[ https://issues.apache.org/jira/browse/CASSANDRA-18839?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Stefan Miklosovic updated CASSANDRA-18839: ------------------------------------------ Fix Version/s: 5.0.x 5.x (was: 5.0) > Catch SSLHandshakeExceptions exceptions > --------------------------------------- > > Key: CASSANDRA-18839 > URL: https://issues.apache.org/jira/browse/CASSANDRA-18839 > Project: Cassandra > Issue Type: Improvement > Components: Messaging/Client > Reporter: Brad Schoening > Assignee: James Hu > Priority: Low > Fix For: 4.0.x, 4.1.x, 5.0.x, 5.x > > Time Spent: 3h 20m > Remaining Estimate: 0h > > When SSL connection errors occur, they tend to flood the log with stack > traces and lack the identity of the remote client IP. Instead, > PreV5Handlers.decode() could catch SSLHandshakeException and provide a brief, > more informative WARN level message instead of the verbose and mostly > unhelpful stack trace. > I.e., > {code:java} > [WARN ] [epollEventLoopGroup-5-5] cluster_id=3 ip_address=10.0.0.1 > PreV5Handlers.java:261 - SSLHandshakeException in client networking with peer > 10.0.0.10:9042 error:100000d7:SSL > routines:OPENSSL_internal:SSL_HANDSHAKE_FAILURE {code} > instead of the current ones which flood the logs: > {code:java} > 2023-09-12 00:00:25,368 [WARN ] [epollEventLoopGroup-5-5] cluster_id=3 > ip_address=10.0.0.1 PreV5Handlers.java:261 - Unknown exception in client > networking > io.netty.handler.codec.DecoderException: javax.net.ssl.SSLHandshakeException: > error:100000d7:SSL routines:OPENSSL_internal:SSL_HANDSHAKE_FAILURE > at > io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:478) > at > io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:276) > at > io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:379) > at > io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:365) > at > io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:357) > at > io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1410) > at > io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:379) > at > io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:365) > at > io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:919) > at > io.netty.channel.epoll.AbstractEpollStreamChannel$EpollStreamUnsafe.epollInReady(AbstractEpollStreamChannel.java:795) > at > io.netty.channel.epoll.EpollEventLoop.processReady(EpollEventLoop.java:480) > at io.netty.channel.epoll.EpollEventLoop.run(EpollEventLoop.java:378) > at > io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:989) > at > io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74) > at > io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30) > at java.base/java.lang.Thread.run(Thread.java:834) > Caused by: javax.net.ssl.SSLHandshakeException: error:100000d7:SSL > routines:OPENSSL_internal:SSL_HANDSHAKE_FAILURE > at > io.netty.handler.ssl.ReferenceCountedOpenSslEngine.shutdownWithError(ReferenceCountedOpenSslEngine.java:1031) > at > io.netty.handler.ssl.ReferenceCountedOpenSslEngine.sslReadErrorResult(ReferenceCountedOpenSslEngine.java:1321) > at > io.netty.handler.ssl.ReferenceCountedOpenSslEngine.unwrap(ReferenceCountedOpenSslEngine.java:1270) > at > io.netty.handler.ssl.ReferenceCountedOpenSslEngine.unwrap(ReferenceCountedOpenSslEngine.java:1346) > at > io.netty.handler.ssl.ReferenceCountedOpenSslEngine.unwrap(ReferenceCountedOpenSslEngine.java:1389) > at > io.netty.handler.ssl.SslHandler$SslEngineType$1.unwrap(SslHandler.java:206) > at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1387) > at > io.netty.handler.ssl.SslHandler.decodeNonJdkCompatible(SslHandler.java:1294) > at io.netty.handler.ssl.SslHandler.decode(SslHandler.java:1331) > at > io.netty.handler.codec.ByteToMessageDecoder.decodeRemovalReentryProtection(ByteToMessageDecoder.java:508) > at > io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:447) > ... 15 common frames omitted {code} -- This message was sent by Atlassian Jira (v8.20.10#820010) --------------------------------------------------------------------- To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org For additional commands, e-mail: commits-h...@cassandra.apache.org