Re: 400 error when upgrading tomcat

[Brian Harris]

Thanks Christopher.  You just nailed it buddy.  I changed them all to \r\n
and it got a 200.  I was completely overlooking that as it had never caused
a problem before.  Something in 8.5.51 would not allow that anymore.

On Thu, Sep 10, 2020 at 4:07 PM Christopher Schultz <
ch...@christopherschultz.net> wrote:

> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Brian,
>
> On 9/10/20 13:13, Brian Harris wrote:
> > We’re having an issue when upgrading Tomcat from 8.5.50 to 8.5.51.
> > Since moving to this version, requests sent to the http port are
> > failing with a 400 error code(bad request).  The server.xml is
> > configured to redirect the http port to the https port.  This has
> > worked for years and did not start failing until the upgrade.
> > Below is the connector config and the java class used to send a
> > test transaction to the server.
> >
> > I’ve searched the change log and the only change I can see that
> > might cause this is the Bug fix for bug 63966 – Charset of TLS
> > message is hard coded to ISO-8859-1.  This bug fix was introduced
> > into 8.5.51.  The reason I believe this might be the reason is when
> > we would send this request to tomcat 8.5.50 the reply Content-Type
> > would look like this:
> >
> >
> >
> > Content-Type: text/plain;charset=ISO-8859-1
> >
> >
> >
> > With tomcat 8.5.51, I get this:
> >
> > Content-Type: text/html;charset=utf-8
> >
> >
> >
> > Any ideas why I’m getting the 400 error when upgrading to 8.5.51
> > and beyond ?
> >
> >
> >
> > Connector config:
> >
> >
> >
> >  >
> > connectionTimeout="2"
> >
> > redirectPort=""
> >
> > />
> >
> >
> >
> >  >
> > scheme="https" secure="true"
> > ciphers="TLS_DHE_DSS_WITH_AES_128_GCM_SHA256,TLS_DHE_DSS_WITH_AES_256_
> GCM_SHA384,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_256_
> GCM_SHA384,TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_ECDSA_WITH_AE
> S_256_GCM_SHA384,TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_RSA_WITH_
> AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECD
> SA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECD
> HE_RSA_WITH_AES_256_GCM_SHA384"
> >
> >  clientAuth="false" sslProtocol="TLS"
> > sslEnabledProtocols="TLSv1.2"
> >
> > keyAlias="myKey"
> >
> > keystore="NONE"
> >
> > keystorePass="password"
> >
> > keystoreType="PKCS11"
> >
> > keystoreProvider="myprovider"
> >
> > enableLookups="false"
> >
> > server="server"
> >
> > "/>
> >
> >
> >
> >
> >
> > Java class used to send the test transaction:
> >
> >
> >
> > package com.testing;
> >
> >
> >
> > import java.io.*;
> >
> > import java.net.*;
> >
> > import java.util.Date;
> >
> > import java.text.DateFormat;
> >
> > import java.text.SimpleDateFormat;
> >
> >
> >
> > public class RunTestTran{
> >
> >
> >
> > public  RunTestTran() {
> >
> > }
> >
> >
> >
> > public static void main(String [] args){
> >
> > RunTestTran recordProcessorTest = new RunTestTran();
> >
> > recordProcessorTest.runTran("localhost", ,
> > "/requestProcessor/rp");
> >
> > }
> >
> >
> >
> > private void runTran(String ip, int port, String appName){
> >
> > Socket socket = null;
> >
> > PrintWriter out = null;
> >
> > BufferedReader in = null;
> >
> > String dataToSend = "";
> >
> >
> >
> > //Create socket connection
> >
> > try {
> >
> > socket = new Socket(ip, port);
> >
> > out = new PrintWriter(socket.getOutputStream(), true);
> >
> > in = new BufferedReader(new
> > InputStreamReader(socket.getInputStream()));
> >
> > } catch  (Exception e) {
> >
> > System.out.println("Exception:" + e.toString() );
> >
> > System.exit(1);
> >
> > }
> >
> >
> >
> > DateFormat dateFormat = new SimpleDateFormat("MMddHHmmsss");
> >
> > //get current date time with Date() to create a 11 digit tran id
> >
> > Date date = new Date();
> >
> > String tranId = date

400 error when upgrading tomcat

[Brian Harris]

We’re having an issue when upgrading Tomcat from 8.5.50 to 8.5.51.  Since
moving to this version, requests sent to the http port are failing with a
400 error code(bad request).  The server.xml is configured to redirect the
http port to the https port.  This has worked for years and did not start
failing until the upgrade.  Below is the connector config and the java
class used to send a test transaction to the server.



