Embedded Tomcat 9.0.43 : WINDOW_UPDATE not sent when receiving http2 requests over unknown url

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
8 messages Options
Reply | Threaded
Open this post in threaded view
|

Embedded Tomcat 9.0.43 : WINDOW_UPDATE not sent when receiving http2 requests over unknown url

Arshiya Shariff
Hi All,
We are using embedded tomcat version 9.0.43 in our application to transport http/2 packets between 2 systems (h2c connection). All parameters used are the tomcat defaults.

We are facing the below issue :

  1.  Tomcat is not sending WINDOW_UPDATE when a request(payload > 65K) is landed on an Unknown URL(which is not deployed as a servlet and not having  a servlet mapping). The same is working when request landed on an known URL(which is deployed as a servlet and has an servlet mapping).
  2.  Tomcat is listening on 1080 port, client is sending packet size of > 65KB, but here tomcat receives only 65KB  and not receiving full DATA, later tomcat sends RST_STREAM, further no WINDOW_UPDATE, after that client is not able to send DATA frames as there is no WINDOW_UPDATE from tomcat.


Kindly let us know whether it is a bug or not.

Working case :
Client is sending to an correct URL of size/payload > 65KB. Tomcat is sending WINDOW_UPDATE. 200OK from application, which is working properly. Later client is able to send requests along with DATA also, and tomcat is receiving those

I have placed the PCAPs for the Working(correct url) and Not Working Case (unknown url) in the below path:
      https://drive.google.com/drive/folders/1IN4XVQe2cvGIIQbHmAu-XLeWhjb-rykr?usp=sharing


Thanks and Regards
Arshiya Shariff


Reply | Threaded
Open this post in threaded view
|

Re: Embedded Tomcat 9.0.43 : WINDOW_UPDATE not sent when receiving http2 requests over unknown url

markt
On 10/03/2021 05:26, Arshiya Shariff wrote:

> Hi All,
> We are using embedded tomcat version 9.0.43 in our application to transport http/2 packets between 2 systems (h2c connection). All parameters used are the tomcat defaults.
>
> We are facing the below issue :
>
>    1.  Tomcat is not sending WINDOW_UPDATE when a request(payload > 65K) is landed on an Unknown URL(which is not deployed as a servlet and not having  a servlet mapping). The same is working when request landed on an known URL(which is deployed as a servlet and has an servlet mapping).
>    2.  Tomcat is listening on 1080 port, client is sending packet size of > 65KB, but here tomcat receives only 65KB  and not receiving full DATA, later tomcat sends RST_STREAM, further no WINDOW_UPDATE, after that client is not able to send DATA frames as there is no WINDOW_UPDATE from tomcat.
>
>
> Kindly let us know whether it is a bug or not.

Certainly looks like a bug. I'll investigate now...

Mark


>
> Working case :
> Client is sending to an correct URL of size/payload > 65KB. Tomcat is sending WINDOW_UPDATE. 200OK from application, which is working properly. Later client is able to send requests along with DATA also, and tomcat is receiving those
>
> I have placed the PCAPs for the Working(correct url) and Not Working Case (unknown url) in the below path:
>        https://drive.google.com/drive/folders/1IN4XVQe2cvGIIQbHmAu-XLeWhjb-rykr?usp=sharing
>
>
> Thanks and Regards
> Arshiya Shariff
>
>
>


---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

RE: Embedded Tomcat 9.0.43 : WINDOW_UPDATE not sent when receiving http2 requests over unknown url

Arshiya Shariff
Thank you Mark . Please keep us posted regarding the fix .

-----Original Message-----
From: Mark Thomas <[hidden email]>
Sent: Wednesday, March 10, 2021 6:28 PM
To: [hidden email]
Subject: Re: Embedded Tomcat 9.0.43 : WINDOW_UPDATE not sent when receiving http2 requests over unknown url

On 10/03/2021 05:26, Arshiya Shariff wrote:

> Hi All,
> We are using embedded tomcat version 9.0.43 in our application to transport http/2 packets between 2 systems (h2c connection). All parameters used are the tomcat defaults.
>
> We are facing the below issue :
>
>    1.  Tomcat is not sending WINDOW_UPDATE when a request(payload > 65K) is landed on an Unknown URL(which is not deployed as a servlet and not having  a servlet mapping). The same is working when request landed on an known URL(which is deployed as a servlet and has an servlet mapping).
>    2.  Tomcat is listening on 1080 port, client is sending packet size of > 65KB, but here tomcat receives only 65KB  and not receiving full DATA, later tomcat sends RST_STREAM, further no WINDOW_UPDATE, after that client is not able to send DATA frames as there is no WINDOW_UPDATE from tomcat.
>
>
> Kindly let us know whether it is a bug or not.

Certainly looks like a bug. I'll investigate now...

