[geode] branch support/1.13 updated: GEODE-10122: P2P Messaging Handles TLS KeyUpdate Message (#7449) (#7615) (#7625)
This is an automated email from the ASF dual-hosted git repository.
burcham pushed a commit to branch support/1.13
in repository https://gitbox.apache.org/repos/asf/geode.git
The following commit(s) were added to refs/heads/support/1.13 by this push:
new 6b93208307 GEODE-10122: P2P Messaging Handles TLS KeyUpdate Message
(#7449) (#7615) (#7625)
6b93208307 is described below
commit 6b9320830724dcab8fb1ed3ad3211c4dfc5bf5b5
Author: Bill Burcham
AuthorDate: Tue Apr 26 15:40:40 2022 -0700
GEODE-10122: P2P Messaging Handles TLS KeyUpdate Message (#7449) (#7615)
(#7625)
* Key expiration works for TLSv1.3 and GCM-based ciphers
* TLS KeyUpdate messages are processed correctly
* Removed dependencies on: Mockito 4, JUnit 5, GeodeParamsRunner
(cherry picked from commit d2535394a82ac5faf10f004f4e3c15f756f7b177)
(cherry picked from commit 07c08e95025ff955c9b361db4b97902ce722be81)
---
.../internal/P2PMessagingConcurrencyDUnitTest.java | 2 +-
...P2pMessagingSslTlsKeyUpdateDistributedTest.java | 367 +++
.../tcp/ConnectionCloseSSLTLSDUnitTest.java| 8 +-
.../internal/net/NioSslEngineKeyUpdateTest.java| 497 +
.../apache/geode/internal/net/NioSslEngine.java| 67 +--
.../org/apache/geode/internal/tcp/Connection.java | 2 +-
.../geode/internal/net/NioSslEngineTest.java | 38 +-
7 files changed, 934 insertions(+), 47 deletions(-)
diff --git
a/geode-core/src/distributedTest/java/org/apache/geode/distributed/internal/P2PMessagingConcurrencyDUnitTest.java
b/geode-core/src/distributedTest/java/org/apache/geode/distributed/internal/P2PMessagingConcurrencyDUnitTest.java
index 0d7c2d389f..326e1c2ac4 100644
---
a/geode-core/src/distributedTest/java/org/apache/geode/distributed/internal/P2PMessagingConcurrencyDUnitTest.java
+++
b/geode-core/src/distributedTest/java/org/apache/geode/distributed/internal/P2PMessagingConcurrencyDUnitTest.java
@@ -167,7 +167,6 @@ public class P2PMessagingConcurrencyDUnitTest {
bytesTransferredAdder = new LongAdder();
final ClusterDistributionManager cdm = getCDM();
- final Random random = new Random(RANDOM_SEED);
final AtomicInteger nextSenderId = new AtomicInteger();
/*
@@ -194,6 +193,7 @@ public class P2PMessagingConcurrencyDUnitTest {
throw new RuntimeException("doSending failed", e);
}
final int firstMessageId = senderId * SENDER_COUNT;
+final Random random = new Random(RANDOM_SEED);
for (int messageId = firstMessageId; messageId < firstMessageId
+ MESSAGES_PER_SENDER; messageId++) {
final TestMessage msg = new TestMessage(receiverMember, random,
messageId);
diff --git
a/geode-core/src/distributedTest/java/org/apache/geode/distributed/internal/P2pMessagingSslTlsKeyUpdateDistributedTest.java
b/geode-core/src/distributedTest/java/org/apache/geode/distributed/internal/P2pMessagingSslTlsKeyUpdateDistributedTest.java
new file mode 100644
index 00..3a887d5521
--- /dev/null
+++
b/geode-core/src/distributedTest/java/org/apache/geode/distributed/internal/P2pMessagingSslTlsKeyUpdateDistributedTest.java
@@ -0,0 +1,367 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
contributor license
+ * agreements. See the NOTICE file distributed with this work for additional
information regarding
+ * copyright ownership. The ASF licenses this file to You under the Apache
License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the
License. You may obtain a
+ * copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express
+ * or implied. See the License for the specific language governing permissions
and limitations under
+ * the License.
+ */
+
+package org.apache.geode.distributed.internal;
+
+import static org.apache.geode.distributed.ConfigurationProperties.SSL_CIPHERS;
+import static
org.apache.geode.distributed.ConfigurationProperties.SSL_PROTOCOLS;
+import static org.apache.geode.test.awaitility.GeodeAwaitility.await;
+import static org.assertj.core.api.Assertions.assertThat;
+
+import java.io.DataInput;
+import java.io.DataOutput;
+import java.io.IOException;
+import java.lang.reflect.Field;
+import java.security.GeneralSecurityException;
+import java.security.Security;
+import java.util.Map;
+import java.util.Properties;
+import java.util.Set;
+import java.util.concurrent.ThreadLocalRandom;
+import java.util.concurrent.atomic.LongAdder;
+
+import junitparams.JUnitParamsRunner;
+import junitparams.Parameters;
+import org.jetbrains.annotations.NotNull;
+import org.junit.After;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+import
[geode] branch support/1.14 updated: GEODE-10122: P2P Messaging Handles TLS KeyUpdate Message (#7449) (#7615)
This is an automated email from the ASF dual-hosted git repository.
burcham pushed a commit to branch support/1.14
in repository https://gitbox.apache.org/repos/asf/geode.git
The following commit(s) were added to refs/heads/support/1.14 by this push:
new 07c08e9502 GEODE-10122: P2P Messaging Handles TLS KeyUpdate Message
(#7449) (#7615)
07c08e9502 is described below
commit 07c08e95025ff955c9b361db4b97902ce722be81
Author: Bill Burcham
AuthorDate: Tue Apr 26 14:54:03 2022 -0700
GEODE-10122: P2P Messaging Handles TLS KeyUpdate Message (#7449) (#7615)
* Key expiration works for TLSv1.3 and GCM-based ciphers
* TLS KeyUpdate messages are processed correctly
* Removed dependencies on: Mockito 4, JUnit 5, GeodeParamsRunner
(cherry picked from commit d2535394a82ac5faf10f004f4e3c15f756f7b177)
---
.../internal/P2PMessagingConcurrencyDUnitTest.java | 2 +-
...P2pMessagingSslTlsKeyUpdateDistributedTest.java | 367 +++
.../tcp/ConnectionCloseSSLTLSDUnitTest.java| 8 +-
.../internal/net/NioSslEngineKeyUpdateTest.java| 497 +
.../apache/geode/internal/net/NioSslEngine.java| 67 +--
.../org/apache/geode/internal/tcp/Connection.java | 2 +-
.../geode/internal/net/NioSslEngineTest.java | 38 +-
7 files changed, 934 insertions(+), 47 deletions(-)
diff --git
a/geode-core/src/distributedTest/java/org/apache/geode/distributed/internal/P2PMessagingConcurrencyDUnitTest.java
b/geode-core/src/distributedTest/java/org/apache/geode/distributed/internal/P2PMessagingConcurrencyDUnitTest.java
index 0d7c2d389f..326e1c2ac4 100644
---
a/geode-core/src/distributedTest/java/org/apache/geode/distributed/internal/P2PMessagingConcurrencyDUnitTest.java
+++
b/geode-core/src/distributedTest/java/org/apache/geode/distributed/internal/P2PMessagingConcurrencyDUnitTest.java
@@ -167,7 +167,6 @@ public class P2PMessagingConcurrencyDUnitTest {
bytesTransferredAdder = new LongAdder();
final ClusterDistributionManager cdm = getCDM();
- final Random random = new Random(RANDOM_SEED);
final AtomicInteger nextSenderId = new AtomicInteger();
/*
@@ -194,6 +193,7 @@ public class P2PMessagingConcurrencyDUnitTest {
throw new RuntimeException("doSending failed", e);
}
final int firstMessageId = senderId * SENDER_COUNT;
+final Random random = new Random(RANDOM_SEED);
for (int messageId = firstMessageId; messageId < firstMessageId
+ MESSAGES_PER_SENDER; messageId++) {
final TestMessage msg = new TestMessage(receiverMember, random,
messageId);
diff --git
a/geode-core/src/distributedTest/java/org/apache/geode/distributed/internal/P2pMessagingSslTlsKeyUpdateDistributedTest.java
b/geode-core/src/distributedTest/java/org/apache/geode/distributed/internal/P2pMessagingSslTlsKeyUpdateDistributedTest.java
new file mode 100644
index 00..3a887d5521
--- /dev/null
+++
b/geode-core/src/distributedTest/java/org/apache/geode/distributed/internal/P2pMessagingSslTlsKeyUpdateDistributedTest.java
@@ -0,0 +1,367 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
contributor license
+ * agreements. See the NOTICE file distributed with this work for additional
information regarding
+ * copyright ownership. The ASF licenses this file to You under the Apache
License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the
License. You may obtain a
+ * copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express
+ * or implied. See the License for the specific language governing permissions
and limitations under
+ * the License.
+ */
+
+package org.apache.geode.distributed.internal;
+
+import static org.apache.geode.distributed.ConfigurationProperties.SSL_CIPHERS;
+import static
org.apache.geode.distributed.ConfigurationProperties.SSL_PROTOCOLS;
+import static org.apache.geode.test.awaitility.GeodeAwaitility.await;
+import static org.assertj.core.api.Assertions.assertThat;
+
+import java.io.DataInput;
+import java.io.DataOutput;
+import java.io.IOException;
+import java.lang.reflect.Field;
+import java.security.GeneralSecurityException;
+import java.security.Security;
+import java.util.Map;
+import java.util.Properties;
+import java.util.Set;
+import java.util.concurrent.ThreadLocalRandom;
+import java.util.concurrent.atomic.LongAdder;
+
+import junitparams.JUnitParamsRunner;
+import junitparams.Parameters;
+import org.jetbrains.annotations.NotNull;
+import org.junit.After;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+import org.junit.runner.RunWith;
+
+import org.apache.geode.cache.CacheFactory;
+import
[geode] branch develop updated: GEODE-10248: Adding a new Suspicious Strings exception (#7612)
This is an automated email from the ASF dual-hosted git repository.
mhanson pushed a commit to branch develop
in repository https://gitbox.apache.org/repos/asf/geode.git
The following commit(s) were added to refs/heads/develop by this push:
new 718aafeb35 GEODE-10248: Adding a new Suspicious Strings exception
(#7612)
718aafeb35 is described below
commit 718aafeb35906c6f25dac0bf266a2cdb962bd37a
Author: mhansonp
AuthorDate: Tue Apr 26 09:33:05 2022 -0700
GEODE-10248: Adding a new Suspicious Strings exception (#7612)
for Management Requests that get logged and a test
---
.../apache/geode/test/greplogs/LogConsumer.java| 21 ++---
.../org/apache/geode/test/greplogs/Patterns.java | 6 ++-
.../geode/test/greplogs/LogConsumerTest.java | 52 ++
3 files changed, 71 insertions(+), 8 deletions(-)
diff --git
a/geode-dunit/src/main/java/org/apache/geode/test/greplogs/LogConsumer.java
b/geode-dunit/src/main/java/org/apache/geode/test/greplogs/LogConsumer.java
index c313418344..93da8d05ac 100644
--- a/geode-dunit/src/main/java/org/apache/geode/test/greplogs/LogConsumer.java
+++ b/geode-dunit/src/main/java/org/apache/geode/test/greplogs/LogConsumer.java
@@ -31,6 +31,7 @@ import static
org.apache.geode.test.greplogs.Patterns.JAVA_LANG_ERROR;
import static org.apache.geode.test.greplogs.Patterns.LOG_STATEMENT;
import static org.apache.geode.test.greplogs.Patterns.MALFORMED_I18N_MESSAGE;
import static org.apache.geode.test.greplogs.Patterns.MALFORMED_LOG4J_MESSAGE;
+import static org.apache.geode.test.greplogs.Patterns.MANAGEMENT_REQUEST;
import static org.apache.geode.test.greplogs.Patterns.RMI_WARNING;
import static org.apache.geode.test.greplogs.Patterns.RVV_BIT_SET_MESSAGE;
import static org.apache.geode.test.greplogs.Patterns.WARN_OR_LESS_LOG_LEVEL;
@@ -43,6 +44,7 @@ import java.util.regex.MatchResult;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
+
public class LogConsumer {
/** Limit long errors to this many lines */
@@ -162,13 +164,18 @@ public class LogConsumer {
}
private boolean isExceptionErrorOrSomeSpecialCase(CharSequence line) {
-return (EXCEPTION.matcher(line).find() ||
-JAVA_LANG_ERROR.matcher(line).find() ||
-MALFORMED_I18N_MESSAGE.matcher(line).find() ||
-MALFORMED_LOG4J_MESSAGE.matcher(line).find()) &&
-!(HYDRA_MASTER_LOCATORS_WILDCARD.matcher(line).find()) &&
-!(WARN_OR_LESS_LOG_LEVEL.matcher(line).find() &&
-RVV_BIT_SET_MESSAGE.matcher(line).find());
+// if one of the following finds is true
+return (EXCEPTION.matcher(line).find() ||
JAVA_LANG_ERROR.matcher(line).find()
+|| MALFORMED_I18N_MESSAGE.matcher(line).find()
+|| MALFORMED_LOG4J_MESSAGE.matcher(line).find()) &&
+// and we don't find the below
+!(HYDRA_MASTER_LOCATORS_WILDCARD.matcher(line).find())
+&& !(WARN_OR_LESS_LOG_LEVEL.matcher(line).find()
+&& MANAGEMENT_REQUEST.matcher(line).find())
+&& !(WARN_OR_LESS_LOG_LEVEL.matcher(line).find() // Warning message or
lower
+&& RVV_BIT_SET_MESSAGE.matcher(line).find()); // rvv bit sit
message
+// then it is an exception error or some special case.
+
}
private void addErrLinesToAll(CharSequence line) {
diff --git
a/geode-dunit/src/main/java/org/apache/geode/test/greplogs/Patterns.java
b/geode-dunit/src/main/java/org/apache/geode/test/greplogs/Patterns.java
index 662bad915d..514a7b9e2c 100644
--- a/geode-dunit/src/main/java/org/apache/geode/test/greplogs/Patterns.java
+++ b/geode-dunit/src/main/java/org/apache/geode/test/greplogs/Patterns.java
@@ -58,7 +58,11 @@ public enum Patterns {
/** "{}" literal which is probably unused Log4J parameter */
MALFORMED_LOG4J_MESSAGE(compile("\\{\\}")),
/** "{}" literal used for hydra master locators wildcard */
-
HYDRA_MASTER_LOCATORS_WILDCARD(compile("hydra\\.MasterDescription\\.master\\.locators=\\{\\}"));
+
HYDRA_MASTER_LOCATORS_WILDCARD(compile("hydra\\.MasterDescription\\.master\\.locators=\\{\\}")),
+ /**
+ * "Management Request:" messages "Management Request:
PUT[url=/management/v1/deployments]"
+ */
+ MANAGEMENT_REQUEST(compile("Management Request:"));
private final Pattern pattern;
diff --git
a/geode-dunit/src/test/java/org/apache/geode/test/greplogs/LogConsumerTest.java
b/geode-dunit/src/test/java/org/apache/geode/test/greplogs/LogConsumerTest.java
index 1380db652c..b221440a5a 100644
---
a/geode-dunit/src/test/java/org/apache/geode/test/greplogs/LogConsumerTest.java
+++
b/geode-dunit/src/test/java/org/apache/geode/test/greplogs/LogConsumerTest.java
@@ -157,6 +157,58 @@ public class LogConsumerTest {
assertThat(value).isNull();
}
+ @Test
+ public void close_returnsNull_ifLineContains_ManagementRequest() {
+String managmentRequest =
+"[info 2022/04/16 09:39:11.008 UTC locator-0
tid=0x72] Management Request: PUT[url=/management/v1/deployments];