I’ve searched the change log and the only change I can see that might cause
this is the Bug fix for bug 63966 – Charset of TLS message is hard coded to
ISO-8859-1.  This bug fix was introduced into 8.5.51.  The reason I believe
this might be the reason is when we would send this request to tomcat
8.5.50 the reply Content-Type would look like this:



Content-Type: text/plain;charset=ISO-8859-1



With tomcat 8.5.51, I get this:

 Content-Type: text/html;charset=utf-8



Any ideas why I’m getting the 400 error when upgrading to 8.5.51 and beyond
?



Connector config:







   





Java class used to send the test transaction:



package com.testing;



import java.io.*;

import java.net.*;

import java.util.Date;

import java.text.DateFormat;

import java.text.SimpleDateFormat;



public class RunTestTran{



public  RunTestTran() {

}



public static void main(String [] args){

RunTestTran recordProcessorTest = new RunTestTran();

recordProcessorTest.runTran("localhost", ,
"/requestProcessor/rp");

}



private void runTran(String ip, int port, String appName){

Socket socket = null;

PrintWriter out = null;

BufferedReader in = null;

String dataToSend = "";



//Create socket connection

try {

socket = new Socket(ip, port);

out = new PrintWriter(socket.getOutputStream(),
true);

in = new BufferedReader(new
InputStreamReader(socket.getInputStream()));

} catch  (Exception e) {

System.out.println("Exception:" + e.toString() );

System.exit(1);

}



DateFormat dateFormat = new SimpleDateFormat("MMddHHmmsss");

//get current date time with Date() to create a 11 digit
tran id

Date date = new Date();

String tranId = dateFormat.format(date);

String PRIMER_TRAN = " V " + tranId +
"990JANE   DOE 100 Redwood Shores
Pkwy Redwood City   CA94065000  PRIMER TRAN";





try{

dataToSend = URLEncoder.encode("inputRecord",
"UTF-8") + "=" + URLEncoder.encode(PRIMER_TRAN, "UTF-8");



}catch(Exception e){

System.out.println("Exception caught!" +
e.toString());

}

 // send message

StringBuffer sb = new StringBuffer();

sb.append("POST /" + appName + "/wrp HTTP/1.1\r\n");

// Try connection close-- see if it does close

sb.append("Connection: close\r\n");

sb.append("Accept: image/gif, image/x-xbitmap, image/jpeg,
image/pjpeg, application/vnd.ms-powerpoint, application/vnd.ms-excel,
application/msword\n");

sb.append("Accept-Language: en-us\n");

sb.append("Accept-Encoding: gzip, deflate\n");

sb.append("User-Agent: Mozilla/4.0 (compatible; MSIE 6.0;
Windows NT 5.0)\n");

// Authorization

sb.append("Authorization: Basic
DK34a3RvbWVydGVzddkK7WCx\n");

sb.append("Host: " + ip + ":" + port + "\n");

sb.append("Content-Length: " + dataToSend.length() +
"\r\n");

sb.append("Content-Type:
application/x-www-form-urlencoded\r\n");

sb.append("\r\n");

sb.append(dataToSend);

 // Send data

String text = sb.toString();

out.println(text);



System.out.println("\nText sent " + text.length() + "
bytes:");

System.out.println(text + "\n\n");



try{

String gotBack1 = in.readLine();

System.out.println("Text received:" + gotBack1 );

String gotBack = null;

while (  (gotBack = in.readLine()) != null){

System.out.println("Text received:" +
gotBack );

if ( (gotBack.indexOf("TQ!") != -1)){

break;

}

}

} catch (Exception e){

System.out.println("Read failed! " + e.toString());

System.exit(1);

}

}