[英]Connection reset by peer with async http client and netty
我使用netty作為http提供程序的Async http客戶端遇到了一個奇怪的問題,它是一個調用遠程Web服務的播放應用程序,但我們無法訪問它。 同樣重要的是要注意,該服務位於SSL加密的域上,並且僅響應該域而不是IP。 堆棧跟蹤:
java.io.IOException: Connection reset by peer
at sun.nio.ch.FileDispatcherImpl.read0(Native Method) ~[na:1.7.0_60]
at sun.nio.ch.SocketDispatcher.read(SocketDispatcher.java:39) ~[na:1.7.0_60]
at sun.nio.ch.IOUtil.readIntoNativeBuffer(IOUtil.java:223) ~[na:1.7.0_60]
at sun.nio.ch.IOUtil.read(IOUtil.java:192) ~[na:1.7.0_60]
at sun.nio.ch.SocketChannelImpl.read(SocketChannelImpl.java:379) ~[na:1.7.0_60]
at org.jboss.netty.channel.socket.nio.NioWorker.read(NioWorker.java:64) ~[netty-3.9.2.Final.jar:na]
at org.jboss.netty.channel.socket.nio.AbstractNioWorker.process(AbstractNioWorker.java:108) ~[netty-3.9.2.Final.jar:na]
at org.jboss.netty.channel.socket.nio.AbstractNioSelector.run(AbstractNioSelector.java:318) ~[netty-3.9.2.Final.jar:na]
at org.jboss.netty.channel.socket.nio.AbstractNioWorker.run(AbstractNioWorker.java:89) ~[netty-3.9.2.Final.jar:na]
at org.jboss.netty.channel.socket.nio.NioWorker.run(NioWorker.java:178) ~[netty-3.9.2.Final.jar:na]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) [na:1.7.0_60]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) [na:1.7.0_60]
at java.lang.Thread.run(Thread.java:745) [na:1.7.0_60]
最奇怪的是,這突然發生了(這是客戶使用的測試環境),這使我相信接收服務或網絡都有問題,但是我無法找出問題所在,因為使用curl調用了相同的URL工作正常。
我試圖通過在本地使用異步http客戶端(該服務器用於其WS接口)來隔離問題,並得到相同的錯誤,curl可以正常工作,使用javas URL-api也可以。 另外,當我將JDKAsyncHttpProvider用作http提供程序時,它也可以很好地工作。
try {
AsyncHttpClientConfig cf = new AsyncHttpClientConfig.Builder().build();
// works if I use JDKAsyncHttpProvider..
//AsyncHttpClient asyncHttpClient = new AsyncHttpClient(new JDKAsyncHttpProvider(cf));
AsyncHttpClient asyncHttpClient = new AsyncHttpClient(cf);
Future<Response> f = asyncHttpClient.prepareGet(nw).execute();
Response r = f.get();
System.out.println(r.getResponseBody());
} catch(Exception e) {
e.printStackTrace();
}
由於我使用播放框架,因此無法更改提供程序。
我目前陷入困境,並要求獲得指示可能是什么問題或調試的下一步。
更新:全部打開調試選項時,出現以下錯誤:
Extension ec_point_formats, formats: [uncompressed]
***
[write] MD5 and SHA1 hashes: len = 149
0000: 01 00 00 91 03 01 53 AD 17 DD 91 78 24 7E 9A 58 ......S....x$..X
0010: 0E CA D9 ED 22 5A A9 DF 3F 4C DD 25 58 E1 E6 C1 ...."Z..?L.%X...
0020: 4C 63 3E 11 78 1E 00 00 2A C0 09 C0 13 00 2F C0 Lc>.x...*...../.
0030: 04 C0 0E 00 33 00 32 C0 07 C0 11 00 05 C0 02 C0 ....3.2.........
0040: 0C C0 08 C0 12 00 0A C0 03 C0 0D 00 16 00 13 00 ................
0050: 04 00 FF 01 00 00 3E 00 0A 00 34 00 32 00 17 00 ......>...4.2...
0060: 01 00 03 00 13 00 15 00 06 00 07 00 09 00 0A 00 ................
0070: 18 00 0B 00 0C 00 19 00 0D 00 0E 00 0F 00 10 00 ................
0080: 11 00 02 00 12 00 04 00 05 00 14 00 08 00 16 00 ................
0090: 0B 00 02 01 00 .....
New I/O worker #2, WRITE: TLSv1 Handshake, length = 149
[Raw write]: length = 154
0000: 16 03 01 00 95 01 00 00 91 03 01 53 AD 17 DD 91 ...........S....
0010: 78 24 7E 9A 58 0E CA D9 ED 22 5A A9 DF 3F 4C DD x$..X...."Z..?L.
0020: 25 58 E1 E6 C1 4C 63 3E 11 78 1E 00 00 2A C0 09 %X...Lc>.x...*..
0030: C0 13 00 2F C0 04 C0 0E 00 33 00 32 C0 07 C0 11 .../.....3.2....
0040: 00 05 C0 02 C0 0C C0 08 C0 12 00 0A C0 03 C0 0D ................
