From: Ramya G. <ram...@gm...> - 2017-01-29 01:36:18
|
Hi Quickfixj Team, I'm new to quickfix/j and i'm working on setting up FIX Initiator for my project. Sources: Quickfix/j 1.6.3 with fixes on PR92 mina core 2.0.16 I'm trying to reach the destination through proxy and the proxy type is HTTP and version 1.1. And also in my case SSL is enabled and it is just Initiator. SocketUseSSL=Y ProxyType=http ProxyVersion=1.1 ProxyHost=proxy.host.name ProxyPort=1080 Note:I'm able to create a FIX session to my destination and download the FIX messages using SOCKS proxy type with SSL. I'm getting the below exception when i use HTTP proxy type.The connection is getting established but SSL handshake is not happening. Please let me know if you have any input. Exceptions below. Allow unsafe renegotiation: false Allow legacy hello messages: true Is initial handshake: true Is secure renegotiation: false %% No cached client session *** ClientHello, TLSv1.2 RandomCookie: GMT: 1468874490 bytes = { 121, 21, 18, 137, 39, 239, 210, 1, 91, 146, 111, 177, 251, 218, 4, 205, 185, 99, 79, 137, 152, 231, 184, 76, 166, 22, 210, 139 } Session ID: {} Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_SHA, TLS_ECDH_ECDSA_WITH_RC4_128_SHA, TLS_ECDH_RSA_WITH_RC4_128_SHA, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_RC4_128_MD5, TLS_EMPTY_RENEGOTIATION_INFO_SCSV] Compression Methods: { 0 } Extension elliptic_curves, curve names: {secp256r1, sect163k1, sect163r2, secp192r1, secp224r1, sect233k1, sect233r1, sect283k1, sect283r1, secp384r1, sect409k1, sect409r1, secp521r1, sect571k1, sect571r1, secp160k1, secp160r1, secp160r2, sect163r1, secp192k1, sect193r1, sect193r2, secp224k1, sect239k1, secp256k1} Extension ec_point_formats, formats: [uncompressed] Extension signature_algorithms, signature_algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA224withECDSA, SHA224withRSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA, MD5withRSA *** [write] MD5 and SHA1 hashes: len = 179 0000: 01 00 00 AF 03 03 58 8D 3F FA 79 15 12 89 27 EF ......X.?.y...'. 0010: D2 01 5B 92 6F B1 FB DA 04 CD B9 63 4F 89 98 E7 ..[.o......cO... 0020: B8 4C A6 16 D2 8B 00 00 2A C0 09 C0 13 00 2F C0 .L......*...../. 0030: 04 C0 0E 00 33 00 32 C0 07 C0 11 00 05 C0 02 C0 ....3.2......... 0040: 0C C0 08 C0 12 00 0A C0 03 C0 0D 00 16 00 13 00 ................ 0050: 04 00 FF 01 00 00 5C 00 0A 00 34 00 32 00 17 00 ......\...4.2... 0060: 01 00 03 00 13 00 15 00 06 00 07 00 09 00 0A 00 ................ 0070: 18 00 0B 00 0C 00 19 00 0D 00 0E 00 0F 00 10 00 ................ 0080: 11 00 02 00 12 00 04 00 05 00 14 00 08 00 16 00 ................ 0090: 0B 00 02 01 00 00 0D 00 1A 00 18 06 03 06 01 05 ................ 00A0: 03 05 01 04 03 04 01 03 03 03 01 02 03 02 01 02 ................ 00B0: 02 01 01 ... NioProcessor-2, WRITE: TLSv1.2 Handshake, length = 179 [write] MD5 and SHA1 hashes: len = 122 0000: 01 03 03 00 51 00 00 00 20 00 C0 09 06 00 40 00 ....Q... .....@. 0010: C0 13 00 00 2F 00 C0 04 01 00 80 00 C0 0E 00 00 ..../........... 0020: 33 00 00 32 00 C0 07 05 00 80 00 C0 11 00 00 05 3..2............ 0030: 00 C0 02 00 C0 0C 00 C0 08 00 C0 12 00 00 0A 07 ................ 0040: 00 C0 00 C0 03 02 00 80 00 C0 0D 00 00 16 00 00 ................ 0050: 13 00 00 04 01 00 80 00 00 FF 58 8D 3F FA 79 15 ..........X.?.y. 0060: 12 89 27 EF D2 01 5B 92 6F B1 FB DA 04 CD B9 63 ..'...[.o......c 0070: 4F 89 98 E7 B8 4C A6 16 D2 8B O....L.... NioProcessor-2, WRITE: SSLv2 client hello message, length = 122 NioProcessor-2, called closeOutbound() NioProcessor-2, closeOutboundInternal() NioProcessor-2, SEND TLSv1 ALERT: warning, description = close_notify NioProcessor-2, WRITE: TLSv1 Alert, length = 2 [Raw write]: length = 124 0000: 80 7A 01 03 03 00 51 00 00 00 20 00 C0 09 06 00 .z....Q... ..... 0010: 40 00 C0 13 00 00 2F 00 C0 04 01 00 80 00 C0 0E @...../......... 0020: 00 00 33 00 00 32 00 C0 07 05 00 80 00 C0 11 00 ..3..2.......... 0030: 00 05 00 C0 02 00 C0 0C 00 C0 08 00 C0 12 00 00 ................ 