Mark


>
> Working case :
> Client is sending to an correct URL of size/payload > 65KB. Tomcat is sending WINDOW_UPDATE. 200OK from application, which is working properly. Later client is able to send requests along with DATA also, and tomcat is receiving those
>
> I have placed the PCAPs for the Working(correct url) and Not Working Case (unknown url) in the below path:
>        https://protect2.fireeye.com/v1/url?k=e9471c24-b6dc2509-e9475cbf-8692dc8284cb-4463215f54d09c7e&q=1&e=77145d97-7041-4d7c-bf52-6bccde1b4a62&u=https%3A%2F%2Fdrive.google.com%2Fdrive%2Ffolders%2F1IN4XVQe2cvGIIQbHmAu-XLeWhjb-rykr%3Fusp%3Dsharing
>
>
> Thanks and Regards
> Arshiya Shariff
>
>
>


---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]


---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Embedded Tomcat 9.0.43 : WINDOW_UPDATE not sent when receiving http2 requests over unknown url

Doug Whitfield
-----Original Message-----
From: Mark Thomas <[hidden email]>
Sent: Wednesday, March 10, 2021 6:28 PM
To: [hidden email]
Subject: Re: Embedded Tomcat 9.0.43 : WINDOW_UPDATE not sent when receiving http2 requests over unknown url

On 10/03/2021 05:26, Arshiya Shariff wrote:

> Hi All,
> We are using embedded tomcat version 9.0.43 in our application to transport http/2 packets between 2 systems (h2c connection). All parameters used are the tomcat defaults.
>
> We are facing the below issue :
>
>    1.  Tomcat is not sending WINDOW_UPDATE when a request(payload > 65K) is landed on an Unknown URL(which is not deployed as a servlet and not having  a servlet mapping). The same is working when request landed on an known URL(which is deployed as a servlet and has an servlet mapping).
>    2.  Tomcat is listening on 1080 port, client is sending packet size of > 65KB, but here tomcat receives only 65KB  and not receiving full DATA, later tomcat sends RST_STREAM, further no WINDOW_UPDATE, after that client is not able to send DATA frames as there is no WINDOW_UPDATE from tomcat.
>
>
> Kindly let us know whether it is a bug or not.

>> Certainly looks like a bug. I'll investigate now...

Just FYI:
I was able to reproduce this issue on 8.5.64 and 9.0.44. I’m going to start doing some testing in earlier versions of 8.5 to see if the issue exist there as well as far as regressions.



This e-mail may contain information that is privileged or confidential. If you are not the intended recipient, please delete the e-mail and any attachments and notify us immediately.

Reply | Threaded
Open this post in threaded view
|

Re: Embedded Tomcat 9.0.43 : WINDOW_UPDATE not sent when receiving http2 requests over unknown url

markt
On 11/03/2021 19:09, Doug Whitfield wrote:

<snip/>

> Just FYI:
> I was able to reproduce this issue on 8.5.64 and 9.0.44. I’m going to start doing some testing in earlier versions of 8.5 to see if the issue exist there as well as far as regressions.

It exists in all 8.5.x, 9.0.x and 10.0.x versions. It has been there
since the beginning of HTTP/2 support.

I am working on a fix which I expect to be in the releases due out in ~1
month's time.

Mark

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Embedded Tomcat 9.0.43 : WINDOW_UPDATE not sent when receiving http2 requests over unknown url

Doug Whitfield
<snip/>
>I am working on a fix which I expect to be in the releases due out in ~1
> month's time.

Thanks Mark! Is there any chance of a patch being available before then that we might be able to backport locally?


This e-mail may contain information that is privileged or confidential. If you are not the intended recipient, please delete the e-mail and any attachments and notify us immediately.

Reply | Threaded
Open this post in threaded view
|

Re: Embedded Tomcat 9.0.43 : WINDOW_UPDATE not sent when receiving http2 requests over unknown url

Doug Whitfield
In reply to this post by markt
<snip/>

> It exists in all 8.5.x, 9.0.x and 10.0.x versions. It has been there
> since the beginning of HTTP/2 support.

Based on our testing the issue was introduced in 9.0.19 and 8.5.55 (we haven’t done any testing on the 10.x branch), which is slightly after the beginning of HTTP/2 support. I don’t know if that is helpful information, but I provide it in case that it is. Apologies for the second email. We were still discussing this internally a bit.

Thanks again for your work on this!


This e-mail may contain information that is privileged or confidential. If you are not the intended recipient, please delete the e-mail and any attachments and notify us immediately.

Reply | Threaded
Open this post in threaded view
|

Re: Embedded Tomcat 9.0.43 : WINDOW_UPDATE not sent when receiving http2 requests over unknown url

markt
In reply to this post by Doug Whitfield
On 11/03/2021 20:01, Doug Whitfield wrote:
> <snip/>
>> I am working on a fix which I expect to be in the releases due out in ~1
>> month's time.
>
> Thanks Mark! Is there any chance of a patch being available before then that we might be able to backport locally?

It is fixed in 10.0.x, 9.0.x and 8.5.x now. It isn't a simple back-port.
There were quite a few related changes and associated refactoring. If
you want to test locally, I suggest building HEAD rather than
back-porting commits.

Mark

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]