Repository: activemq Updated Branches: refs/heads/activemq-5.14.x e38ac94a2 -> 4b4d1defe
AMQ-6698 - Allow timeout of SSL handshake for auto+nio+ssl The handshake now takes place inside of the async task that timesout so that if the SSL handshake takes too long the connection attempt will honor protocolDetectionTimeout and actually timeout. Also, change the default of protocolDetectionTimeout to 30 seconds so it matches the rest of the broker's default connection timeout settings. (cherry picked from commit 2a0b785a041f35aa668d2371c9374eb0fd02063c) Project: http://git-wip-us.apache.org/repos/asf/activemq/repo Commit: http://git-wip-us.apache.org/repos/asf/activemq/commit/4b4d1def Tree: http://git-wip-us.apache.org/repos/asf/activemq/tree/4b4d1def Diff: http://git-wip-us.apache.org/repos/asf/activemq/diff/4b4d1def Branch: refs/heads/activemq-5.14.x Commit: 4b4d1defe525e203c9f83f4eb6144a42634b7eb8 Parents: e38ac94 Author: Christopher L. Shannon (cshannon) <christopher.l.shan...@gmail.com> Authored: Thu Jun 8 12:32:35 2017 -0400 Committer: Christopher L. Shannon (cshannon) <christopher.l.shan...@gmail.com> Committed: Thu Jun 8 12:34:42 2017 -0400 ---------------------------------------------------------------------- .../activemq/transport/auto/AutoTcpTransportServer.java | 2 +- .../transport/auto/nio/AutoNIOSSLTransportServer.java | 10 +++++++--- .../activemq/openwire/OpenWireConnectionTimeoutTest.java | 2 +- 3 files changed, 9 insertions(+), 5 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/activemq/blob/4b4d1def/activemq-broker/src/main/java/org/apache/activemq/transport/auto/AutoTcpTransportServer.java ---------------------------------------------------------------------- diff --git a/activemq-broker/src/main/java/org/apache/activemq/transport/auto/AutoTcpTransportServer.java b/activemq-broker/src/main/java/org/apache/activemq/transport/auto/AutoTcpTransportServer.java index 8b9a73f..309e368 100644 --- a/activemq-broker/src/main/java/org/apache/activemq/transport/auto/AutoTcpTransportServer.java +++ b/activemq-broker/src/main/java/org/apache/activemq/transport/auto/AutoTcpTransportServer.java @@ -78,7 +78,7 @@ public class AutoTcpTransportServer extends TcpTransportServer { protected final ThreadPoolExecutor newConnectionExecutor; protected final ThreadPoolExecutor protocolDetectionExecutor; protected int maxConnectionThreadPoolSize = Integer.MAX_VALUE; - protected int protocolDetectionTimeOut = 15000; + protected int protocolDetectionTimeOut = 30000; private static final FactoryFinder TRANSPORT_FACTORY_FINDER = new FactoryFinder("META-INF/services/org/apache/activemq/transport/"); private final ConcurrentMap<String, TransportFactory> transportFactories = new ConcurrentHashMap<String, TransportFactory>(); http://git-wip-us.apache.org/repos/asf/activemq/blob/4b4d1def/activemq-broker/src/main/java/org/apache/activemq/transport/auto/nio/AutoNIOSSLTransportServer.java ---------------------------------------------------------------------- diff --git a/activemq-broker/src/main/java/org/apache/activemq/transport/auto/nio/AutoNIOSSLTransportServer.java b/activemq-broker/src/main/java/org/apache/activemq/transport/auto/nio/AutoNIOSSLTransportServer.java index 572352e..78d1de2 100644 --- a/activemq-broker/src/main/java/org/apache/activemq/transport/auto/nio/AutoNIOSSLTransportServer.java +++ b/activemq-broker/src/main/java/org/apache/activemq/transport/auto/nio/AutoNIOSSLTransportServer.java @@ -110,14 +110,18 @@ public class AutoNIOSSLTransportServer extends AutoTcpTransportServer { //Clone the map because we will need to set the options later on the actual transport IntrospectionSupport.setProperties(in, new HashMap<>(transportOptions)); } - in.start(); - SSLEngine engine = in.getSslSession(); //Attempt to read enough bytes to detect the protocol until the timeout period //is reached Future<?> future = protocolDetectionExecutor.submit(new Runnable() { @Override public void run() { + try { + in.start(); + } catch (Exception e) { + throw new IllegalStateException("Could not complete Transport start", e); + } + int attempts = 0; do { if(attempts > 0) { @@ -157,7 +161,7 @@ public class AutoNIOSSLTransportServer extends AutoTcpTransportServer { } WireFormat format = protocolInfo.detectedWireFormatFactory.createWireFormat(); - Transport transport = createTransport(socket, format, engine, initBuffer, in.getInputBuffer(), protocolInfo.detectedTransportFactory); + Transport transport = createTransport(socket, format, in.getSslSession(), initBuffer, in.getInputBuffer(), protocolInfo.detectedTransportFactory); return new TransportInfo(format, transport, protocolInfo.detectedTransportFactory); } http://git-wip-us.apache.org/repos/asf/activemq/blob/4b4d1def/activemq-unit-tests/src/test/java/org/apache/activemq/openwire/OpenWireConnectionTimeoutTest.java ---------------------------------------------------------------------- diff --git a/activemq-unit-tests/src/test/java/org/apache/activemq/openwire/OpenWireConnectionTimeoutTest.java b/activemq-unit-tests/src/test/java/org/apache/activemq/openwire/OpenWireConnectionTimeoutTest.java index dc1c43b..25ac55e 100644 --- a/activemq-unit-tests/src/test/java/org/apache/activemq/openwire/OpenWireConnectionTimeoutTest.java +++ b/activemq-unit-tests/src/test/java/org/apache/activemq/openwire/OpenWireConnectionTimeoutTest.java @@ -172,7 +172,7 @@ public class OpenWireConnectionTimeoutTest { case "auto+ssl": case "nio+ssl": case "auto+nio+ssl": - useSsl = true;; + useSsl = true; break; default: throw new IOException("Invalid OpenWire connector scheme passed to test.");
