Affects Version/s: 5.15.9
Fix Version/s: None
Per the STOMP spec:
if the sender has no real STOMP frame to send, it MUST send an end-of-line (EOL)
EOL = [CR] LF
As such, our application, written in Go, sends "CR LF" when heart beating:
This has been working in production processing hundreds of messages per second since the end of last year.
Recently the stomp transport connector was changed from "stomp+ssl" to "stomp+nio+ssl" and we began to receive EOF errors after sending a heartbeat in our application, and ActiveMQ began logging:
2019-08-20 21:23:15,968 | WARN | Transport Connection to: tcp://172.20.101.127:55802 failed: javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack? | org.apache.activemq.broker.TransportConnection.Transport | ActiveMQ NIO Worker 662
We verified that changing our heartbeat logic to include a NULL byte after the CR LF "fixed" this.
The NIO connector should work without the NULL byte, since the spec says just EOL is required.