0040: 0A 07 00 C0 00 C0 03 02 00 80 00 C0 0D 00 00 16 ................ 0050: 00 00 13 00 00 04 01 00 80 00 00 FF 58 8D 3F FA ............X.?. 0060: 79 15 12 89 27 EF D2 01 5B 92 6F B1 FB DA 04 CD y...'...[.o..... 0070: B9 63 4F 89 98 E7 B8 4C A6 16 D2 8B .cO....L.... {01/28/2017 20:06:03 EST ERROR [NioProcessor-2] (AbstractIoHandler.java:86) - Socket (<proxyhost/proxyi/p:proxyport>): javax.net.ssl.SSLException: Improper close state: Status = OK HandshakeStatus = NEED_WRAP bytesConsumed = 0 bytesProduced = 124 javax.net.ssl.SSLException: Improper close state: Status = OK HandshakeStatus = NEED_WRAP bytesConsumed = 0 bytesProduced = 124 at org.apache.mina.filter.ssl.SslHandler.closeOutbound(SslHandler.java:499) at org.apache.mina.filter.ssl.SslFilter.initiateClosure(SslFilter.java:740) at org.apache.mina.filter.ssl.SslFilter.filterClose(SslFilter.java:675) at org.apache.mina.core.filterchain.DefaultIoFilterChain.callPreviousFilterClose(DefaultIoFilterChain.java:644) at org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1600(DefaultIoFilterChain.java:48) at org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.filterClose(DefaultIoFilterChain.java:958) at org.apache.mina.core.filterchain.IoFilterAdapter.filterClose(IoFilterAdapter.java:130) at org.apache.mina.core.filterchain.DefaultIoFilterChain.callPreviousFilterClose(DefaultIoFilterChain.java:644) at org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1600(DefaultIoFilterChain.java:48) at org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.filterClose(DefaultIoFilterChain.java:958) at org.apache.mina.core.filterchain.DefaultIoFilterChain$TailFilter.filterClose(DefaultIoFilterChain.java:882) at org.apache.mina.core.filterchain.DefaultIoFilterChain.callPreviousFilterClose(DefaultIoFilterChain.java:644) at org.apache.mina.core.filterchain.DefaultIoFilterChain.fireFilterClose(DefaultIoFilterChain.java:637) at org.apache.mina.core.session.AbstractIoSession.closeNow(AbstractIoSession.java:348) at org.apache.mina.core.session.AbstractIoSession.close(AbstractIoSession.java:306) at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextExceptionCaught(DefaultIoFilterChain.java:597) at org.apache.mina.core.filterchain.DefaultIoFilterChain.fireExceptionCaught(DefaultIoFilterChain.java:580) at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:544) at org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1300(DefaultIoFilterChain.java:48) at org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.messageReceived(DefaultIoFilterChain.java:943) at org.apache.mina.core.filterchain.IoFilterAdapter.messageReceived(IoFilterAdapter.java:109) at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:542) at org.apache.mina.core.filterchain.DefaultIoFilterChain.fireMessageReceived(DefaultIoFilterChain.java:535) at org.apache.mina.core.polling.AbstractPollingIoProcessor.read(AbstractPollingIoProcessor.java:697) at org.apache.mina.core.polling.AbstractPollingIoProcessor.process(AbstractPollingIoProcessor.java:651) at org.apache.mina.core.polling.AbstractPollingIoProcessor.process(AbstractPollingIoProcessor.java:640) at org.apache.mina.core.polling.AbstractPollingIoProcessor.access$600(AbstractPollingIoProcessor.java:68) at org.apache.mina.core.polling.AbstractPollingIoProcessor$Processor.run(AbstractPollingIoProcessor.java:1097) at org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:64) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) at java.lang.Thread.run(Thread.java:744) NioProcessor-2, called closeInbound() NioProcessor-2, fatal error: 80: Inbound closed before receiving peer's close_notify: possible truncation attack? javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack? NioProcessor-2, SEND TLSv1 ALERT: fatal, description = internal_error NioProcessor-2, Exception sending alert: java.io.IOException: writer side was already closed. [Raw write]: length = 7 0000: 15 03 01 00 02 01 00 ....... NioProcessor-2, called closeOutbound() NioProcessor-2, closeOutboundInternal() Thanks in advance! Regards, Ramya G |