search

Bilal-S / iis2tomcat

AJP Connector between Internet Information Services (IIS) and Apache Tomcat
http://www.boncode.net/boncode-connector
49 stars 32 forks source link

Generic Communication Error #66

Closed srconklin closed 6 years ago

srconklin commented 6 years ago

I am having the exact same issues as referenced in the now closed issue nr 47.

Browsing the Lucee Server admin, every few clicks I get the error:

Please check and adjust your setup: Ensure that Tomcat is running on given host and port. If this is a timeout error consider adjusting IIS timeout by changing executionTimeout attribute in web.config (see manual). Connection between Tomcat and IIS experienced error. If you restarted Tomcat this is expected. at BonCodeAJP13.BonCodeAJP13ServerConnection.ConnectionError() at BonCodeAJP13.BonCodeAJP13ServerConnection.p_CreateConnection(BonCodeAJP13PacketCollection packetsToSend) at BonCodeIIS.BonCodeCallHandler.ProcessRequest(HttpContext context)

ERROR LOGGED IS:

Unable to read data from the transport connection: An established connection was aborted by the software in your host machine. at System.Net.Sockets.NetworkStream.Read(Byte[] buffer, Int32 offset, Int32 size) at BonCodeAJP13.BonCodeAJP13ServerConnection.ComunicateWithTomcat() 2018-06-29 11:30:56 failed Server Connection was aborted 2018-06-29 11:30:56 1.0.36 ERROR TCP Client level -- Server/Port:localhost/8009 Connection between Tomcat and IIS experienced error. If you restarted Tomcat this is expected. failed:Server Connection was aborted at BonCodeAJP13.BonCodeAJP13ServerConnection.ConnectionError(String message, String messageType) at BonCodeAJP13.BonCodeAJP13ServerConnection.ComunicateWithTomcat() at BonCodeAJP13.BonCodeAJP13ServerConnection.HandleConnection() at BonCodeAJP13.BonCodeAJP13ServerConnection.p_CreateConnection(BonCodeAJP13PacketCollection packetsToSend)

I thought the solution for this was to add keepaliveTimeout='-1' to the connector port in the server.xml setting, but that does not seem to help.

These are my BoncodeAJP13.settings 

<Settings>
<Server>localhost</Server>
<Port>8009</Port>
<EnableRemoteAdmin>False</EnableRemoteAdmin>
<EnableHeaderDataSupport>True</EnableHeaderDataSupport>
<ForceSecureSession>False</ForceSecureSession>
<AllowEmptyHeaders>False</AllowEmptyHeaders>
<MaxConnections>1000</MaxConnections>
<PacketSize>65536</PacketSize>
<LogLevel>1</LogLevel>
<LogDir>c:\temp</LogDir>
<FlushThreshold>0</FlushThreshold>
<ModCFMLSecret>99f00ff4667bd09d636438c007090a696ebec2c1a14ca9fc004c6771faf1b02d</ModCFMLSecret>
</Settings>

Here is my connector port settings:

<Connector port="8009" protocol="AJP/1.3" redirectPort="8443"  keepAliveTimeout="-1" enableLookups="false" maxThreads="1000" connectionTimeout="121000" packetSize="65536" />

Here are my Lucee/OS/Java versions Lucee 5.2.7.63 OS Windows Server 2016 (10.0) 64 bit IIS 10.0.14393.0 Tomcat: 8.5.31 Java 1.8.0_172 (oracle Corp) 64 bit Boncode v 1.0.36

NOTE: I reset the IIS timeout back to 20 mins from 2 mins as per the recommendation of the poster in ISSUE nr 47

Do you know what the issue could be? and how I can fix it?

srconklin commented 5 years ago

This appears to have started when I re-installed bonCode with the dlls from the zip, I think... Could that be related to all these new errors we are seeing now?

Bilal-S commented 5 years ago

Uncertain. But I got some data dump from you to analyze later. You can revert back to the standard setup if you like.

srconklin commented 5 years ago

Bilal- Any status on this?

Bilal-S commented 5 years ago

Scott, I looked at the first two packets. The packets logged are malformed data packets from Tomcat. They should throw errors, so for those the connector is behaving correctly. They both have two cookie headers A0 07 in repeat sequence. A A0 07 declaration should be followed by a string declaration, with a terminator 00 byte. This is not what I see. Thus, instead of actually declaring the cookie string, the cookie header is repeated. This is a protocol error. Even if interpreted loosely we would need to assume a cookie deceleration length of 40967 bytes which is longer than the actual packet sent.

I am not even sure how to replicate this programatically in cfml. Are you, perhaps, setting an empty cookies in your program somewhere (no name and no value)?

image

srconklin commented 5 years ago

Hi Bilal-

When you said cookies, I went to check if the application (which is a legacy one that was written almost 20 years ago and one that I did not write) was using client cookies to manage session data.

Sure enough, it was. It looks like I failed to setup a database during the migration from the old machine to store the client data. The default in Lucee is to pass this all client data as cookies which upon further inspection is quite large.. I have created a datasource to store this data in the db instead of passing it as a cookie headers on every request.

This looks very promising and could very well be the issue.

I will let you know if this was the problem but so far no complaints from the users....

Thank you so much for looking into this. I never would have come to this conclusion without you looking into these dumps and bringing it to my attention.