[geode] branch support/1.13 updated: GEODE-10122: P2P Messaging Handles TLS KeyUpdate Message (#7449) (#7615) (#7625)
This is an automated email from the ASF dual-hosted git repository. burcham pushed a commit to branch support/1.13 in repository https://gitbox.apache.org/repos/asf/geode.git The following commit(s) were added to refs/heads/support/1.13 by this push: new 6b93208307 GEODE-10122: P2P Messaging Handles TLS KeyUpdate Message (#7449) (#7615) (#7625) 6b93208307 is described below commit 6b9320830724dcab8fb1ed3ad3211c4dfc5bf5b5 Author: Bill Burcham AuthorDate: Tue Apr 26 15:40:40 2022 -0700 GEODE-10122: P2P Messaging Handles TLS KeyUpdate Message (#7449) (#7615) (#7625) * Key expiration works for TLSv1.3 and GCM-based ciphers * TLS KeyUpdate messages are processed correctly * Removed dependencies on: Mockito 4, JUnit 5, GeodeParamsRunner (cherry picked from commit d2535394a82ac5faf10f004f4e3c15f756f7b177) (cherry picked from commit 07c08e95025ff955c9b361db4b97902ce722be81) --- .../internal/P2PMessagingConcurrencyDUnitTest.java | 2 +- ...P2pMessagingSslTlsKeyUpdateDistributedTest.java | 367 +++ .../tcp/ConnectionCloseSSLTLSDUnitTest.java| 8 +- .../internal/net/NioSslEngineKeyUpdateTest.java| 497 + .../apache/geode/internal/net/NioSslEngine.java| 67 +-- .../org/apache/geode/internal/tcp/Connection.java | 2 +- .../geode/internal/net/NioSslEngineTest.java | 38 +- 7 files changed, 934 insertions(+), 47 deletions(-) diff --git a/geode-core/src/distributedTest/java/org/apache/geode/distributed/internal/P2PMessagingConcurrencyDUnitTest.java b/geode-core/src/distributedTest/java/org/apache/geode/distributed/internal/P2PMessagingConcurrencyDUnitTest.java index 0d7c2d389f..326e1c2ac4 100644 --- a/geode-core/src/distributedTest/java/org/apache/geode/distributed/internal/P2PMessagingConcurrencyDUnitTest.java +++ b/geode-core/src/distributedTest/java/org/apache/geode/distributed/internal/P2PMessagingConcurrencyDUnitTest.java @@ -167,7 +167,6 @@ public class P2PMessagingConcurrencyDUnitTest { bytesTransferredAdder = new LongAdder(); final ClusterDistributionManager cdm = getCDM(); - final Random random = new Random(RANDOM_SEED); final AtomicInteger nextSenderId = new AtomicInteger(); /* @@ -194,6 +193,7 @@ public class P2PMessagingConcurrencyDUnitTest { throw new RuntimeException("doSending failed", e); } final int firstMessageId = senderId * SENDER_COUNT; +final Random random = new Random(RANDOM_SEED); for (int messageId = firstMessageId; messageId < firstMessageId + MESSAGES_PER_SENDER; messageId++) { final TestMessage msg = new TestMessage(receiverMember, random, messageId); diff --git a/geode-core/src/distributedTest/java/org/apache/geode/distributed/internal/P2pMessagingSslTlsKeyUpdateDistributedTest.java b/geode-core/src/distributedTest/java/org/apache/geode/distributed/internal/P2pMessagingSslTlsKeyUpdateDistributedTest.java new file mode 100644 index 00..3a887d5521 --- /dev/null +++ b/geode-core/src/distributedTest/java/org/apache/geode/distributed/internal/P2pMessagingSslTlsKeyUpdateDistributedTest.java @@ -0,0 +1,367 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for additional information regarding + * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance with the License. You may obtain a + * copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software distributed under the License + * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the License for the specific