New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
crypto/tls: oversized record received with length 20037 #19493
Comments
This isn't enough information. Can you share a piece of code to reproduce the issue? If not, could you describe what the code was doing when this happened? |
That looks a lot like trying to connect to a TLS listener with another protocol, for example plain HTTP. If that's not it, we will probably need to see the client or a pcap to debug this. |
Timed out in state WaitingForInfo. Closing. (I am just a bot, though. Please speak up if this is a mistake or you have the requested information.) |
I just had a similar error... and found the following behavior weird... Is it expected Go spitting out errors like this? package main
import (
"fmt"
"net/http"
"net/http/httptest"
"net/url"
"os"
)
func main() {
var Mux = http.NewServeMux()
var server = httptest.NewTLSServer(Mux)
transport := &http.Transport{
Proxy: func(req *http.Request) (*url.URL, error) {
return url.Parse(server.URL)
},
}
var r, err = http.NewRequest("GET", "https://example.com/", nil)
if err != nil {
fmt.Fprintf(os.Stderr, "Unexpected error: %v\n", err)
}
_, err = (&http.Client{Transport: transport}).Do(r)
if err != nil {
fmt.Fprintf(os.Stderr, "\n\n\nUnexpected request error: %v\n", err)
}
} When running: $ go run foo.go
2017/05/10 10:03:18 http: TLS handshake error from 127.0.0.1:55829: tls: oversized record received with length 20037
Unexpected request error: Get https://example.com/: malformed HTTP response "\x15\x03\x01\x00\x02\x02\x16" Notice I never printed the "TLS handshake error" error. Go just printed it to stderr. I found it really weird comparing how Go handles errors elsewhere. Update: Actually I see it is working as intended given that http.ErrorLog is nil ( Lines 2374 to 2378 in 48def43
|
Funnily enough, I hit this myself today trying to write a test. @henvic your example is similar to what I was writing, and both are wrong:
Note that the "https" scheme isn't supported. I wonder if a better error should be given, as I was stuck on this for a good 20 minutes. |
Sending a CL with a better error. |
Change https://golang.org/cl/66010 mentions this issue: |
Transport.Proxy is documented as only supporting the http and socks5 schemes. If one tries to use it for https URLs, they end up with a cryptic error like: http: TLS handshake error from [...]: tls: oversized record received with length 20037 This is because Transport simply skips TLS if Proxy is non-nil, since it knows it doesn't support Proxy with https. However, that error is very confusing and it can take a while to figure out what's going on. Instead, error if Proxy is used and it returns an unsupported scheme. Updates #19493. Change-Id: Ia036357011752f45bb9b8282a4ab5e31bc8d1a69 Reviewed-on: https://go-review.googlesource.com/66010 Run-TryBot: Daniel Martí <mvdan@mvdan.cc> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Tom Bergan <tombergan@google.com>
Please answer these questions before submitting your issue. Thanks!
What version of Go are you using (
go version
)?go 1.8
What operating system and processor architecture are you using (
go env
)?windows
What did you do?
Tls listener is not working as expected.
error
tls: oversized record received with length 20037
What did you expect to see?
i try to read tls connection
What did you see instead?
tls: oversized record received with length 20037
The text was updated successfully, but these errors were encountered: