PM com.sun.grizzly.filter.SSLReadFilter log
FINE: doHandshake
java.io.EOFException: Connection closed
at com.sun.grizzly.util.SSLUtils.doHandshake(SSLUtils.java:433)
at com.sun.grizzly.util.SSLUtils.doHandshake(SSLUtils.java:390)
at com.sun.grizzly.filter.SSLReadFilter.doHandshake(SSLReadFilter.java:242)
at com.sun.grizzly.filter.SSLReadFilter.execute(SSLReadFilter.java:173)
at
com.brivo.commandserv.communication.EnhancedSSLReadFilter.execute(EnhancedSSLReadFilter.java:40)
at
com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:135)
at
com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:102)
at
com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:88)
at
com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:53)
at
com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:57)
at com.sun.grizzly.ContextTask.run(ContextTask.java:69)
at
com.sun.grizzly.util.FixedThreadPool$BasicWorker.dowork(FixedThreadPool.java:379)
at
com.sun.grizzly.util.FixedThreadPool$BasicWorker.run(FixedThreadPool.java:360)
at java.lang.Thread.run(Thread.java:595)
--
View this message in context: http://www.nabble.com/SSL-connection-closed-after-repeated-TCP-open-close-cycles-tp26016355p26016355.html
Sent from the Grizzly - Users mailing list archive at Nabble.com.