Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

HTTPS proxy dies during first request #2

Closed
mwarkentin opened this issue May 17, 2016 · 4 comments
Closed

HTTPS proxy dies during first request #2

mwarkentin opened this issue May 17, 2016 · 4 comments

Comments

@mwarkentin
Copy link

I'm running into issues w/ using the HTTPS proxy locally.

docker-compose.yml:

web:
  build: .
  command: actions/web.sh
  environment:
    - DEVELOPMENT_MODE=true
    - WEB_CONCURRENCY=1
  labels:
    - convox.port.7001.protocol=https
  ports:
    - 7001:80
  links:
    - redis
redis:
  image: convox/redis
  ports:
    - 6380

The proxy container dies immediately when I make a request to it (/bin/sh terminated instantly on first request as well):

michaelwarkentin@mwarkentin cheques (JNO-98-docker) ~~ $ docker ps
CONTAINER ID        IMAGE               COMMAND                  CREATED              STATUS              PORTS                              NAMES
a2180552ee64        cheques/web         "sh -c actions/web.sh"   About a minute ago   Up About a minute   0.0.0.0:48987->80/tcp              cheques-web
b18f3403b352        convox/proxy        "proxy 7001 172.17.0."   About a minute ago   Up About a minute   0.0.0.0:7001->7001/tcp             awesome_wing
5d12100d75e3        cheques/redis       "/docker-entrypoint.s"   About a minute ago   Up About a minute   6379/tcp, 0.0.0.0:6380->6380/tcp   cheques-redis
michaelwarkentin@mwarkentin cheques (JNO-98-docker) ~~ $ http https://192.168.99.100:7001

http: error: SSLError: EOF occurred in violation of protocol (_ssl.c:590) while doing GET request to URL: https://192.168.99.100:7001/
michaelwarkentin@mwarkentin cheques (JNO-98-docker) ~~ $ docker ps
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                              NAMES
a2180552ee64        cheques/web         "sh -c actions/web.sh"   2 minutes ago       Up 2 minutes        0.0.0.0:48987->80/tcp              cheques-web
5d12100d75e3        cheques/redis       "/docker-entrypoint.s"   2 minutes ago       Up 2 minutes        6379/tcp, 0.0.0.0:6380->6380/tcp   cheques-redis

Proxy seems to be running inside the container:

/go/src/github.com/convox/proxy # ps
PID   USER     TIME   COMMAND
    1 root       0:00 proxy 7001 172.17.0.1:59850 https
   17 root       0:00 /bin/sh
   23 root       0:00 ps

I’m able to curl my web container from within the proxy container:

/go/src/github.com/convox/proxy # curl -I 172.17.0.1:43379
HTTP/1.1 200 OK
Server: nginx/1.9.9

Not sure how to figure out exactly where things are breaking, but since things seem to run until I make a request, it's likely further down in the stack from here: https://github.com/convox/proxy/blob/master/main.go#L73
@mwarkentin
Copy link
Author

More verbose httpie request logs:

$ http --traceback --debug --verbose https://192.168.99.100:7001
HTTPie 0.9.3
HTTPie data: /Users/michaelwarkentin/.httpie
Requests 2.9.1
Pygments 2.0.2
Python 2.7.10 (default, Oct 23 2015, 19:19:21)
[GCC 4.2.1 Compatible Apple LLVM 7.0.0 (clang-700.0.59.5)] darwin

>>> requests.request(**{'allow_redirects': False,
 'auth': None,
 'cert': None,
 'data': OrderedDict(),
 'files': DataDict(),
 'headers': {'User-Agent': 'HTTPie/0.9.3'},
 'method': 'get',
 'params': ParamsDict(),
 'proxies': {},
 'stream': True,
 'timeout': 30,
 'url': u'https://192.168.99.100:7001',
 'verify': True})

Traceback (most recent call last):
  File "/usr/local/Cellar/httpie/0.9.3/libexec/bin/http", line 9, in <module>
    load_entry_point('httpie==0.9.3', 'console_scripts', 'http')()
  File "/usr/local/Cellar/httpie/0.9.3/libexec/lib/python2.7/site-packages/httpie/core.py", line 115, in main
    response = get_response(args, config_dir=env.config.directory)
  File "/usr/local/Cellar/httpie/0.9.3/libexec/lib/python2.7/site-packages/httpie/client.py", line 48, in get_response
    response = requests_session.request(**kwargs)
  File "/usr/local/Cellar/httpie/0.9.3/libexec/vendor/lib/python2.7/site-packages/requests/sessions.py", line 468, in request
    resp = self.send(prep, **send_kwargs)
  File "/usr/local/Cellar/httpie/0.9.3/libexec/vendor/lib/python2.7/site-packages/requests/sessions.py", line 576, in send
    r = adapter.send(request, **kwargs)
  File "/usr/local/Cellar/httpie/0.9.3/libexec/vendor/lib/python2.7/site-packages/requests/adapters.py", line 447, in send
    raise SSLError(e, request=request)
requests.exceptions.SSLError: EOF occurred in violation of protocol (_ssl.c:590)

And curl:

$ curl -v https://192.168.99.100:7001* Rebuilt URL to: https://192.168.99.100:7001/
*   Trying 192.168.99.100...
* Connected to 192.168.99.100 (192.168.99.100) port 7001 (#0)
* WARNING: using IP address, SNI is being disabled by the OS.
* Server aborted the SSL handshake
* Closing connection 0
curl: (35) Server aborted the SSL handshake

@mwarkentin
Copy link
Author

@ddollar Any suggestions for how I can figure out what's going on here? Not seeing anything in my convox start logs for the proxy container.

@mwarkentin
Copy link
Author

@ddollar
Copy link
Contributor

ddollar commented May 21, 2016

Fixed by #3

@ddollar ddollar closed this as completed May 21, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ddollar @mwarkentin