Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Cannot connect to port 8080 #548

Closed
jhiemer opened this issue Jul 20, 2016 · 2 comments
Closed

Cannot connect to port 8080 #548

jhiemer opened this issue Jul 20, 2016 · 2 comments

Comments

@jhiemer
Copy link

jhiemer commented Jul 20, 2016

Hi,
I have setup concourse via bosh, I have provided a self-signed certificate and the deployment process went through smoothly. I can't see any suspect logs but I am not able to connect to port 8080.

openssl s_client
connect: Connection refused
connect:errno=111
bosh_mriosgbjp@16819eb4-b5ba-437b-924c-45b2063d72af:~$ openssl s_client -connect 172.24.100.11:8080
CONNECTED(00000003)
140278836115104:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:795:

---
no peer certificate available

---
No client certificate CA names sent

---
SSL handshake has read 7 bytes and written 295 bytes

---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE

---

I have debugged for a couple of hours now and have no idea anymore. When I do a tcpump, I can see the the requests arriving:

20:21:30.824231 IP p4FEAACE3.dip0.t-ipconnect.de.61582 > 172.24.100.11.http-alt: Flags [.], ack 89, win 4101, options [nop,nop,TS val 387114186 ecr 21660283], length 0
20:21:30.824674 IP p4FEAACE3.dip0.t-ipconnect.de.61582 > 172.24.100.11.http-alt: Flags [.], ack 90, win 4101, options [nop,nop,TS val 387114186 ecr 21660283], length 0
20:21:30.824721 IP p4FEAACE3.dip0.t-ipconnect.de.61582 > 172.24.100.11.http-alt: Flags [P.], seq 130:137, ack 90, win 4101, options [nop,nop,TS val 387114186 ecr 21660283], length 7

But they do not get processed properly.
@concourse-bot
Copy link
Collaborator

Hi there!

We use Pivotal Tracker to provide visibility into what our team is working on. A story for this issue has been automatically created.

The current status is as follows:

This comment, as well as the labels on the issue, will be automatically updated as the status in Tracker changes.

@jhiemer
Copy link
Author

jhiemer commented Jul 21, 2016

Further debugging, I also did a telnet to the specific IP, which shows that the port is reachable:

telnet 217.26.224.148 8080
Trying 217.26.224.148...
Connected to 217.26.224.148.
Escape character is '^]'.

The certificate was generated with:

openssl genrsa -des3 -passout pass:x -out server.pass.key 2048
openssl rsa -passin pass:x -in server.pass.key -out server.key
rm server.pass.key
openssl req -new -key server.key -out server.csr

openssl x509 -req -sha256 -days 365 -in server.csr -signkey server.key -out server.crt

@jhiemer jhiemer closed this as completed Jul 22, 2016
vito added a commit that referenced this issue Mar 28, 2018
@vito
bump dns
adde734 
Submodule src/github.com/miekg/dns 0c23f842..22cb769f:
  > use a local variable to calculate rtt (#656)
  > [msg] Add UnpackRRWithHeader (#643)
  > fix: panicing on options parsing. (#642)
  > Test that Shutdown does not surface closed errors (#624)
  > Release 1.0.4
  > Fix for CVE-2017-15133 TCP DOS (#631)
  > Add dnscrypt-proxy and rpdns to the list of users (#628)
  > Fix TCP Shutdown 'use of closed network connection' (#623)
  > Release: plain push is also needed
  > Release 1.0.3
  > Ignore malformed UDP datagrams without headers (#622)
  > Fixes #613 & #619 (#621)
  > Revert "Fixes #613 (#617)" (#620)
  > ClassANY: don't convert CLASS255 to ANY (#618)
  > Fixes #613 (#617)
  > test: remove net tests (#616)
  > Release 1.0.1
  > Don't use untrusted lengths from Header to pre-allocate (#610)
  > Unpack: return header (#608)
  > Fix issue #605 (#606)
  > relative include: now tested! (#602)
  > Allow $INCLUDE to reference relative file (#598)
  > Add size-hex: modifier for len() (#599)
  > Some linter fixes from Go report card. (#601)
  > Add codecov yaml to not fail the build (#600)
  > Lint: use ignore-this on generated files (#596)
  > Add semver (#595)
  > Use and vendor golang.org/x/net/ipv4 and golang.org/x/net/ipv6 (#594)
  > EDNS0 client subnet: drop draft option (#589)
  > Add support for TKEY RRs (#567)
  > Modified clientconfig to match ndots0 (#590)
  > 458+dep (#591)
  > Include missing types when for DNSSEC sig verify (#587)
  > Implement CSYNC (#585)
  > Remove idn/ (#584)
  > Spelling fixes (#583)
  > Add fuzzing framework (#580)
  > Fuzzing the text parser: a few fixes (#579)
  > Test: rework concurrentExchange (#576)
  > TSIG name must be presented in canonical form (#574)
  > cleanup: remove debug.Printf from scanner (#573)
  > txt parser: fix goroutine leak (#570)
  > Server: drop inflight waitgroup (#561)
  > Tests: add ListenAndServe tests (#562)
  > Revert "server: drop graceful handling (#546)" (#560)
  > server: drop graceful handling (#546)
  > util.TrimDomainName() fails when origin doesn't end in dot (#559)
  > Tests updates (#556)
  > readme: small bunch updates (#554)
  > golint fixes (#553)
  > Add goreportcard badge (#552)
  > codecov: add shield to README (#551)
  > codecov: add test coverage (#550)
  > Cleanup: gofmt -w -s *.go (#548)
  > Test: remove all Logf/Log (#547)
  > Make compress generate output stable and edns.go formatting (#542)
  > Document SetTsig() needs to be final RRset change (#544)
  > Change quilt.io link in the README to kelda.io (#539)
  > Add Apex in Users (#538)
  > Optimize CompareDomainName (#535)
  > Allow parsing resolv.conf from io.Reader (#532)
  > Fix EDNS0_SUBNET compatibility with dig (#530)
  > Fix EDNS Extended RCODE (#517)
  > Fix IXFR may end prematurely (#512) (#507)
  > Simplify compressed length code (#527)
  > Go version bump in CI (#534)
  > Fix DialTimeout always using udp (#526)
  > Redesigned Client API around net.Dialer (#511)
  > Correctly set the Source IP to the received Destination IP (#524)
  > Correctly parse omitted TTLs and relative domains (#513)
  > Implement EDNS(0) Padding option code (#520)
  > scan: Fix $INCLUDE arguments to parseZone (#508)
  > Fix TSIG bug releated to ID substitution (#504)
  > variable shadowing of token (#503)
  > document RCodes from the IANA registry (#499)
  > Fix ignored err variables. (#498)
  > Add ExchangeContext methods. (#497)
  > xfr: return sane error when !RcodeSuccess (#496)
  > Added dnsperf (#494)
  > Added new user (#495)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jhiemer @concourse-bot