Michael Jumper created GUACAMOLE-67: ---------------------------------------
Summary: I/O error in WebSocket can cause connection tracking to fail Key: GUACAMOLE-67 URL: https://issues.apache.org/jira/browse/GUACAMOLE-67 Project: Guacamole Issue Type: Bug Components: guacamole Reporter: Michael Jumper Assignee: Michael Jumper Priority: Blocker Fix For: 0.9.10-incubating If Tomcat (or another servlet container) encounters a hard, internal I/O error while handling a WebSocket connection, the resulting {{IOException}} will cause the connection thread to die: {code:none} 15:39:50.882 [Thread-19] DEBUG o.a.g.w.GuacamoleWebSocketTunnelEndpoint - I/O error prevents further reads. java.io.IOException: java.util.concurrent.ExecutionException: java.io.IOException: Key must be cancelled at org.apache.tomcat.websocket.WsRemoteEndpointImplBase.sendPartialString(WsRemoteEndpointImplBase.java:228) ~[tomcat-websocket.jar:8.0.14] at org.apache.tomcat.websocket.WsRemoteEndpointImplBase.sendString(WsRemoteEndpointImplBase.java:172) ~[tomcat-websocket.jar:8.0.14] at org.apache.tomcat.websocket.WsRemoteEndpointBasic.sendText(WsRemoteEndpointBasic.java:37) ~[tomcat-websocket.jar:8.0.14] at org.apache.guacamole.websocket.GuacamoleWebSocketTunnelEndpoint$2.run(GuacamoleWebSocketTunnelEndpoint.java:169) ~[GuacamoleWebSocketTunnelEndpoint$2.class:na] Caused by: java.util.concurrent.ExecutionException: java.io.IOException: Key must be cancelled at org.apache.tomcat.websocket.FutureToSendHandler.get(FutureToSendHandler.java:102) ~[tomcat-websocket.jar:8.0.14] at org.apache.tomcat.websocket.WsRemoteEndpointImplBase.sendPartialString(WsRemoteEndpointImplBase.java:224) ~[tomcat-websocket.jar:8.0.14] ... 3 common frames omitted Caused by: java.io.IOException: Key must be cancelled at org.apache.coyote.http11.upgrade.NioServletOutputStream.doWriteInternal(NioServletOutputStream.java:84) ~[tomcat-coyote.jar:8.0.14] at org.apache.coyote.http11.upgrade.NioServletOutputStream.doWrite(NioServletOutputStream.java:61) ~[tomcat-coyote.jar:8.0.14] at org.apache.coyote.http11.upgrade.AbstractServletOutputStream.writeInternal(AbstractServletOutputStream.java:162) ~[tomcat-coyote.jar:8.0.14] at org.apache.coyote.http11.upgrade.AbstractServletOutputStream.write(AbstractServletOutputStream.java:129) ~[tomcat-coyote.jar:8.0.14] at org.apache.tomcat.websocket.server.WsRemoteEndpointImplServer.onWritePossible(WsRemoteEndpointImplServer.java:99) ~[tomcat-websocket.jar:8.0.14] at org.apache.tomcat.websocket.server.WsRemoteEndpointImplServer.doWrite(WsRemoteEndpointImplServer.java:81) ~[tomcat-websocket.jar:8.0.14] at org.apache.tomcat.websocket.WsRemoteEndpointImplBase.writeMessagePart(WsRemoteEndpointImplBase.java:420) ~[tomcat-websocket.jar:8.0.14] at org.apache.tomcat.websocket.WsRemoteEndpointImplBase.startMessage(WsRemoteEndpointImplBase.java:311) ~[tomcat-websocket.jar:8.0.14] at org.apache.tomcat.websocket.WsRemoteEndpointImplBase$TextMessageSendHandler.write(WsRemoteEndpointImplBase.java:675) ~[tomcat-websocket.jar:8.0.14] at org.apache.tomcat.websocket.WsRemoteEndpointImplBase.sendPartialString(WsRemoteEndpointImplBase.java:220) ~[tomcat-websocket.jar:8.0.14] ... 3 common frames omitted {code} This death is fine, but the code handling that error does not properly invoke {{closeConnection()}}, thus the associated {{GuacamoleTunnel}} and {{GuacamoleSocket}} are not guaranteed to be closed. They will *eventually* close due to timeout, but the lack of further read errors means that internal connection tracking will never realize the connection is closed. Extensions like guacamole-auth-jdbc which track connection activity based on closure will fail to properly record the connection as dead, and will require that the connection be explicitly closed by an admin. -- This message was sent by Atlassian JIRA (v6.3.4#6332)