Mono.Security.Protocol.Tls.TlsException: 缓冲区欠载
Mono.Security.Protocol.Tls.TlsException: buffer underrun
我有一个很奇怪的问题。
我们实施了一个 Soap API 来与第三方对话。 API 之类的作品。有一个 IsAlive
方法可以检查第三方服务是否存在。
我们的应用程序托管在 Ubuntu 14.04
服务器上 Apache
下 Mod-Mono
(Mono
)。
我们在加载特定页面时称其为 API。它工作到一定程度然后我们得到一个错误。 IE。您可以多次向 IsAlive
xxx(它是随机的)发出请求并且它有效,然后下次您尝试执行此操作时会抛出以下异常:
System.Web.HttpUnhandledException: Exception of type 'System.Web.HttpUnhandledException' was thrown. ---> System.Net.WebException: Error writing headers ---> System.IO.IOException: Error while sending TLS Alert (Fatal:InternalError): System.IO.IOException: The authentication or decryption has failed. ---> Mono.Security.Protocol.Tls.TlsException: buffer underrun
at Mono.Security.Protocol.Tls.RecordProtocol.ReadRecordBuffer (Int32 contentType, System.IO.Stream record) [0x00000] in <filename unknown>:0
at Mono.Security.Protocol.Tls.RecordProtocol.InternalReceiveRecordCallback (IAsyncResult asyncResult) [0x00000] in <filename unknown>:0
--- End of inner exception stack trace ---
at Mono.Security.Protocol.Tls.SslClientStream.EndNegotiateHandshake (IAsyncResult result) [0x00000] in <filename unknown>:0
at Mono.Security.Protocol.Tls.SslStreamBase.AsyncHandshakeCallback (IAsyncResult asyncResult) [0x00000] in <filename unknown>:0 ---> System.IO.IOException: The authentication or decryption has failed. ---> Mono.Security.Protocol.Tls.TlsException: buffer underrun
at Mono.Security.Protocol.Tls.RecordProtocol.ReadRecordBuffer (Int32 contentType, System.IO.Stream record) [0x00000] in <filename unknown>:0
at Mono.Security.Protocol.Tls.RecordProtocol.InternalReceiveRecordCallback (IAsyncResult asyncResult) [0x00000] in <filename unknown>:0
--- End of inner exception stack trace ---
at Mono.Security.Protocol.Tls.SslClientStream.EndNegotiateHandshake (IAsyncResult result) [0x00000] in <filename unknown>:0
at Mono.Security.Protocol.Tls.SslStreamBase.AsyncHandshakeCallback (IAsyncResult asyncResult) [0x00000] in <filename unknown>:0
--- End of inner exception stack trace ---
at System.Net.WebConnection.EndWrite (System.Net.HttpWebRequest request, Boolean throwOnError, IAsyncResult result) [0x00000] in <filename unknown>:0
at System.Net.WebConnectionStream+<SetHeadersAsync>c__AnonStorey1.<>m__0 (IAsyncResult r) [0x00000] in <filename unknown>:0
--- End of inner exception stack trace ---
at System.Net.HttpWebRequest.EndGetResponse (IAsyncResult asyncResult) [0x00000] in <filename unknown>:0
at System.Net.HttpWebRequest.GetResponse () [0x00000] in <filename unknown>:0
at System.Web.Services.Protocols.WebClientProtocol.GetWebResponse (System.Net.WebRequest request) [0x00000] in <filename unknown>:0
--- End of inner exception stack trace ---
at System.Web.UI.Page.ProcessException (System.Exception e) [0x00000] in <filename unknown>:0
at System.Web.UI.Page.ProcessRequest (System.Web.HttpContext context) [0x00000] in <filename unknown>:0
at ASP.somepage_aspx.ProcessRequest (System.Web.HttpContext context) [0x00000] in <filename unknown>:0
at System.Web.HttpApplication+<Pipeline>c__Iterator1.MoveNext () [0x00000] in <filename unknown>:0
at System.Web.HttpApplication.Tick () [0x00000] in <filename unknown>:0
Mono.Security.Protocol.Tls.TlsException: buffer underrun
at Mono.Security.Protocol.Tls.RecordProtocol.ReadRecordBuffer (Int32 contentType, System.IO.Stream record) [0x00000] in <filename unknown>:0
at Mono.Security.Protocol.Tls.RecordProtocol.InternalReceiveRecordCallback (IAsyncResult asyncResult) [0x00000] in <filename unknown>:0
此时的API已经失效了。即使我们刷新页面再调用一次。我们尝试重新请求 2-3 次,然后又出现另一个错误。
System.Web.HttpUnhandledException: Exception of type 'System.Web.HttpUnhandledException' was thrown. ---> System.Net.WebException: The request timed out
at System.Net.HttpWebRequest.GetRequestStream () [0x00000] in <filename unknown>:0
at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke (System.String method_name, System.Object[] parameters) [0x00000] in <filename unknown>:0
--- End of inner exception stack trace ---
at System.Web.UI.Page.ProcessException (System.Exception e) [0x00000] in <filename unknown>:0
at System.Web.UI.Page.ProcessRequest (System.Web.HttpContext context) [0x00000] in <filename unknown>:0
at ASP.somepage_aspx.ProcessRequest (System.Web.HttpContext context) [0x00000] in <filename unknown>:0
at System.Web.HttpApplication+<Pipeline>c__Iterator1.MoveNext () [0x00000] in <filename unknown>:0
at System.Web.HttpApplication.Tick () [0x00000] in <filename unknown>:0
System.Net.WebException: The request timed out
at System.Net.HttpWebRequest.GetRequestStream () [0x00000] in <filename unknown>:0
at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke (System.String method_name, System.Object[] parameters) [0x00000] in <filename unknown>:0
让 API 再次工作的唯一方法是重新启动 Ubuntu 服务器。
下面是我们如何发送请求的片段。
public string TestSiteStatus()
{
getSiteStatus site = new getSiteStatus();
site.site = "XXX";
string res = "";
using (SiteServiceImplService service = new SiteServiceImplService())
{
res = service.getSiteStatus(site);
}
return res;
}
有人知道这里出了什么问题吗?我的实现有问题还是 Mono 框架问题?
我已尝试此页面上的说明:http://www.mono-project.com/docs/faq/security/ 但没有成功。当我 运行 测试时,它通过了第一次,有时是第二次,但之后失败了。
原来我们的第三方存在证书问题。他们更新了他们的证书,我们将它们添加到我们的商店中,并且成功了。
我们的 API SSL 证书容易受到 LogJam 攻击。证书的加密导致我们的服务器出现问题。
这link帮助我们测试并找到了问题。
我有一个很奇怪的问题。
我们实施了一个 Soap API 来与第三方对话。 API 之类的作品。有一个 IsAlive
方法可以检查第三方服务是否存在。
我们的应用程序托管在 Ubuntu 14.04
服务器上 Apache
下 Mod-Mono
(Mono
)。
我们在加载特定页面时称其为 API。它工作到一定程度然后我们得到一个错误。 IE。您可以多次向 IsAlive
xxx(它是随机的)发出请求并且它有效,然后下次您尝试执行此操作时会抛出以下异常:
System.Web.HttpUnhandledException: Exception of type 'System.Web.HttpUnhandledException' was thrown. ---> System.Net.WebException: Error writing headers ---> System.IO.IOException: Error while sending TLS Alert (Fatal:InternalError): System.IO.IOException: The authentication or decryption has failed. ---> Mono.Security.Protocol.Tls.TlsException: buffer underrun
at Mono.Security.Protocol.Tls.RecordProtocol.ReadRecordBuffer (Int32 contentType, System.IO.Stream record) [0x00000] in <filename unknown>:0
at Mono.Security.Protocol.Tls.RecordProtocol.InternalReceiveRecordCallback (IAsyncResult asyncResult) [0x00000] in <filename unknown>:0
--- End of inner exception stack trace ---
at Mono.Security.Protocol.Tls.SslClientStream.EndNegotiateHandshake (IAsyncResult result) [0x00000] in <filename unknown>:0
at Mono.Security.Protocol.Tls.SslStreamBase.AsyncHandshakeCallback (IAsyncResult asyncResult) [0x00000] in <filename unknown>:0 ---> System.IO.IOException: The authentication or decryption has failed. ---> Mono.Security.Protocol.Tls.TlsException: buffer underrun
at Mono.Security.Protocol.Tls.RecordProtocol.ReadRecordBuffer (Int32 contentType, System.IO.Stream record) [0x00000] in <filename unknown>:0
at Mono.Security.Protocol.Tls.RecordProtocol.InternalReceiveRecordCallback (IAsyncResult asyncResult) [0x00000] in <filename unknown>:0
--- End of inner exception stack trace ---
at Mono.Security.Protocol.Tls.SslClientStream.EndNegotiateHandshake (IAsyncResult result) [0x00000] in <filename unknown>:0
at Mono.Security.Protocol.Tls.SslStreamBase.AsyncHandshakeCallback (IAsyncResult asyncResult) [0x00000] in <filename unknown>:0
--- End of inner exception stack trace ---
at System.Net.WebConnection.EndWrite (System.Net.HttpWebRequest request, Boolean throwOnError, IAsyncResult result) [0x00000] in <filename unknown>:0
at System.Net.WebConnectionStream+<SetHeadersAsync>c__AnonStorey1.<>m__0 (IAsyncResult r) [0x00000] in <filename unknown>:0
--- End of inner exception stack trace ---
at System.Net.HttpWebRequest.EndGetResponse (IAsyncResult asyncResult) [0x00000] in <filename unknown>:0
at System.Net.HttpWebRequest.GetResponse () [0x00000] in <filename unknown>:0
at System.Web.Services.Protocols.WebClientProtocol.GetWebResponse (System.Net.WebRequest request) [0x00000] in <filename unknown>:0
--- End of inner exception stack trace ---
at System.Web.UI.Page.ProcessException (System.Exception e) [0x00000] in <filename unknown>:0
at System.Web.UI.Page.ProcessRequest (System.Web.HttpContext context) [0x00000] in <filename unknown>:0
at ASP.somepage_aspx.ProcessRequest (System.Web.HttpContext context) [0x00000] in <filename unknown>:0
at System.Web.HttpApplication+<Pipeline>c__Iterator1.MoveNext () [0x00000] in <filename unknown>:0
at System.Web.HttpApplication.Tick () [0x00000] in <filename unknown>:0
Mono.Security.Protocol.Tls.TlsException: buffer underrun
at Mono.Security.Protocol.Tls.RecordProtocol.ReadRecordBuffer (Int32 contentType, System.IO.Stream record) [0x00000] in <filename unknown>:0
at Mono.Security.Protocol.Tls.RecordProtocol.InternalReceiveRecordCallback (IAsyncResult asyncResult) [0x00000] in <filename unknown>:0
此时的API已经失效了。即使我们刷新页面再调用一次。我们尝试重新请求 2-3 次,然后又出现另一个错误。
System.Web.HttpUnhandledException: Exception of type 'System.Web.HttpUnhandledException' was thrown. ---> System.Net.WebException: The request timed out
at System.Net.HttpWebRequest.GetRequestStream () [0x00000] in <filename unknown>:0
at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke (System.String method_name, System.Object[] parameters) [0x00000] in <filename unknown>:0
--- End of inner exception stack trace ---
at System.Web.UI.Page.ProcessException (System.Exception e) [0x00000] in <filename unknown>:0
at System.Web.UI.Page.ProcessRequest (System.Web.HttpContext context) [0x00000] in <filename unknown>:0
at ASP.somepage_aspx.ProcessRequest (System.Web.HttpContext context) [0x00000] in <filename unknown>:0
at System.Web.HttpApplication+<Pipeline>c__Iterator1.MoveNext () [0x00000] in <filename unknown>:0
at System.Web.HttpApplication.Tick () [0x00000] in <filename unknown>:0
System.Net.WebException: The request timed out
at System.Net.HttpWebRequest.GetRequestStream () [0x00000] in <filename unknown>:0
at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke (System.String method_name, System.Object[] parameters) [0x00000] in <filename unknown>:0
让 API 再次工作的唯一方法是重新启动 Ubuntu 服务器。
下面是我们如何发送请求的片段。
public string TestSiteStatus()
{
getSiteStatus site = new getSiteStatus();
site.site = "XXX";
string res = "";
using (SiteServiceImplService service = new SiteServiceImplService())
{
res = service.getSiteStatus(site);
}
return res;
}
有人知道这里出了什么问题吗?我的实现有问题还是 Mono 框架问题?
我已尝试此页面上的说明:http://www.mono-project.com/docs/faq/security/ 但没有成功。当我 运行 测试时,它通过了第一次,有时是第二次,但之后失败了。
原来我们的第三方存在证书问题。他们更新了他们的证书,我们将它们添加到我们的商店中,并且成功了。
我们的 API SSL 证书容易受到 LogJam 攻击。证书的加密导致我们的服务器出现问题。
这link帮助我们测试并找到了问题。