Easily find issues by searching: #<Issue ID>
Example: #1832
| Dev |
|
| QA |
|
| Priority | Critical |
| Complexity | Unknown |
| Component | App - Schema Browser |
| Version | 15.0 |
If I run ADS with Java 1.8 all my connections to SQL Server 2005, 2008, 2012 and 2014 fail. Connection to SQL Server 2000 works. If I run with Java 1.7 then they all work. Only one of the servers is configured for SSL. The exception below is what I get on one of the servers which is not SSL configured.
I can reproduce this problem with Java 1.8.0_u20-64bit on Windows, Linux and OSX.
java.sql.SQLException: Network error IOException: Connection reset
at net.sourceforge.jtds.jdbc.ConnectionJDBC2.<init>(ConnectionJDBC2.java:430)
at net.sourceforge.jtds.jdbc.ConnectionJDBC3.<init>(ConnectionJDBC3.java:58)
at net.sourceforge.jtds.jdbc.Driver.connect(Driver.java:191)
at com.aquafold.aquacore.scripts.ConnectionProperties.getConnectionPrivate(ConnectionProperties.java:2180)
at com.aquafold.aquacore.scripts.ConnectionProperties.getConnection(ConnectionProperties.java:1936)
at com.aquafold.aquacore.scripts.ConnectionProperties.getConnection(ConnectionProperties.java:1930)
at com.aquafold.aquacore.scripts.ConnectionProperties.getConnection(ConnectionProperties.java:1926)
at com.aquafold.datastudio.mainframe.dialog.connection.diagnostics.DiagnosisUtil.testJdbcConnection(DiagnosisUtil.java:194)
at com.aquafold.datastudio.schematree.DirConnectionNode$2.process(DirConnectionNode.java:433)
at com.common.ui.util.BackgroundThread.run(BackgroundThread.java:82)
Caused by: java.net.SocketException: Connection reset
at java.net.SocketInputStream.read(SocketInputStream.java:189)
at java.net.SocketInputStream.read(SocketInputStream.java:121)
at net.sourceforge.jtds.ssl.TdsTlsInputStream.readFully(TdsTlsInputStream.java:131)
at net.sourceforge.jtds.ssl.TdsTlsInputStream.primeBuffer(TdsTlsInputStream.java:100)
at net.sourceforge.jtds.ssl.TdsTlsInputStream.read(TdsTlsInputStream.java:78)
at sun.security.ssl.InputRecord.readFully(InputRecord.java:465)
at sun.security.ssl.InputRecord.read(InputRecord.java:503)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:954)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1343)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1371)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1355)
at net.sourceforge.jtds.ssl.SocketFactories$TdsTlsSocketFactory.createSocket(SocketFactories.java:101)
at net.sourceforge.jtds.jdbc.SharedSocket.enableEncryption(SharedSocket.java:347)
at net.sourceforge.jtds.jdbc.TdsCore.negotiateSSL(TdsCore.java:569)
at net.sourceforge.jtds.jdbc.ConnectionJDBC2.<init>(ConnectionJDBC2.java:359)
... 9 more
If I set SSL=OFF then the connection works with Java 1.8. Looks like the connection fails with Java 1.8 if SSL=request ... which is the default for ADS.
If I have SSL=request set and then use the "Test Connection", the Socket test works, but the jTDS connection fails.
If I set SSL=OFF then the connection works with Java 1.8. Looks like the connection fails with Java 1.8 if SSL=request ... which is the default for ADS.
If I have SSL=request set and then use the "Test Connection", the Socket test works, but the jTDS connection fails.
I enable -Djavax.net.debug=all and then try to connect with Java 1.7 and 1.8. I've attached the debug information for both Java versions. Note that Java 1.8 is using TLSv1.2 while Java 1.7 is using TLSv1. SQL Server responds with a connection with Java 1.7 using TLSv1.
In Java 1.7 :
*** ClientHello, TLSv1
connecting to MS SQL Server 2014, READ: TLSv1 Handshake, length = 604
*** ServerHello, TLSv1
In Java 1.8 :
*** ClientHello, TLSv1.2
connecting to MS SQL Server 2014, WRITE: TLSv1.2 Handshake, length = 207
[Hangs are this point with no further responses]
We can probably add a JDBC option to set the TLS version and then configure the SSL connection like this :
SSLSocketFactory factory = (SSLSocketFactory) SSLSocketFactory.getDefault();
SSLSocket socket = (SSLSocket) factory.createSocket("hostname", 4483);
socket.setEnabledProtocols(newString [] {"TLSv1"});
socket.setEnabledCipherSuites(newString [] {"TLS_RSA_WITH_AES_128_CBC_SHA"});
socket.startHandshake();
http://integr8consulting.blogspot.com/2012/02/troubleshooting-https-tlsv1-handshake.html
We can try these options ...
http://docs.oracle.com/javase/8/docs/technotes/guides/security/enhancements-8.html. The "jdk.tls.client.protocols" property will enable the required protocol and disable others. Some more details http://docs.oracle.com/javase/8/docs/technotes/guides/security/jsse/JSSERefGuide.html#InstallationAndCustomization (please search for "jdk.tls.client.protocols").
I set the "jdk.tls.client.protocols" property to "TLSv1" and the jTDS driver tries to connect with TLSv1, but it still fails, so I don't think the TLS protocol is the issue.
I enable -Djavax.net.debug=all and then try to connect with Java 1.7 and 1.8. I've attached the debug information for both Java versions. Note that Java 1.8 is using TLSv1.2 while Java 1.7 is using TLSv1. SQL Server responds with a connection with Java 1.7 using TLSv1.
In Java 1.7 :
*** ClientHello, TLSv1
connecting to MS SQL Server 2014, READ: TLSv1 Handshake, length = 604
*** ServerHello, TLSv1
In Java 1.8 :
*** ClientHello, TLSv1.2
connecting to MS SQL Server 2014, WRITE: TLSv1.2 Handshake, length = 207
[Hangs are this point with no further responses]
We can probably add a JDBC option to set the TLS version and then configure the SSL connection like this :
SSLSocketFactory factory = (SSLSocketFactory) SSLSocketFactory.getDefault();
SSLSocket socket = (SSLSocket) factory.createSocket("hostname", 4483);
socket.setEnabledProtocols(newString [] {"TLSv1"});
socket.setEnabledCipherSuites(newString [] {"TLS_RSA_WITH_AES_128_CBC_SHA"});
socket.startHandshake();
http://integr8consulting.blogspot.com/2012/02/troubleshooting-https-tlsv1-handshake.html
We can try these options ...
http://docs.oracle.com/javase/8/docs/technotes/guides/security/enhancements-8.html. The "jdk.tls.client.protocols" property will enable the required protocol and disable others. Some more details http://docs.oracle.com/javase/8/docs/technotes/guides/security/jsse/JSSERefGuide.html#InstallationAndCustomization (please search for "jdk.tls.client.protocols").
I set the "jdk.tls.client.protocols" property to "TLSv1" and the jTDS driver tries to connect with TLSv1, but it still fails, so I don't think the TLS protocol is the issue.
Running with Java 1.8 I can make a connection to SQL Server using the Microsoft JDBC Driver. The net.debug output is the same (excluding random data) except that the MS JDBC drivers triggers two lines at the beginning which are :
"trigger seeding of SecureRandom
done seeding SecureRandom"
I've attached the MS JDBC driver net.debug log.
Running with Java 1.8 I can make a connection to SQL Server using the Microsoft JDBC Driver. The net.debug output is the same (excluding random data) except that the MS JDBC drivers triggers two lines at the beginning which are :
"trigger seeding of SecureRandom
done seeding SecureRandom"
I've attached the MS JDBC driver net.debug log.
Verified in ADS 15.0.0-rc-32
Tested this issue for MS SQL Server 2005, 2008, 2012 on below enviornment
OS: CentOS 6.4 - 64-bit
Java version: Java 1.8.0_20-b26
OS: Windows 7 - 64 bit
Java version: Java 1.8.0_20
Verified in ADS 15.0.0-rc-32
Tested this issue for MS SQL Server 2005, 2008, 2012 on below enviornment
OS: CentOS 6.4 - 64-bit
Java version: Java 1.8.0_20-b26
OS: Windows 7 - 64 bit
Java version: Java 1.8.0_20
Issue #12463 |
| Closed |
| Fixed |
| Resolved |
Completion |
| No due date |
| Fixed Build 15.0-rc-13, svn#40004 |
| No time estimate |
http://sourceforge.net/p/jtds/bugs/725/