[GitHub] zookeeper pull request #679: ZOOKEEPER-3172: Quorum TLS - fix port unificati...

Tue, 06 Nov 2018 10:12:44 -0800 

GitHub user ivmaykov reopened a pull request:

    https://github.com/apache/zookeeper/pull/679

    ZOOKEEPER-3172: Quorum TLS - fix port unification to allow rolling upgrades

    Fix numerous problems with UnifiedServerSocket, such as hanging the 
accept() thread when the client doesn't send any data or crashing if less than 
5 bytes are read from the socket in the initial read.
    
    Re-enable the "portUnification" config option.
    
    Note that this is stacked on top of #678 and thus includes it. Please only 
consider the ZOOKEEPER-3172 commit when reviewing. Once the other PR is merged 
upstream, I will rebase this so it only contains one commit.
    
    ## Fixed networking issues/bugs in UnifiedServerSocket
    
    - don't crash the `accept()` thread if the client closes the connection 
without sending any data
    - don't corrupt the connection if the client sends fewer than 5 bytes for 
the initial read
    - delay the detection of TLS vs. plaintext mode until a socket stream is 
read from or written to. This prevents the `accept()` thread from getting 
blocked on a `read()` operation from the newly connected socket.
    - prepending 5 bytes to `PrependableSocket` and then trying to read >5 
bytes would only return the first 5 bytes, even if more bytes were available. 
This is fixed.

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/ivmaykov/zookeeper ZOOKEEPER-3172

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/zookeeper/pull/679.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #679
    
----
commit 2122c8c23a0dbb27f9b2aff55e800e48d253f943
Author: Ilya Maykov <ilyam@...>
Date:   2018-10-25T00:41:48Z

    ZOOKEEPER-3173: Quorum TLS - support PEM trust/key stores
    ZOOKEEPER-3175: Quorum TLS - test improvements
    
    Add support for loading key and trust stores from PEM files.
    Also added test utils for testing X509-related code, because it
    was very difficult to untangle them from the PEM support code.

commit 514d48a26aeeca37290ad14ff8f0cdae69b53eb2
Author: Ilya Maykov <ilyam@...>
Date:   2018-10-25T01:22:24Z

    ZOOKEEPER-3172: Quorum TLS - fix port unification to allow rolling upgrades

----


---

Reply via email to