Bookmarks

Yahoo Gmail Google Facebook Delicious Twitter Reddit Stumpleupon Myspace Digg

Search queries

wwwxxx jeffs, Catastrophic failure Unexpected method call sequence. 0x8000ffff (-2147418113)., ksh lock a file, [unixODBC][Driver Manager]Driver's SQLAllocHandle on SQL_HANDLE_DBC failed, sed: -e expression #1, char 1: unterminated address regex, procmail + change subject, w2ksp4.exe download, /proc/kallsyms format, sqldatasource dal, wwwxxxenden

Links

XODOX
Impressum

#1: SSL connection between Apache and Tomcat failing

Posted on 2009-07-17 14:56:23 by iain.emsley

This is a multi-part message in MIME format.

------_=_NextPart_001_01CA06DD.FCE1EBC2
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

I've got a website which uses Apache 2.2 as the front end with Tomcat
5.5.23 as the backend and am using mod_ssl and mod_proxy to link to the
two together in Windows server 2003. Normally there isn't an issue with
two servers serving the website but recently (and mainly with , it
appears, mobile browsers), I'm getting the following errors:

i Jul 17 09:52:29 2009] [debug] ssl_engine_kernel.c(1760): OpenSSL:
Loop: SSLv3 read finished A

[Fri Jul 17 09:52:29 2009] [debug] ssl_engine_kernel.c(1756): OpenSSL:
Handshake: done

[Fri Jul 17 09:52:29 2009] [info] Connection: Client IP: 130.246.76.83,
Protocol: TLSv1, Cipher: DHE-RSA-AES256-SHA (256/256 bits)

[Fri Jul 17 09:52:29 2009] [debug] ssl_engine_io.c(1817): OpenSSL: read
5/5 bytes from BIO#7d0ad8 [mem: 4a3aaa8] (BIO dump follows)

[Fri Jul 17 09:52:29 2009] [debug] ssl_engine_io.c(1750):
+----------------------------------------------------------- ------------
--+

Dump details ..... |

[Fri Jul 17 09:52:29 2009] [debug] ssl_engine_io.c(1795):
+----------------------------------------------------------- ------------
--+

[Fri Jul 17 09:52:29 2009] [debug] ssl_engine_io.c(1817): OpenSSL: read
992/992 bytes from BIO#7d0ad8 [mem: 4a3aaad] (BIO dump follows)

[Fri Jul 17 09:52:29 2009] [debug] ssl_engine_io.c(1750):
+----------------------------------------------------------- ------------
--+

Dump details

[Fri Jul 17 09:52:29 2009] [debug] ssl_engine_io.c(1795):
+----------------------------------------------------------- ------------
--+

[Fri Jul 17 09:52:29 2009] [info] Initial (No.1) HTTPS request received
for child 245 (server dev.jiscmail.ac.uk:443)

[Fri Jul 17 09:52:35 2009] [debug] ssl_engine_io.c(1828): OpenSSL: I/O
error, 5 bytes expected to read on BIO#73e708 [mem: 4a169e0]

[Fri Jul 17 09:52:35 2009] [info] [client 130.246.76.83] (OS 10060)A
connection attempt failed because the connected party did not properly
respond after a period of time, or established connection failed because
connected host has failed to respond. : SSL input filter read failed.

[Fri Jul 17 09:52:35 2009] [debug] ssl_engine_kernel.c(1770): OpenSSL:
Write: SSL negotiation finished successfully

=20

I'd be grateful for any pointers in getting to the root of this issue
(or ruling out mod_ssl issues).=20

=20

Thanks,=20

=20

Iain


-- =0AScanned by iCritical.=0A

------_=_NextPart_001_01CA06DD.FCE1EBC2
Content-Type: text/html;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

<html xmlns:v=3D"urn:schemas-microsoft-com:vml" =
xmlns:o=3D"urn:schemas-microsoft-com:office:office" =
xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" =
xmlns=3D"http://www.w3.org/TR/REC-html40">

<head>
<meta http-equiv=3DContent-Type content=3D"text/html; =
charset=3Dus-ascii">
<meta name=3DGenerator content=3D"Microsoft Word 12 (filtered medium)">
<style>
<!--
/* Font Definitions */
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Calibri","sans-serif";
color:windowtext;}
..MsoChpDefault
{mso-style-type:export-only;}
@page Section1
{size:612.0pt 792.0pt;
margin:72.0pt 72.0pt 72.0pt 72.0pt;}
div.Section1
{page:Section1;}
-->
</style>
<!--[if gte mso 9]><xml>
<o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext=3D"edit">
<o:idmap v:ext=3D"edit" data=3D"1" />
</o:shapelayout></xml><![endif]-->
</head>

