Re: Tomcat 9.0.59 - TLS 1.3 cipher configuration ignored (TLS 1.2 ok)

2022-03-16 Thread Torsten Krah 
Am Dienstag, dem 15.03.2022 um 15:29 +0100 schrieb Rémy Maucherat:
> I used Panama for prototyping, SSL_CTX_set_ciphersuites works but is
> 
> not so trivial to use. If you try using the ciphersuite for more than
> 
> 1.3, there will be warnings (which I improved), and the default
> Tomcat
> 
> uses also does not make sense for 1.3. I wonder if it should revert
> to
> 
> not setting anything in that case (which would need some more
> 
> changes).
> 
> 
> 
> Rémy

Should I open a bug / feature request in bugzilla to track that
feature?

Torsten
-- 



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

AW: Many IllegalStateException when using http2 protocol

2022-03-16 Thread Thomas Hoffmann (Speed4Trade GmbH) 


> -Ursprüngliche Nachricht-
> Von: Thomas Hoffmann (Speed4Trade GmbH)
> 
> Gesendet: Donnerstag, 10. März 2022 21:22
> An: Tomcat Users List 
> Betreff: AW: Many IllegalStateException when using http2 protocol
> 
> 
> 
> > -Ursprüngliche Nachricht-
> > Von: Konstantin Kolinko 
> > Gesendet: Donnerstag, 10. März 2022 16:31
> > An: Tomcat Users List 
> > Betreff: Re: Many IllegalStateException when using http2 protocol
> >
> > чт, 10 мар. 2022 г. в 18:16, Thomas Hoffmann (Speed4Trade GmbH)
> > :
> > >
> > > > -Ursprüngliche Nachricht-
> > > > Von: Konstantin Kolinko 
> > > > Gesendet: Mittwoch, 9. März 2022 00:52
> > > > An: Tomcat Users List 
> > > > Betreff: Re: Many IllegalStateException when using http2 protocol
> > > >
> > > > пн, 7 мар. 2022 г. в 16:26, Thomas Hoffmann (Speed4Trade GmbH)
> > > > :
> > > > >
> > > > > Hello,
> > > > >
> > > > > Since upgrading from Tomcat 9.0.56 to Tomcat 10.0.16, the
> > > > > localhost-logfile
> > > > is filling up with stacks of the form:
> > > > >
> > > > > 07-Mar-2022 07:24:01.780 SCHWERWIEGEND
> > > > > [https-openssl-nio-443-exec-
> > > > 21] org.apache.catalina.core.ApplicationDispatcher.invoke
> > > > Servlet.service() for servlet [jsp] threw exception
> > > > > java.lang.IllegalStateException: Connection [66], Stream
> > > > > [113], Unable
> > > > to write to stream once it has been closed
> > > > > at
> > > >
> >
> org.apache.coyote.http2.Stream$StreamOutputBuffer.doWrite(Stream.java:
> > > > 843)
> > > > > at
> > > > org.apache.coyote.http11.filters.GzipOutputFilter$FakeOutputStream
> > > > .w
> > > > rite(
> > > > GzipOutputFilter.java:159)
> > > > > at
> > > >
> >
> java.base/java.util.zip.DeflaterOutputStream.deflate(DeflaterOutputStream.
> > > > java:252)
> > > > > at
> > > > java.base/java.util.zip.DeflaterOutputStream.write(DeflaterOutputS
> > > > tr
> > > > eam.ja
> > > > va:210)
> > > > > at
> > > > java.base/java.util.zip.GZIPOutputStream.write(GZIPOutputStream.ja
> > > > va
> > > > :148
> > > > )
> > > > > at
> > > >
> >
> org.apache.coyote.http11.filters.GzipOutputFilter.doWrite(GzipOutputFilter.
> > > > java:69)
> > > > > at
> > > >
> > org.apache.coyote.http2.Http2OutputBuffer.doWrite(Http2OutputBuffer.
> > > > jav
> > > > a:59)
> > > > > at 
> > > > > org.apache.coyote.Response.doWrite(Response.java:625)
> > > > > at
> > > > org.apache.catalina.connector.OutputBuffer.realWriteBytes(OutputBu
> > > > ff
> > > > er.ja
> > > > va:340)
> > > > > at
> > > > org.apache.catalina.connector.OutputBuffer.flushByteBuffer(OutputB
> > > > uf
> > > > fer.j
> > > > ava:783)
> > > > > at
> > > > org.apache.catalina.connector.OutputBuffer.realWriteChars(OutputBu
> > > > ff
> > > > er.ja
> > > > va:453)
> > > > > at
> > > > org.apache.catalina.connector.OutputBuffer.flushCharBuffer(OutputB
> > > > uf
> > > > fer.j
> > > > ava:788)
> > > > > at
> > > >
> org.apache.catalina.connector.OutputBuffer.append(OutputBuffer.java:
> > > > 727)
> > > > > at
> > > > org.apache.catalina.connector.OutputBuffer.write(OutputBuffer.java
> > > > :5
> > > > 05)
> > > > > at
> > > > org.apache.catalina.connector.CoyoteWriter.write(CoyoteWriter.java
> > > > :1
> > > > 48)
> > > > > at
> > > >
> >
> org.apache.catalina.filters.ExpiresFilter$XPrintWriter.write(ExpiresFilter.java:
> > > > 850)
> > > > > at
> > > > org.apache.jasper.runtime.JspWriterImpl.write(JspWriterImpl.java:2
> > > > 75
> > > > )
> > > > > at 
> > > > > java.base/java.io.PrintWriter.write(PrintWriter.java:506)
> > > > > at
> > > > org.apache.jasper.runtime.JspWriterImpl.write(JspWriterImpl.java:2
> > > > 75
> > > > )
> > > > > at 
> > > > > java.base/java.io.PrintWriter.write(PrintWriter.java:506)
> > > > > at
> > > > org.apache.jasper.runtime.JspWriterImpl.flushBuffer(JspWriterImpl.
> > > > ja
> > > > va:112
> > > > )
> > > > > at
> > > > org.apache.jasper.runtime.JspWriterImpl.flush(JspWriterImpl.java:1
> > > > 60
> > > > )
> > > > > at
> > > > org.apache.jsp.WEB_002dINF.jsp.businessrelations.ticket_005frelati
> > > > on
> > > > s_inc_
> > > > jsp._jspService(ticket_005frelations_inc_jsp.java:702)
> > > > > ...
> > > > >
> > > > > The jsp-file varies between the stacktraces, so it is not
> > > > > related to a certain
> > > > jsp-File.
> > > > > The stream.java looks like (which didn’t change from Tomcat 9 to 10):
> > > > > @Override
> > > > > public final synchronized int doWrite(ByteBuffer chunk)
> > > > > throws
> > > > IOException {
> > > > > if (closed) {
> > > > > throw new IllegalStateException(
> > > > > sm.getString("stream.clo