Hey everyone I'm running an SSL protected instance of Wave at https://wave.honet.ch The SSL cert is signed by my own CA. It runs fine in general but there are some exceptions. Whenever the webinterface is accessed w/ Chrome/Chromium, it displays an error message and the server logs the following line: 2013-02-19 10:24:14.862:WARN:oeji.nio:javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack?
After a while though, Chrome/Chromium will still load wave and work fine from that point on. However, I setup a microbox instance on appengine to provide a mobile interface to my wave server. https://github.com/vega113/microbox I changed the source so all urls say "https" instead of "http". But it won't work. When I try to login, an error message is being displayd: Timeout while fetching URL: https://wave.honet.ch:443/robot/dataapi/oauth/OAuthGetRequestToken?scope=&oauth_consumer_key=anonymous&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1361269486&oauth_nonce=10053416238762950&oauth_version=1.0&oauth_signature=Dv0%2FOk%2BW8pXbIzasrgQrgs6td7M%3D When I open that URL in Firefox just afterwards, it works and an oauth token is being provided. At the moment that Appengine tries to access my WIAB server, the WIAB server logs the same line it logs when Chrome/Chromium tries to access it (see above). Andy idea what the cause of that is and/or how I can fix it? Thanks a lot! Here is the output from the Appengine admin interface: com.wavylabs.microbox.dance.OAuthFilter doFilter: java.net.SocketTimeoutException: Timeout while fetching URL: https://wave.honet.ch:443/robot/dataapi/oauth/OAuthGetRequestToken?scope=&oauth_consumer_key=anonymous&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1361268311&oauth_nonce=10052241342006392&oauth_version=1.0&oauth_signature=4FKFInloIjpVYr7DO6jYH0rEpxg%3D at com.google.appengine.api.urlfetch.URLFetchServiceImpl.convertApplicationException(URLFetchServiceImpl.java:142) at com.google.appengine.api.urlfetch.URLFetchServiceImpl.fetch(URLFetchServiceImpl.java:43) at com.google.apphosting.utils.security.urlfetch.URLFetchServiceStreamHandler$Connection.fetchResponse(URLFetchServiceStreamHandler.java:417) at com.google.apphosting.utils.security.urlfetch.URLFetchServiceStreamHandler$Connection.getInputStream(URLFetchServiceStreamHandler.java:296) at com.google.apphosting.utils.security.urlfetch.URLFetchServiceStreamHandler$Connection.getResponseCode(URLFetchServiceStreamHandler.java:149) at com.wavylabs.microbox.dance.UrlConnectionHttpClient.execute(UrlConnectionHttpClient.java:109) at net.oauth.client.OAuthClient.access(OAuthClient.java:317) at net.oauth.client.OAuthClient.invoke(OAuthClient.java:304) at net.oauth.client.OAuthClient.invoke(OAuthClient.java:260) at net.oauth.client.OAuthClient.getRequestTokenResponse(OAuthClient.java:190) at net.oauth.client.OAuthClient.getRequestToken(OAuthClient.java:148) at net.oauth.client.OAuthClient.getRequestToken(OAuthClient.java:124) at com.wavylabs.microbox.dance.OAuthFilter.doFilter(OAuthFilter.java:85) at com.google.inject.servlet.FilterDefinition.doFilter(FilterDefinition.java:129) at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:59) at com.google.inject.servlet.ManagedFilterPipeline.dispatch(ManagedFilterPipeline.java:122) at com.google.inject.servlet.GuiceFilter.doFilter(GuiceFilter.java:110) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157) at com.google.apphosting.utils.servlet.ParseBlobUploadFilter.doFilter(ParseBlobUploadFilter.java:125) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157) at com.google.apphosting.runtime.jetty.SaveSessionFilter.doFilter(SaveSessionFilter.java:35) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157) at com.google.apphosting.utils.servlet.TransactionCleanupFilter.doFilter(TransactionCleanupFilter.java:43) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157) at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:388) at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216) at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:182) at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:765) at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:418) at com.google.apphosting.runtime.jetty.AppVersionHandlerMap.handle(AppVersionHandlerMap.java:266) at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152) at org.mortbay.jetty.Server.handle(Server.java:326) at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:542) at org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:923) at com.google.apphosting.runtime.jetty.RpcRequestParser.parseAvailable(RpcRequestParser.java:76) at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:404) at com.google.apphosting.runtime.jetty.JettyServletEngineAdapter.serviceRequest(JettyServletEngineAdapter.java:146) at com.google.apphosting.runtime.JavaRuntime$RequestRunnable.run(JavaRuntime.java:447) at com.google.tracing.TraceContext$TraceContextRunnable.runInContext(TraceContext.java:454) at com.google.tracing.TraceContext$TraceContextRunnable$1.run(TraceContext.java:461) at com.google.tracing.TraceContext.runInContext(TraceContext.java:703) at com.google.tracing.TraceContext$AbstractTraceContextCallback.runInInheritedContextNoUnref(TraceContext.java:338) at com.google.tracing.TraceContext$AbstractTraceContextCallback.runInInheritedContext(TraceContext.java:330) at com.google.tracing.TraceContext$TraceContextRunnable.run(TraceContext.java:458) at com.google.apphosting.runtime.ThreadGroupPool$PoolEntry.run(ThreadGroupPool.java:251) at java.lang.Thread.run(Thread.java:679) -- Freundliche Gruesse Niklaus Manuel Hofer Neuhausweg 11 3506 Grosshoechstetten Tel. +41-79-439 10 56 [email protected] () ascii ribbon campaign - against html e-mail /\ www.asciiribbon.org - against proprietary attachments