0050: 00 16 00 13 00 04 00 FF 01 00 00 3E 00 0A 00 34 ...........>...4
0060: 00 32 00 17 00 01 00 03 00 13 00 15 00 06 00 07 .2..............
0070: 00 09 00 0A 00 18 00 0B 00 0C 00 19 00 0D 00 0E ................
0080: 00 0F 00 10 00 11 00 02 00 12 00 04 00 05 00 14 ................
0090: 00 08 00 16 00 0B 00 02 01 00 ..........
09:06:05.883 [New I/O worker #2] DEBUG c.n.h.c.p.n.NettyAsyncHttpProvider - Unexpected I/O exception on channel [id: 0x9820cfc1, /192.168.101.123:41411 => domain/148.136.157.62:443]
java.io.IOException: Connection reset by peer
TLS握手有問題,在調試此問題而無法訪問遠程服務時,我還能做更多的事情嗎?
再次更新,這次收到新的錯誤消息:
[write] MD5 and SHA1 hashes: len = 149
0000: 01 00 00 91 03 01 53 AD 1C 54 D6 57 05 7A 89 E5 ......S..T.W.z..
0010: 55 60 01 2F 48 A5 BA EB 4C E6 96 68 E7 B8 2B 67 U`./H...L..h..+g
0020: A2 4C AF C8 9D 10 00 00 2A C0 09 C0 13 00 2F C0 .L......*...../.
0030: 04 C0 0E 00 33 00 32 C0 07 C0 11 00 05 C0 02 C0 ....3.2.........
0040: 0C C0 08 C0 12 00 0A C0 03 C0 0D 00 16 00 13 00 ................
0050: 04 00 FF 01 00 00 3E 00 0A 00 34 00 32 00 17 00 ......>...4.2...
0060: 01 00 03 00 13 00 15 00 06 00 07 00 09 00 0A 00 ................
0070: 18 00 0B 00 0C 00 19 00 0D 00 0E 00 0F 00 10 00 ................
0080: 11 00 02 00 12 00 04 00 05 00 14 00 08 00 16 00 ................
0090: 0B 00 02 01 00 .....
New I/O worker #2, WRITE: TLSv1 Handshake, length = 149
[Raw write]: length = 154
0000: 16 03 01 00 95 01 00 00 91 03 01 53 AD 1C 54 D6 ...........S..T.
0010: 57 05 7A 89 E5 55 60 01 2F 48 A5 BA EB 4C E6 96 W.z..U`./H...L..
0020: 68 E7 B8 2B 67 A2 4C AF C8 9D 10 00 00 2A C0 09 h..+g.L......*..
0030: C0 13 00 2F C0 04 C0 0E 00 33 00 32 C0 07 C0 11 .../.....3.2....
0040: 00 05 C0 02 C0 0C C0 08 C0 12 00 0A C0 03 C0 0D ................
0050: 00 16 00 13 00 04 00 FF 01 00 00 3E 00 0A 00 34 ...........>...4
0060: 00 32 00 17 00 01 00 03 00 13 00 15 00 06 00 07 .2..............
0070: 00 09 00 0A 00 18 00 0B 00 0C 00 19 00 0D 00 0E ................
0080: 00 0F 00 10 00 11 00 02 00 12 00 04 00 05 00 14 ................
0090: 00 08 00 16 00 0B 00 02 01 00 ..........
Hashed wheel timer #2, called closeOutbound()
Hashed wheel timer #2, closeOutboundInternal()
Hashed wheel timer #2, SEND TLSv1 ALERT: warning, description = close_notify
Hashed wheel timer #2, WRITE: TLSv1 Alert, length = 2
Hashed wheel timer #2, called closeInbound()
Hashed wheel timer #2, fatal error: 80: Inbound closed before receiving peer's close_notify: possible truncation attack?
javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack?
Hashed wheel timer #2, SEND TLSv1 ALERT: fatal, description = internal_error
Hashed wheel timer #2, Exception sending alert: java.io.IOException: writer side was already closed.
更新,已解決:
遠程主機將https-證書配置為使用服務器名稱指示SNI,這導致凈值提供程序失敗。 我猜網提提供商還不支持SNI。
當您說“ SSL加密域”時,您的意思是HTTPS?
如果是這樣,則可以使用WS SSL中的調試功能: http : //www.playframework.com/documentation/2.3.x/DebuggingSSL
或直接使用-Djavax.net.debug=all
設置JSSE的調試標志。
另外,在logger.play.api.libs.ws=DEBUG
打開logger.play.api.libs.ws=DEBUG
和logger.org.asynchttpclient=DEBUG
以獲得最大的詳細程度。
如果願意直接使用AsyncHttpClient,而無需通過WS,則也可以直接更改提供程序。 這意味着您可能不得不在onSuccess()回調中弄亂Promise,但是您創建了一個類似WS的受限接口,如果出現問題,它將使您返回Future。
我有同樣的問題。 我能夠通過從Java 6切換到Java 7來解決該問題。這是Java 6不支持服務器名稱指示(SNI)的問題,而Java 7支持該名稱。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.