language governing permissions and limitations under + * the License. + */ + +package org.apache.geode.distributed.internal; + +import static org.apache.geode.distributed.ConfigurationProperties.SSL_CIPHERS; +import static org.apache.geode.distributed.ConfigurationProperties.SSL_PROTOCOLS; +import static org.apache.geode.test.awaitility.GeodeAwaitility.await; +import static org.assertj.core.api.Assertions.assertThat; + +import java.io.DataInput; +import java.io.DataOutput; +import java.io.IOException; +import java.lang.reflect.Field; +import java.security.GeneralSecurityException; +import java.security.Security; +import java.util.Map; +import java.util.Properties; +import java.util.Set; +import java.util.concurrent.ThreadLocalRandom; +import java.util.concurrent.atomic.LongAdder; + +import junitparams.JUnitParamsRunner; +import junitparams.Parameters; +import org.jetbrains.annotations.NotNull; +import org.junit.After; +import org.junit.Rule; +import org.junit.Test; +import org.junit.experimental.categories.Category; +import org.junit.runn
[geode] branch support/1.14 updated: GEODE-10122: P2P Messaging Handles TLS KeyUpdate Message (#7449) (#7615)
This is an automated email from the ASF dual-hosted git repository. burcham pushed a commit to branch support/1.14 in repository https://gitbox.apache.org/repos/asf/geode.git The following commit(s) were added to refs/heads/support/1.14 by this push: new 07c08e9502 GEODE-10122: P2P Messaging Handles TLS KeyUpdate Message (#7449) (#7615) 07c08e9502 is described below commit 07c08e95025ff955c9b361db4b97902ce722be81 Author: Bill Burcham AuthorDate: Tue Apr 26 14:54:03 2022 -0700 GEODE-10122: P2P Messaging Handles TLS KeyUpdate Message (#7449) (#7615) * Key expiration works for TLSv1.3 and GCM-based ciphers * TLS KeyUpdate messages are processed correctly * Removed dependencies on: Mockito 4, JUnit 5, GeodeParamsRunner (cherry picked from commit d2535394a82ac5faf10f004f4e3c15f756f7b177) --- .../internal/P2PMessagingConcurrencyDUnitTest.java | 2 +- ...P2pMessagingSslTlsKeyUpdateDistributedTest.java | 367 +++ .../tcp/ConnectionCloseSSLTLSDUnitTest.java| 8 +- .../internal/net/NioSslEngineKeyUpdateTest.java| 497 + .../apache/geode/internal/net/NioSslEngine.java| 67 +-- .../org/apache/geode/internal/tcp/Connection.java | 2 +- .../geode/internal/net/NioSslEngineTest.java | 38 +- 7 files changed, 934 insertions(+), 47 deletions(-) diff --git a/geode-core/src/distributedTest/java/org/apache/geode/distributed/internal/P2PMessagingConcurrencyDUnitTest.java b/geode-core/src/distributedTest/java/org/apache/geode/distributed/internal/P2PMessagingConcurrencyDUnitTest.java index 0d7c2d389f..326e1c2ac4 100644 --- a/geode-core/src/distributedTest/java/org/apache/geode/distributed/internal/P2PMessagingConcurrencyDUnitTest.java +++ b/geode-core/src/distributedTest/java/org/apache/geode/distributed/internal/P2PMessagingConcurrencyDUnitTest.java @@ -167,7 +167,6 @@ public class P2PMessagingConcurrencyDUnitTest { bytesTransferredAdder = new LongAdder(); final ClusterDistributionManager cdm = getCDM(); - final Random random = new Random(RANDOM_SEED); final AtomicInteger nextSenderId = new AtomicInteger(); /* @@ -194,6 +193,7 @@ public class P2PMessagingConcurrencyDUnitTest { throw new RuntimeException("doSending failed", e); } final int firstMessageId = senderId * SENDER_COUNT; +final Random random = new Random(RANDOM_SEED); for (int messageId = firstMessageId; messageId < firstMessageId + MESSAGES_PER_SENDER; messageId++) { final TestMessage msg = new TestMessage(receiverMember, random, messageId); diff --git a/geode-core/src/distributedTest/java/org/apache/geode/distributed/internal/P2pMessagingSslTlsKeyUpdateDistributedTest.java b/geode-core/src/distributedTest/java/org/apache/geode/distributed/internal/P2pMessagingSslTlsKeyUpdateDistributedTest.java new file mode 100644 index 00..3a887d5521 --- /dev/null +++ b/geode-core/src/distributedTest/java/org/apache/geode/distributed/internal/P2pMessagingSslTlsKeyUpdateDistributedTest.java @@ -0,0 +1,367 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for additional information regarding + * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance with the License. You may obtain a + * copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software distributed under the License + * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the License for the specific language governing permissions and limitations under + * the License. + */ + +package org.apache.geode.distributed.internal; + +import static org.apache.geode.distributed.ConfigurationProperties.SSL_CIPHERS; +import static org.apache.geode.distributed.ConfigurationProperties.SSL_PROTOCOLS; +import static org.apache.geode.test.awaitility.GeodeAwaitility.await; +import static org.assertj.core.api.Assertions.assertThat; + +import java.io.DataInput; +import java.io.DataOutput; +import java.io.IOException; +import java.lang.reflect.Field; +import java.security.GeneralSecurityException; +import java.security.Security; +import java.util.Map; +import java.util.Properties; +import java.util.Set; +import java.util.concurrent.ThreadLocalRandom; +import java.util.concurrent.atomic.LongAdder; + +import junitparams.JUnitParamsRunner; +import junitparams.Parameters; +import org.jetbrains.annotations.NotNull; +import org.junit.After; +import org.junit.Rule; +import org.junit.Test; +import org.junit.experimental.categories.Category; +import org.junit.runner.RunWith; + +import org.apache.geode.cache.CacheFactory; +import org.apache.geode.cache.
[geode] branch develop updated: GEODE-10248: Adding a new Suspicious Strings exception (#7612)
This is an automated email from the ASF dual-hosted git repository. mhanson pushed a commit to branch develop in repository https://gitbox.apache.org/repos/asf/geode.git The following commit(s) were added to refs/heads/develop by this push: new 718aafeb35 GEODE-10248: Adding a new Suspicious Strings exception (#7612) 718aafeb35 is described below commit 718aafeb35906c6f25dac0bf266a2cdb962bd37a Author: mhansonp AuthorDate: Tue Apr 26 09:33:05 2022 -0700 GEODE-10248: Adding a new Suspicious Strings exception (#7612) for Management Requests that get logged and a test --- .../apache/geode/test/greplogs/LogConsumer.java| 21 ++--- .../org/apache/geode/test/greplogs/Patterns.java | 6 ++- .../geode/test/greplogs/LogConsumerTest.java | 52 ++ 3 files changed, 71 insertions(+), 8 deletions(-) diff --git a/geode-dunit/src/main/java/org/apache/geode/test/greplogs/LogConsumer.java b/geode-dunit/src/main/java/org/apache/geode/test/greplogs/LogConsumer.java index c313418344..93da8d05ac 100644 --- a/geode-dunit/src/main/java/org/apache/geode/test/greplogs/LogConsumer.java +++ b/geode-dunit/src/main/java/org/apache/geode/test/greplogs/LogConsumer.java @@ -31,6 +31,7 @@ import static org.apache.geode.test.greplogs.Patterns.JAVA_LANG_ERROR; import