Bug 65051

Summary: [HTTP/2] The socket [*] associated with this connection has been closed.
Product: Tomcat 8 Reporter: Selim Emre Toy <selimemretoy>
Component: ConnectorsAssignee: Tomcat Developers Mailing List <dev>
Status: RESOLVED INVALID    
Severity: normal CC: selimemretoy
Priority: P2    
Version: 8.5.61   
Target Milestone: ----   
Hardware: PC   
OS: Linux   

Description Selim Emre Toy 2021-01-03 16:26:29 UTC 
I have encountered a similar issue with https://bz.apache.org/bugzilla/show_bug.cgi?id=63690 

It's working without SSL in the same environment.

INFO: Loaded Apache Tomcat Native library [1.2.25] using APR version [1.6.3]
INFO: APR capabilities: IPv6 [true], sendfile [true], accept filters [false], random [true].
INFO: APR/OpenSSL configuration: useAprConnector [true], useOpenSSL [true]
INFO: OpenSSL successfully initialized [OpenSSL 1.1.1g  21 Apr 2020]
INFO: The ["http-apr-0.0.0.0-5080"] connector has been configured to support HTTP upgrade to [h2c]
INFO: The ["https-openssl-apr-0.0.0.0-5443"] connector has been configured to support negotiation to [h2] via ALPN
INFO: Starting Servlet Engine: Apache Tomcat/8.5.61

Here is my settings:
<entry key="readTimeout" value="-1"/>
<entry key="disableUploadTimeout" value="true"/>
<entry key="maxHttpHeaderSize" value="8192"/>
<entry key="acceptCount" value="-1"/>
<entry key="connectionTimeout" value="-1"/>
<entry key="overheadWindowUpdateThreshold" value="-1"/>
<entry key="overheadDataThreshold" value="-1"/>
<entry key="writeTimeout" value="-1"/>
<entry key="streamWriteTimeout" value="-1"/>
<entry key="streamReadTimeout" value="-1"/>
<entry key="maxConcurrentStreams" value="300"/>

Here are the logs:

2021-01-03 17:27:51,108 [https-openssl-apr-0.0.0.0-5443-exec-3] org.apache.http.impl.execchain.RetryExec - I/O exception (org.apache.catalina.connector.ClientAbortException) caught when processing request to {}->http://localhost:5080: java.io.IOException: The socket [139,897,419,665,568] associated with this connection has been closed.
Jan 03, 2021 5:27:51 PM org.apache.catalina.core.StandardWrapperValve invoke
SEVERE: Servlet.service() for servlet [RequestDispatherFilter] in context with path [] threw exception
org.apache.http.client.ClientProtocolException
	at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:187)
	at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:118)
	at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:56)
	at io.antmedia.console.servlet.RealProxyServlet.doExecute(RealProxyServlet.java:420)
	at io.antmedia.console.servlet.RealProxyServlet.service(RealProxyServlet.java:354)
	at io.antmedia.console.servlet.URITemplateProxyServlet.service(URITemplateProxyServlet.java:140)
	at io.antmedia.console.servlet.ProxyServlet.service(ProxyServlet.java:43)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:733)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at io.antmedia.console.rest.AuthenticationFilter.doFilter(AuthenticationFilter.java:33)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at io.antmedia.filter.IPFilterDashboard.doFilter(IPFilterDashboard.java:23)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.apache.catalina.filters.CorsFilter.handleNonCORS(CorsFilter.java:364)
	at org.apache.catalina.filters.CorsFilter.doFilter(CorsFilter.java:170)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.red5.logging.LoggerContextFilter.doFilter(LoggerContextFilter.java:84)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:199)
	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:97)
	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:544)
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:143)
	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81)
	at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:690)
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78)
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
	at org.apache.coyote.http2.StreamProcessor.service(StreamProcessor.java:368)
	at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
	at org.apache.coyote.http2.StreamProcessor.process(StreamProcessor.java:71)
	at org.apache.coyote.http2.StreamRunnable.run(StreamRunnable.java:35)
	at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
	at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
	at java.base/java.lang.Thread.run(Thread.java:834)
Caused by: org.apache.http.client.NonRepeatableRequestException: Cannot retry request with a non-repeatable request entity
	at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:108)
	at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110)
	at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185)
	... 41 more
Caused by: org.apache.catalina.connector.ClientAbortException: java.io.IOException: The socket [139,897,419,681,952] associated with this connection has been closed.
	at org.apache.catalina.connector.InputBuffer.realReadBytes(InputBuffer.java:348)
	at org.apache.catalina.connector.InputBuffer.checkByteBufferEof(InputBuffer.java:663)
	at org.apache.catalina.connector.InputBuffer.read(InputBuffer.java:370)
	at org.apache.catalina.connector.CoyoteInputStream.read(CoyoteInputStream.java:183)
	at org.apache.http.entity.InputStreamEntity.writeTo(InputStreamEntity.java:140)
	at org.apache.http.impl.execchain.RequestEntityProxy.writeTo(RequestEntityProxy.java:121)
	at org.apache.http.impl.DefaultBHttpClientConnection.sendRequestEntity(DefaultBHttpClientConnection.java:156)
	at org.apache.http.impl.conn.CPoolProxy.sendRequestEntity(CPoolProxy.java:152)
	at org.apache.http.protocol.HttpRequestExecutor.doSendRequest(HttpRequestExecutor.java:238)
	at org.apache.http.protocol.HttpRequestExecutor.execute(HttpRequestExecutor.java:123)
	at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:272)
	at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:186)
	at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89)
	... 43 more
Caused by: java.io.IOException: The socket [139,897,419,681,952] associated with this connection has been closed.
	at org.apache.tomcat.util.net.AprEndpoint$AprSocketWrapper.doWrite(AprEndpoint.java:2339)
	at org.apache.tomcat.util.net.SocketWrapperBase.doWrite(SocketWrapperBase.java:716)
	at org.apache.tomcat.util.net.SocketWrapperBase.flushBlocking(SocketWrapperBase.java:669)
	at org.apache.tomcat.util.net.SocketWrapperBase.flush(SocketWrapperBase.java:659)
	at org.apache.coyote.http2.Http2UpgradeHandler.writeWindowUpdate(Http2UpgradeHandler.java:832)
	at org.apache.coyote.http2.Stream$StreamInputBuffer.doRead(Stream.java:1160)
	at org.apache.coyote.Request.doRead(Request.java:585)
	at org.apache.catalina.connector.InputBuffer.realReadBytes(InputBuffer.java:344)
	... 55 more
Comment 1 Mark Thomas 2021-01-04 08:32:37 UTC 
There is insufficient information in this report to enable the issue to be reproduced.

Reproduction requires:
- a minimal (ideally single JSP or servlet) web application that reproduces the issue
- the steps to reproduce the issue on clean install of the latest Tomcat 8.5.x release (or the latest release of any supported version)
Comment 2 Selim Emre Toy 2021-01-08 21:29:10 UTC 
Hi Mark,

Let me give an update. As I see, REST API working with also SSL. I have only having this issue in browser side. I think it's related to a browser data frame issue. The weird thing is, I also tried with overheadDataThreshold -1 value. But doesn't work still. 

Let me clear;
Http + Browser -> working properly
Http + REST API -> working properly
Https + Browser -> doesn't work
Https + REST API -> working properly

Our browser application also using REST API in backend.
Comment 3 Mark Thomas 2021-01-11 09:07:26 UTC 
Restoring the NEEDINFO state as the information requested in #1 has not been provided.

There are multiple parameters related to managing HTTP/2 overhead. See http://tomcat.apache.org/tomcat-9.0-doc/config/http2.html

Enabling HTTP/2 debug logging (see $CATALINA_BASE/conf/logging.properties) should enable you to identify any issues.
Comment 4 Mark Thomas 2021-01-22 17:07:11 UTC 
Resolving this as invalid as all the indications so far is that this is inefficient framing on the client that Tomcat is detecting as a DoS attempt. Please use the users mailing list for further assistance.

http://tomcat.apache.org/lists.html#tomcat-users

This issue can be re-opened if on list discussions determine there is a bug here.