<body lang=3DEN-GB link=3Dblue vlink=3Dpurple>

<div class=3DSection1>

<p class=3DMsoNormal>I&#8217;ve got a website which uses Apache 2.2 as =
the front
end with Tomcat 5.5.23 as the backend and am using mod_ssl and mod_proxy =
to
link to the two together in Windows server 2003. Normally there =
isn&#8217;t an
issue with two servers serving the website but recently (and mainly with =
, it appears,
mobile browsers), I&#8217;m getting the following errors:<o:p></o:p></p>

<p class=3DMsoNormal>i Jul 17 09:52:29 2009] [debug] =
ssl_engine_kernel.c(1760):
OpenSSL: Loop: SSLv3 read finished A<o:p></o:p></p>

<p class=3DMsoNormal>[Fri Jul 17 09:52:29 2009] [debug]
ssl_engine_kernel.c(1756): OpenSSL: Handshake: done<o:p></o:p></p>

<p class=3DMsoNormal>[Fri Jul 17 09:52:29 2009] [info] Connection: =
Client IP:
130.246.76.83, Protocol: TLSv1, Cipher: DHE-RSA-AES256-SHA (256/256 =
bits)<o:p></o:p></p>

<p class=3DMsoNormal>[Fri Jul 17 09:52:29 2009] [debug] =
ssl_engine_io.c(1817):
OpenSSL: read 5/5 bytes from BIO#7d0ad8 [mem: 4a3aaa8] (BIO dump =
follows)<o:p></o:p></p>

<p class=3DMsoNormal>[Fri Jul 17 09:52:29 2009] [debug] =
ssl_engine_io.c(1750):
+----------------------------------------------------------- -------------=
-+<o:p></o:p></p>

<p class=3DMsoNormal>Dump =
details&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
......&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
|<o:p></o:p></p>

<p class=3DMsoNormal>[Fri Jul 17 09:52:29 2009] [debug] =
ssl_engine_io.c(1795):
+----------------------------------------------------------- -------------=
-+<o:p></o:p></p>

<p class=3DMsoNormal>[Fri Jul 17 09:52:29 2009] [debug] =
ssl_engine_io.c(1817):
OpenSSL: read 992/992 bytes from BIO#7d0ad8 [mem: 4a3aaad] (BIO dump =
follows)<o:p></o:p></p>

<p class=3DMsoNormal>[Fri Jul 17 09:52:29 2009] [debug] =
ssl_engine_io.c(1750):
+----------------------------------------------------------- -------------=
-+<o:p></o:p></p>

<p class=3DMsoNormal>Dump details<o:p></o:p></p>

<p class=3DMsoNormal>&nbsp;[Fri Jul 17 09:52:29 2009] [debug]
ssl_engine_io.c(1795):
+----------------------------------------------------------- -------------=
-+<o:p></o:p></p>

<p class=3DMsoNormal>[Fri Jul 17 09:52:29 2009] [info] Initial (No.1) =
HTTPS
request received for child 245 (server =
dev.jiscmail.ac.uk:443)<o:p></o:p></p>

<p class=3DMsoNormal>[Fri Jul 17 09:52:35 2009] [debug] =
ssl_engine_io.c(1828):
OpenSSL: I/O error, 5 bytes expected to read on BIO#73e708 [mem: =
4a169e0]<o:p></o:p></p>

<p class=3DMsoNormal>[Fri Jul 17 09:52:35 2009] [info] [client =
130.246.76.83] (OS
10060)A connection attempt failed because the connected party did not =
properly
respond after a period of time, or established connection failed because
connected host has failed to respond.&nbsp; : SSL input filter read =
failed.<o:p></o:p></p>

<p class=3DMsoNormal>[Fri Jul 17 09:52:35 2009] [debug]
ssl_engine_kernel.c(1770): OpenSSL: Write: SSL negotiation finished
successfully<o:p></o:p></p>

<p class=3DMsoNormal><o:p>&nbsp;</o:p></p>

<p class=3DMsoNormal>I&#8217;d be grateful for any pointers in getting =
to the
root of this issue (or ruling out mod_ssl issues). <o:p></o:p></p>

<p class=3DMsoNormal><o:p>&nbsp;</o:p></p>

<p class=3DMsoNormal>Thanks, <o:p></o:p></p>

<p class=3DMsoNormal><o:p>&nbsp;</o:p></p>

<p class=3DMsoNormal>Iain<o:p></o:p></p>

</div>


<br>=
<p>-- =0A<BR>Scanned by iCritical.=0A</p>
<br>=
</body>

</html>

------_=_NextPart_001_01CA06DD.FCE1EBC2--
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

Report this message

#2: Re: SSL connection between Apache and Tomcat failing

Posted on 2009-07-17 16:13:51 by Lou Picciano

------=_Part_127361_115640072.1247840031309
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

Iain:=20

Wow! Am I glad to hear from you! I've been wrestling with exactly this prob=
lem - error on: OpenSSL: read 5/5 bytes from BIO - for a few weeks now; was=
beginning to think I was losing my mind. (while we leave that possibility =
aside for the moment(!),) here's what's different about our environment:=20

Apache/2.2.11 (Unix - Solaris SPARC) mod_ssl/2.2.11 OpenSSL/0.9.8k PHP/5.2.=
9 . We are using certificate authentication. Seeing this behavior under Fir=
efox (Mac); haven't tried it using mobile browsers, though, presumably, you=
may be using a Mozilla-based mobile browser... We've recently upgraded to =
these current versions of Apache and OpenSSL, but the error behavior has no=
t been impacted. The incessant prompting for certificate can be interrupted=
by setting Firefox's Advanced-Encryption-When a server requests my certifi=
cate-Select one automatically option. The above read error persists, howeve=
r...=20

The primary impact is - apparently - that the SSL session is constantly re-=
negotiated for GET of each page element; loading of a single page might gen=
erate 8-10 prompts for the certificate. We have fiddled with various settin=
gs for the Renogotiation buffer, including which buffer engine is used, its=
size, etc., all to no avail. Some of the settings result in Apache configu=
ration errors, so I wonder if we're into an Apache - or mod_ssl - 'black ho=
le' region.=20

My quick research on this indicates that others have run into it, some have=
simply ignored it, but none have solved it.=20

Hopefully we'll come up with something. Lou=20

----- Original Message -----=20
From: "I Emsley (Iain)" <iain.emsley@stfc.ac.uk>=20
To: modssl-users@modssl.org=20
Sent: Friday, July 17, 2009 8:56:23 AM GMT -05:00 US/Canada Eastern=20
Subject: SSL connection between Apache and Tomcat failing=20




IâÂ=99ve got a website which uses Apache 2.2 as the front end with Tomc=
at 5.5.23 as the backend and am using mod_ssl and mod_proxy to link to the =
two together in Windows server 2003. Normally there isnâÂ=99t an issue =
with two servers serving the website but recently (and mainly with , it app=
ears, mobile browsers), IâÂ=99m getting the following errors:=20

i Jul 17 09:52:29 2009] [debug] ssl_engine_kernel.c(1760): OpenSSL: Loop: S=
SLv3 read finished A=20

[Fri Jul 17 09:52:29 2009] [debug] ssl_engine_kernel.c(1756): OpenSSL: Hand=
shake: done=20

[Fri Jul 17 09:52:29 2009] [info] Connection: Client IP: 130.246.76.83, Pro=
tocol: TLSv1, Cipher: DHE-RSA-AES256-SHA (256/256 bits)=20

[Fri Jul 17 09:52:29 2009] [debug] ssl_engine_io.c(1817): OpenSSL: read 5/5=
bytes from BIO=20

------=_Part_127361_115640072.1247840031309
Content-Type: text/html; charset=utf-8
Content-Transfer-Encoding: quoted-printable

<html><head><style type=3D'text/css'>p { margin: 0; }</style></head><body><=
div style=3D'font-family: Arial; font-size: 12pt; color: #000000'>Iain:<br>=
<br>Wow!&nbsp; Am I glad to hear from you!&nbsp; I've been wrestling with e=
xactly this problem - <span style=3D"text-decoration: underline; font-weigh=
t: bold;">error on: OpenSSL: read 5/5 bytes from BIO</span> - for a few wee=
ks now; was beginning to think I was losing my mind. (while we leave that p=
ossibility aside for the moment(!),) here's what's different about our envi=
ronment:<br><br><span>Apache/2.2.11 (Unix - Solaris SPARC) mod_ssl/2.2.11 O=
penSSL/0.9.8k PHP/5.2.9</span>.&nbsp; We are using certificate authenticati=
on. Seeing this behavior under Firefox (Mac); haven't tried it using mobile=
browsers, though, presumably, you may be using a Mozilla-based mobile brow=
ser...&nbsp; We've recently upgraded to these current versions of Apache an=
d OpenSSL, but the error behavior has not been impacted.&nbsp; The incessan=
t prompting for certificate can be interrupted by setting Firefox's Advance=
d-Encryption-When a server requests my certificate-Select one automatically=
option.&nbsp; The above read error persists, however...<br><br>The primary=
impact is - apparently - that the SSL session is <span style=3D"font-style=
: italic;">constantly</span> re-negotiated for GET of each page element; lo=
ading of a single page might generate 8-10 prompts for the certificate.&nbs=
p; We have fiddled with various settings for the Renogotiation buffer, incl=
uding which buffer engine is used, its size, etc., all to no avail.&nbsp; S=
ome of the settings result in Apache configuration errors, so I wonder if w=
e're into an Apache - or mod_ssl - 'black hole' region.<br><br>My quick res=
earch on this indicates that others have run into it, some have simply igno=
red it, but none have solved it.<br><br>Hopefully we'll come up with someth=
ing.&nbsp;&nbsp;&nbsp;&nbsp; Lou<br><br>----- Original Message -----<br>Fro=
m: "I Emsley (Iain)" &lt;iain.emsley@stfc.ac.uk&gt;<br>To: modssl-users@mod=
ssl.org<br>Sent: Friday, July 17, 2009 8:56:23 AM GMT -05:00 US/Canada East=
ern<br>Subject: SSL connection between Apache and Tomcat failing<br><br>




<style>
<!--
/* Font Definitions */
@font-face
=09{font-family:Calibri;
=09panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
=09{margin:0cm;
=09margin-bottom:.0001pt;
=09font-size:11.0pt;
=09font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
=09{mso-style-priority:99;
=09color:blue;
=09text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
=09{mso-style-priority:99;
=09color:purple;
=09text-decoration:underline;}
span.EmailStyle17
=09{mso-style-type:personal-compose;
=09font-family:"Calibri","sans-serif";
=09color:windowtext;}
..MsoChpDefault
=09{mso-style-type:export-only;}
@page Section1
=09{size:612.0pt 792.0pt;
=09margin:72.0pt 72.0pt 72.0pt 72.0pt;}
div.Section1
=09{page:Section1;}
-->
</style>
<!--[if gte mso 9]><xml>
<o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext=3D"edit">
<o:idmap v:ext=3D"edit" data=3D"1" />
</o:shapelayout></xml><![endif]-->


<div class=3D"Section1">

<p class=3D"MsoNormal">IâÂ=99ve got a website which uses Apache 2.2 as =
the front
end with Tomcat 5.5.23 as the backend and am using mod_ssl and mod_proxy to
link to the two together in Windows server 2003. Normally there isnâÂ=
=99t an
issue with two servers serving the website but recently (and mainly with , =
it appears,
mobile browsers), IâÂ=99m getting the following errors:</p>

<p class=3D"MsoNormal">i Jul 17 09:52:29 2009] [debug] ssl_engine_kernel.c(=
1760):
OpenSSL: Loop: SSLv3 read finished A</p>

<p class=3D"MsoNormal">[Fri Jul 17 09:52:29 2009] [debug]
ssl_engine_kernel.c(1756): OpenSSL: Handshake: done</p>

<p class=3D"MsoNormal">[Fri Jul 17 09:52:29 2009] [info] Connection: Client=
IP:
130.246.76.83, Protocol: TLSv1, Cipher: DHE-RSA-AES256-SHA (256/256 bits)</=
p>

<p class=3D"MsoNormal">[Fri Jul 17 09:52:29 2009] [debug] ssl_engine_io.c(1=
817):
OpenSSL: read 5/5 bytes from BIO</p></div><br></div></body></html>
------=_Part_127361_115640072.1247840031309--
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

Report this message

#3: Please remove my email from the list

Posted on 2009-07-17 16:15:20 by liao.tan

This is a multi-part message in MIME format.

------_=_NextPart_001_01CA06E9.04566E8E
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

Please remove my email from the list
=20

------_=_NextPart_001_01CA06E9.04566E8E
Content-Type: text/html;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Dus-ascii">
<STYLE type=3Dtext/css>P {
MARGIN: 0px
}
</STYLE>

<META content=3D"MSHTML 6.00.2900.3492" name=3DGENERATOR></HEAD>
<BODY>
<DIV dir=3Dltr align=3Dleft><FONT face=3DArial color=3D#0000ff =
size=3D2>Please remove my=20
email from the list</FONT></DIV>
<DIV dir=3Dltr align=3Dleft><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext=3D"edit">
<o:idmap v:ext=3D"edit" data=3D"1" />
</o:shapelayout></xml><![endif]-->&nbsp;</DIV></BODY></HTML>

------_=_NextPart_001_01CA06E9.04566E8E--
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

Report this message