static org.apache.geode.test.greplogs.Patterns.LOG_STATEMENT; import static org.apache.geode.test.greplogs.Patterns.MALFORMED_I18N_MESSAGE; import static org.apache.geode.test.greplogs.Patterns.MALFORMED_LOG4J_MESSAGE; +import static org.apache.geode.test.greplogs.Patterns.MANAGEMENT_REQUEST; import static org.apache.geode.test.greplogs.Patterns.RMI_WARNING; import static org.apache.geode.test.greplogs.Patterns.RVV_BIT_SET_MESSAGE; import static org.apache.geode.test.greplogs.Patterns.WARN_OR_LESS_LOG_LEVEL; @@ -43,6 +44,7 @@ import java.util.regex.MatchResult; import java.util.regex.Matcher; import java.util.regex.Pattern; + public class LogConsumer { /** Limit long errors to this many lines */ @@ -162,13 +164,18 @@ public class LogConsumer { } private boolean isExceptionErrorOrSomeSpecialCase(CharSequence line) { -return (EXCEPTION.matcher(line).find() || -JAVA_LANG_ERROR.matcher(line).find() || -MALFORMED_I18N_MESSAGE.matcher(line).find() || -MALFORMED_LOG4J_MESSAGE.matcher(line).find()) && -!(HYDRA_MASTER_LOCATORS_WILDCARD.matcher(line).find()) && -!(WARN_OR_LESS_LOG_LEVEL.matcher(line).find() && -RVV_BIT_SET_MESSAGE.matcher(line).find()); +// if one of the following finds is true +return (EXCEPTION.matcher(line).find() || JAVA_LANG_ERROR.matcher(line).find() +|| MALFORMED_I18N_MESSAGE.matcher(line).find() +|| MALFORMED_LOG4J_MESSAGE.matcher(line).find()) && +// and we don't find the below +!(HYDRA_MASTER_LOCATORS_WILDCARD.matcher(line).find()) +&& !(WARN_OR_LESS_LOG_LEVEL.matcher(line).find() +&& MANAGEMENT_REQUEST.matcher(line).find()) +&& !(WARN_OR_LESS_LOG_LEVEL.matcher(line).find() // Warning message or lower +&& RVV_BIT_SET_MESSAGE.matcher(line).find()); // rvv bit sit message +// then it is an exception error or some special case. + } private void addErrLinesToAll(CharSequence line) { diff --git a/geode-dunit/src/main/java/org/apache/geode/test/greplogs/Patterns.java b/geode-dunit/src/main/java/org/apache/geode/test/greplogs/Patterns.java index 662bad915d..514a7b9e2c 100644 --- a/geode-dunit/src/main/java/org/apache/geode/test/greplogs/Patterns.java +++ b/geode-dunit/src/main/java/org/apache/geode/test/greplogs/Patterns.java @@ -58,7 +58,11 @@ public enum Patterns { /** "{}" literal which is probably unused Log4J parameter */ MALFORMED_LOG4J_MESSAGE(compile("\\{\\}")), /** "{}" literal used for hydra master locators wildcard */ - HYDRA_MASTER_LOCATORS_WILDCARD(compile("hydra\\.MasterDescription\\.master\\.locators=\\{\\}")); + HYDRA_MASTER_LOCATORS_WILDCARD(compile("hydra\\.MasterDescription\\.master\\.locators=\\{\\}")), + /** + * "Management Request:" messages "Management Request: PUT[url=/management/v1/deployments]" + */ + MANAGEMENT_REQUEST(compile("Management Request:")); private final Pattern pattern; diff --git a/geode-dunit/src/test/java/org/apache/geode/test/greplogs/LogConsumerTest.java b/geode-dunit/src/test/java/org/apache/geode/test/greplogs/LogConsumerTest.java index 1380db652c..b221440a5a 100644 --- a/geode-dunit/src/test/java/org/apache/geode/test/greplogs/LogConsumerTest.java +++ b/geode-dunit/src/test/java/org/apache/geode/test/greplogs/LogConsumerTest.java @@ -157,6 +157,58 @@ public class LogConsumerTest { assertThat(value).isNull(); } + @Test + public void close_returnsNull_ifLineContains_ManagementRequest() { +String managmentRequest = +"[info 2022/04/16 09:39:11.008 UTC locator-0 tid=0x72] Management Request: PUT[url=/management/v1/deployments];