Uploaded image for project: 'WildFly'
  1. WildFly
  2. WFLY-3878

Wildfly rejects calls due to a bug in Undertow with an UnknownHostException

XMLWordPrintable

    • Hide

      Set proxy-address-forwarding="true" in standalone.xml
      Example undertow config:

              <subsystem xmlns="urn:jboss:domain:undertow:1.1">
            <buffer-cache name="default"/>
            <server name="default-server">
                <http-listener name="default" socket-binding="http" proxy-address-forwarding="true"/>
                <host name="default-host" alias="localhost"/>
            </server>
            <servlet-container name="default"/>
        </subsystem>

      With wildfly running on localhost & on port 8080

      curl -v -H "X-Forwarded-For: 1.1.1.1, 2.2.2.2" http://localhost:8080/

      Returns with following response

      Connected to localhost (127.0.0.1) port 8080 (#0)
> GET / HTTP/1.1
> User-Agent: curl/7.30.0
> Host: localhost:8080
> Accept: */*
> X-Forwarded-For: 1.1.1.1, 2.2.2.2
> 
< HTTP/1.1 500 Internal Server Error
< Connection: keep-alive
< Content-Length: 0
< Date: Fri, 19 Sep 2014 16:13:13 GMT

      And an exception thrown on the server with following callstack:

      21:44:57,076 ERROR [i.u.request] (default I/O-1) Blocking request failed HttpServerExchange{ GET /}: java.net.UnknownHostException: 1.1.1.
	at java.net.Inet4AddressImpl.lookupAllHostAddr(Native Method) [rt.jar:1.7.0_60]
	at java.net.InetAddress$1.lookupAllHostAddr(InetAddress.java:901) [rt.jar:1.7.0_60]
	at java.net.InetAddress.getAddressesFromNameService(InetAddress.java:1293) [rt.jar:1.7.0_60]
	at java.net.InetAddress.getAllByName0(InetAddress.java:1246) [rt.jar:1.7.0_60]
	at java.net.InetAddress.getAllByName(InetAddress.java:1162) [rt.jar:1.7.0_60]
	at java.net.InetAddress.getAllByName(InetAddress.java:1098) [rt.jar:1.7.0_60]
	at java.net.InetAddress.getByName(InetAddress.java:1048) [rt.jar:1.7.0_60]
	at io.undertow.server.handlers.ProxyPeerAddressHandler.handleRequest(ProxyPeerAddressHandler.java:37)
	at io.undertow.server.Connectors.executeRootHandler(Connectors.java:177)
	at io.undertow.server.protocol.http.HttpReadListener.handleEventWithNoRunningRequest(HttpReadListener.java:156)
	at io.undertow.server.protocol.http.HttpReadListener.handleEvent(HttpReadListener.java:91)
	at io.undertow.server.protocol.http.HttpOpenListener.handleEvent(HttpOpenListener.java:92)
	at io.undertow.server.protocol.http.HttpOpenListener.handleEvent(HttpOpenListener.java:43)
	at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92) [xnio-api-3.2.2.Final.jar:3.2.2.Final]
	at org.xnio.ChannelListeners$10.handleEvent(ChannelListeners.java:291) [xnio-api-3.2.2.Final.jar:3.2.2.Final]
	at org.xnio.ChannelListeners$10.handleEvent(ChannelListeners.java:286) [xnio-api-3.2.2.Final.jar:3.2.2.Final]
	at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92) [xnio-api-3.2.2.Final.jar:3.2.2.Final]
	at org.xnio.nio.NioTcpServerHandle.handleReady(NioTcpServerHandle.java:53) [xnio-nio-3.2.2.Final.jar:3.2.2.Final]
	at org.xnio.nio.WorkerThread.run(WorkerThread.java:539) [xnio-nio-3.2.2.Final.jar:3.2.2.Final]
      Show
      Set proxy-address-forwarding="true" in standalone.xml Example undertow config: <subsystem xmlns= "urn:jboss:domain:undertow:1.1" > <buffer-cache name= "default" /> <server name= "default-server" > <http-listener name= "default" socket-binding= "http" proxy-address-forwarding= "true" /> <host name= "default-host" alias= "localhost" /> </server> <servlet-container name= "default" /> </subsystem> With wildfly running on localhost & on port 8080 curl -v -H "X-Forwarded-For: 1.1.1.1, 2.2.2.2" http://localhost:8080/ Returns with following response Connected to localhost (127.0.0.1) port 8080 (#0) > GET / HTTP/1.1 > User-Agent: curl/7.30.0 > Host: localhost:8080 > Accept: */* > X-Forwarded-For: 1.1.1.1, 2.2.2.2 > < HTTP/1.1 500 Internal Server Error < Connection: keep-alive < Content-Length: 0 < Date: Fri, 19 Sep 2014 16:13:13 GMT And an exception thrown on the server with following callstack: 21:44:57,076 ERROR [i.u.request] (default I/O-1) Blocking request failed HttpServerExchange{ GET /}: java.net.UnknownHostException: 1.1.1. at java.net.Inet4AddressImpl.lookupAllHostAddr(Native Method) [rt.jar:1.7.0_60] at java.net.InetAddress$1.lookupAllHostAddr(InetAddress.java:901) [rt.jar:1.7.0_60] at java.net.InetAddress.getAddressesFromNameService(InetAddress.java:1293) [rt.jar:1.7.0_60] at java.net.InetAddress.getAllByName0(InetAddress.java:1246) [rt.jar:1.7.0_60] at java.net.InetAddress.getAllByName(InetAddress.java:1162) [rt.jar:1.7.0_60] at java.net.InetAddress.getAllByName(InetAddress.java:1098) [rt.jar:1.7.0_60] at java.net.InetAddress.getByName(InetAddress.java:1048) [rt.jar:1.7.0_60] at io.undertow.server.handlers.ProxyPeerAddressHandler.handleRequest(ProxyPeerAddressHandler.java:37) at io.undertow.server.Connectors.executeRootHandler(Connectors.java:177) at io.undertow.server.protocol.http.HttpReadListener.handleEventWithNoRunningRequest(HttpReadListener.java:156) at io.undertow.server.protocol.http.HttpReadListener.handleEvent(HttpReadListener.java:91) at io.undertow.server.protocol.http.HttpOpenListener.handleEvent(HttpOpenListener.java:92) at io.undertow.server.protocol.http.HttpOpenListener.handleEvent(HttpOpenListener.java:43) at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92) [xnio-api-3.2.2.Final.jar:3.2.2.Final] at org.xnio.ChannelListeners$10.handleEvent(ChannelListeners.java:291) [xnio-api-3.2.2.Final.jar:3.2.2.Final] at org.xnio.ChannelListeners$10.handleEvent(ChannelListeners.java:286) [xnio-api-3.2.2.Final.jar:3.2.2.Final] at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92) [xnio-api-3.2.2.Final.jar:3.2.2.Final] at org.xnio.nio.NioTcpServerHandle.handleReady(NioTcpServerHandle.java:53) [xnio-nio-3.2.2.Final.jar:3.2.2.Final] at org.xnio.nio.WorkerThread.run(WorkerThread.java:539) [xnio-nio-3.2.2.Final.jar:3.2.2.Final]

      Refer to undertow commit:
      https://github.com/undertow-io/undertow/commit/204684cc41fc369f56bd0305a7a0fd501ff30f16

      With proxy-address-forwarding="true" set in wildfly configuration & X-Forwarded-For headers passed in headers with additional proxies following behaviour can be noticed.

      For example with X-Forwarded-For set as "123.123.123.123, 210.210.210.210" following IP is reported to the application "123.123.123.12". Which is incorrect and has its own implications.

      With X-Forwarded-For set as "1.1.1.1, 2.2.2.2" an java.net.UnknownHostException is thrown in the undertow package. And the connection is terminated with an Internal server error returned to the caller.

              sdouglas1@redhat.com Stuart Douglas (Inactive)
              mayankgoyal_jira Mayank Goyal (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: