[geode] 03/03: GEODE-8652: NioSslEngine.close() Bypasses Locks (#5666)
This is an automated email from the ASF dual-hosted git repository. burcham pushed a commit to branch support/1.13 in repository https://gitbox.apache.org/repos/asf/geode.git commit b2af727ce23fd155f3665e3db2ecee6e8f80fba7 Author: Bill Burcham AuthorDate: Thu Oct 29 16:38:25 2020 -0700 GEODE-8652: NioSslEngine.close() Bypasses Locks (#5666) - NioSslEngine.close() proceeds even if readers (or writers) are operating on its ByteBuffers, allowing Connection.close() to close its socket and proceed. - NioSslEngine.close() needed a lock only on the output buffer, so we split what was a single lock into two. Also instead of using synchronized we use a ReentrantLock so we can call tryLock() and time out if needed in NioSslEngine.close(). - Since readers/writers may hold locks on these input/output buffers when NioSslEngine.close() is called a reference count is maintained and the buffers are returned to the pool only when the last user is done. - To manage the locking and reference counting a new AutoCloseable ByteBufferSharing interface is introduced with a trivial implementation: ByteBufferSharingNoOp and a real implementation: ByteBufferSharingImpl. Co-authored-by: Bill Burcham Co-authored-by: Darrel Schneider Co-authored-by: Ernie Burghardt (cherry picked from commit 08e9e9673d0ed0a3d74c6d16e706817cab09) --- .../tcp/ConnectionCloseSSLTLSDUnitTest.java| 238 + .../org/apache/geode/internal/tcp/server.keystore | Bin 0 -> 1256 bytes ...LSocketHostNameVerificationIntegrationTest.java | 4 +- .../internal/net/SSLSocketIntegrationTest.java | 57 +-- .../apache/geode/codeAnalysis/excludedClasses.txt | 1 + .../geode/internal/net/ByteBufferSharing.java | 55 +++ .../geode/internal/net/ByteBufferSharingImpl.java | 148 .../geode/internal/net/ByteBufferSharingNoOp.java | 52 +++ .../org/apache/geode/internal/net/NioFilter.java | 69 ++-- .../apache/geode/internal/net/NioPlainEngine.java | 27 +- .../apache/geode/internal/net/NioSslEngine.java| 353 ++- .../org/apache/geode/internal/tcp/Connection.java | 34 +- .../org/apache/geode/internal/tcp/MsgReader.java | 15 +- .../internal/net/ByteBufferSharingImplTest.java| 163 + .../geode/internal/net/NioPlainEngineTest.java | 47 ++- .../geode/internal/net/NioSslEngineTest.java | 392 +++-- 16 files changed, 1195 insertions(+), 460 deletions(-) diff --git a/geode-core/src/distributedTest/java/org/apache/geode/internal/tcp/ConnectionCloseSSLTLSDUnitTest.java b/geode-core/src/distributedTest/java/org/apache/geode/internal/tcp/ConnectionCloseSSLTLSDUnitTest.java new file mode 100644 index 000..77fe9bf --- /dev/null +++ b/geode-core/src/distributedTest/java/org/apache/geode/internal/tcp/ConnectionCloseSSLTLSDUnitTest.java @@ -0,0 +1,238 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for additional information regarding + * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance with the License. You may obtain a + * copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software distributed under the License + * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the License for the specific language governing permissions and limitations under + * the License. + */ + +package org.apache.geode.internal.tcp; + +import static org.apache.geode.distributed.ConfigurationProperties.CONSERVE_SOCKETS; +import static org.apache.geode.distributed.ConfigurationProperties.ENABLE_CLUSTER_CONFIGURATION; +import static org.apache.geode.distributed.ConfigurationProperties.LOCATORS; +import static org.apache.geode.distributed.ConfigurationProperties.NAME; +import static org.apache.geode.distributed.ConfigurationProperties.SOCKET_BUFFER_SIZE; +import static org.apache.geode.distributed.ConfigurationProperties.SOCKET_LEASE_TIME; +import static org.apache.geode.distributed.ConfigurationProperties.SSL_ENABLED_COMPONENTS; +import static org.apache.geode.distributed.ConfigurationProperties.SSL_KEYSTORE; +import static org.apache.geode.distributed.ConfigurationProperties.SSL_KEYSTORE_PASSWORD; +import static org.apache.geode.distributed.ConfigurationProperties.SSL_PROTOCOLS; +import static org.apache.geode.distributed.ConfigurationProperties.SSL_REQUIRE_AUTHENTICATION; +import static org.apache.geode.distributed.ConfigurationProperties.SSL_TRUSTSTORE; +import static org.apache.geode.distributed.ConfigurationProperties.SSL_TRUSTSTORE_PASSWORD; +import static org.
[geode] 03/03: GEODE-8652: NioSslEngine.close() Bypasses Locks (#5666)
This is an automated email from the ASF dual-hosted git repository. burcham pushed a commit to branch support/1.13 in repository https://gitbox.apache.org/repos/asf/geode.git commit b2af727ce23fd155f3665e3db2ecee6e8f80fba7 Author: Bill Burcham AuthorDate: Thu Oct 29 16:38:25 2020 -0700 GEODE-8652: NioSslEngine.close() Bypasses Locks (#5666) - NioSslEngine.close() proceeds even if readers (or writers) are operating on its ByteBuffers, allowing Connection.close() to close its socket and proceed. - NioSslEngine.close() needed a lock only on the output buffer, so we split what was a single lock into two. Also instead of using synchronized we use a ReentrantLock so we can call tryLock() and time out if needed in NioSslEngine.close(). - Since readers/writers may hold locks on these input/output buffers when NioSslEngine.close() is called a reference count is maintained and the buffers are returned to the pool only when the last user is done. - To manage the locking and reference counting a new AutoCloseable ByteBufferSharing interface is introduced with a trivial implementation: ByteBufferSharingNoOp and a real implementation: ByteBufferSharingImpl. Co-authored-by: Bill Burcham Co-authored-by: Darrel Schneider Co-authored-by: Ernie Burghardt (cherry picked from commit 08e9e9673d0ed0a3d74c6d16e706817cab09) --- .../tcp/ConnectionCloseSSLTLSDUnitTest.java| 238 + .../org/apache/geode/internal/tcp/server.keystore | Bin 0 -> 1256 bytes ...LSocketHostNameVerificationIntegrationTest.java | 4 +- .../internal/net/SSLSocketIntegrationTest.java | 57 +-- .../apache/geode/codeAnalysis/excludedClasses.txt | 1 + .../geode/internal/net/ByteBufferSharing.java | 55 +++ .../geode/internal/net/ByteBufferSharingImpl.java | 148 .../geode/internal/net/ByteBufferSharingNoOp.java | 52 +++ .../org/apache/geode/internal/net/NioFilter.java | 69 ++-- .../apache/geode/internal/net/NioPlainEngine.java | 27 +- .../apache/geode/internal/net/NioSslEngine.java| 353 ++- .../org/apache/geode/internal/tcp/Connection.java | 34 +- .../org/apache/geode/internal/tcp/MsgReader.java | 15 +- .../internal/net/ByteBufferSharingImplTest.java| 163 + .../geode/internal/net/NioPlainEngineTest.java | 47 ++- .../geode/internal/net/NioSslEngineTest.java | 392 +++-- 16 files changed, 1195 insertions(+), 460 deletions(-) diff --git a/geode-core/src/distributedTest/java/org/apache/geode/internal/tcp/ConnectionCloseSSLTLSDUnitTest.java b/geode-core/src/distributedTest/java/org/apache/geode/internal/tcp/ConnectionCloseSSLTLSDUnitTest.java new file mode 100644 index 000..77fe9bf --- /dev/null +++ b/geode-core/src/distributedTest/java/org/apache/geode/internal/tcp/ConnectionCloseSSLTLSDUnitTest.java @@ -0,0 +1,238 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for additional information regarding + * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance with the License. You may obtain a + * copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software distributed under the License + * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the License for the specific language governing permissions and limitations under + * the License. + */ + +package org.apache.geode.internal.tcp; + +import static org.apache.geode.distributed.ConfigurationProperties.CONSERVE_SOCKETS; +import static org.apache.geode.distributed.ConfigurationProperties.ENABLE_CLUSTER_CONFIGURATION; +import static org.apache.geode.distributed.ConfigurationProperties.LOCATORS; +import static org.apache.geode.distributed.ConfigurationProperties.NAME; +import static org.apache.geode.distributed.ConfigurationProperties.SOCKET_BUFFER_SIZE; +import static org.apache.geode.distributed.ConfigurationProperties.SOCKET_LEASE_TIME; +import static org.apache.geode.distributed.ConfigurationProperties.SSL_ENABLED_COMPONENTS; +import static org.apache.geode.distributed.ConfigurationProperties.SSL_KEYSTORE; +import static org.apache.geode.distributed.ConfigurationProperties.SSL_KEYSTORE_PASSWORD; +import static org.apache.geode.distributed.ConfigurationProperties.SSL_PROTOCOLS; +import static org.apache.geode.distributed.ConfigurationProperties.SSL_REQUIRE_AUTHENTICATION; +import static org.apache.geode.distributed.ConfigurationProperties.SSL_TRUSTSTORE; +import static org.apache.geode.distributed.ConfigurationProperties.SSL_TRUSTSTORE_PASSWORD; +import static org.
[geode] 03/03: GEODE-8652: NioSslEngine.close() Bypasses Locks (#5666)
This is an automated email from the ASF dual-hosted git repository. burcham pushed a commit to branch support/1.13 in repository https://gitbox.apache.org/repos/asf/geode.git commit b2af727ce23fd155f3665e3db2ecee6e8f80fba7 Author: Bill Burcham AuthorDate: Thu Oct 29 16:38:25 2020 -0700 GEODE-8652: NioSslEngine.close() Bypasses Locks (#5666) - NioSslEngine.close() proceeds even if readers (or writers) are operating on its ByteBuffers, allowing Connection.close() to close its socket and proceed. - NioSslEngine.close() needed a lock only on the output buffer, so we split what was a single lock into two. Also instead of using synchronized we use a ReentrantLock so we can call tryLock() and time out if needed in NioSslEngine.close(). - Since readers/writers may hold locks on these input/output buffers when NioSslEngine.close() is called a reference count is maintained and the buffers are returned to the pool only when the last user is done. - To manage the locking and reference counting a new AutoCloseable ByteBufferSharing interface is introduced with a trivial implementation: ByteBufferSharingNoOp and a real implementation: ByteBufferSharingImpl. Co-authored-by: Bill Burcham Co-authored-by: Darrel Schneider Co-authored-by: Ernie Burghardt (cherry picked from commit 08e9e9673d0ed0a3d74c6d16e706817cab09) --- .../tcp/ConnectionCloseSSLTLSDUnitTest.java| 238 + .../org/apache/geode/internal/tcp/server.keystore | Bin 0 -> 1256 bytes ...LSocketHostNameVerificationIntegrationTest.java | 4 +- .../internal/net/SSLSocketIntegrationTest.java | 57 +-- .../apache/geode/codeAnalysis/excludedClasses.txt | 1 + .../geode/internal/net/ByteBufferSharing.java | 55 +++ .../geode/internal/net/ByteBufferSharingImpl.java | 148 .../geode/internal/net/ByteBufferSharingNoOp.java | 52 +++ .../org/apache/geode/internal/net/NioFilter.java | 69 ++-- .../apache/geode/internal/net/NioPlainEngine.java | 27 +- .../apache/geode/internal/net/NioSslEngine.java| 353 ++- .../org/apache/geode/internal/tcp/Connection.java | 34 +- .../org/apache/geode/internal/tcp/MsgReader.java | 15 +- .../internal/net/ByteBufferSharingImplTest.java| 163 + .../geode/internal/net/NioPlainEngineTest.java | 47 ++- .../geode/internal/net/NioSslEngineTest.java | 392 +++-- 16 files changed, 1195 insertions(+), 460 deletions(-) diff --git a/geode-core/src/distributedTest/java/org/apache/geode/internal/tcp/ConnectionCloseSSLTLSDUnitTest.java b/geode-core/src/distributedTest/java/org/apache/geode/internal/tcp/ConnectionCloseSSLTLSDUnitTest.java new file mode 100644 index 000..77fe9bf --- /dev/null +++ b/geode-core/src/distributedTest/java/org/apache/geode/internal/tcp/ConnectionCloseSSLTLSDUnitTest.java @@ -0,0 +1,238 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for additional information regarding + * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance with the License. You may obtain a + * copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software distributed under the License + * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the License for the specific language governing permissions and limitations under + * the License. + */ + +package org.apache.geode.internal.tcp; + +import static org.apache.geode.distributed.ConfigurationProperties.CONSERVE_SOCKETS; +import static org.apache.geode.distributed.ConfigurationProperties.ENABLE_CLUSTER_CONFIGURATION; +import static org.apache.geode.distributed.ConfigurationProperties.LOCATORS; +import static org.apache.geode.distributed.ConfigurationProperties.NAME; +import static org.apache.geode.distributed.ConfigurationProperties.SOCKET_BUFFER_SIZE; +import static org.apache.geode.distributed.ConfigurationProperties.SOCKET_LEASE_TIME; +import static org.apache.geode.distributed.ConfigurationProperties.SSL_ENABLED_COMPONENTS; +import static org.apache.geode.distributed.ConfigurationProperties.SSL_KEYSTORE; +import static org.apache.geode.distributed.ConfigurationProperties.SSL_KEYSTORE_PASSWORD; +import static org.apache.geode.distributed.ConfigurationProperties.SSL_PROTOCOLS; +import static org.apache.geode.distributed.ConfigurationProperties.SSL_REQUIRE_AUTHENTICATION; +import static org.apache.geode.distributed.ConfigurationProperties.SSL_TRUSTSTORE; +import static org.apache.geode.distributed.ConfigurationProperties.SSL_TRUSTSTORE_PASSWORD; +import static org.
[geode] 03/03: GEODE-8652: NioSslEngine.close() Bypasses Locks (#5666)
This is an automated email from the ASF dual-hosted git repository. burcham pushed a commit to branch support/1.13 in repository https://gitbox.apache.org/repos/asf/geode.git commit b2af727ce23fd155f3665e3db2ecee6e8f80fba7 Author: Bill Burcham AuthorDate: Thu Oct 29 16:38:25 2020 -0700 GEODE-8652: NioSslEngine.close() Bypasses Locks (#5666) - NioSslEngine.close() proceeds even if readers (or writers) are operating on its ByteBuffers, allowing Connection.close() to close its socket and proceed. - NioSslEngine.close() needed a lock only on the output buffer, so we split what was a single lock into two. Also instead of using synchronized we use a ReentrantLock so we can call tryLock() and time out if needed in NioSslEngine.close(). - Since readers/writers may hold locks on these input/output buffers when NioSslEngine.close() is called a reference count is maintained and the buffers are returned to the pool only when the last user is done. - To manage the locking and reference counting a new AutoCloseable ByteBufferSharing interface is introduced with a trivial implementation: ByteBufferSharingNoOp and a real implementation: ByteBufferSharingImpl. Co-authored-by: Bill Burcham Co-authored-by: Darrel Schneider Co-authored-by: Ernie Burghardt (cherry picked from commit 08e9e9673d0ed0a3d74c6d16e706817cab09) --- .../tcp/ConnectionCloseSSLTLSDUnitTest.java| 238 + .../org/apache/geode/internal/tcp/server.keystore | Bin 0 -> 1256 bytes ...LSocketHostNameVerificationIntegrationTest.java | 4 +- .../internal/net/SSLSocketIntegrationTest.java | 57 +-- .../apache/geode/codeAnalysis/excludedClasses.txt | 1 + .../geode/internal/net/ByteBufferSharing.java | 55 +++ .../geode/internal/net/ByteBufferSharingImpl.java | 148 .../geode/internal/net/ByteBufferSharingNoOp.java | 52 +++ .../org/apache/geode/internal/net/NioFilter.java | 69 ++-- .../apache/geode/internal/net/NioPlainEngine.java | 27 +- .../apache/geode/internal/net/NioSslEngine.java| 353 ++- .../org/apache/geode/internal/tcp/Connection.java | 34 +- .../org/apache/geode/internal/tcp/MsgReader.java | 15 +- .../internal/net/ByteBufferSharingImplTest.java| 163 + .../geode/internal/net/NioPlainEngineTest.java | 47 ++- .../geode/internal/net/NioSslEngineTest.java | 392 +++-- 16 files changed, 1195 insertions(+), 460 deletions(-) diff --git a/geode-core/src/distributedTest/java/org/apache/geode/internal/tcp/ConnectionCloseSSLTLSDUnitTest.java b/geode-core/src/distributedTest/java/org/apache/geode/internal/tcp/ConnectionCloseSSLTLSDUnitTest.java new file mode 100644 index 000..77fe9bf --- /dev/null +++ b/geode-core/src/distributedTest/java/org/apache/geode/internal/tcp/ConnectionCloseSSLTLSDUnitTest.java @@ -0,0 +1,238 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for additional information regarding + * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance with the License. You may obtain a + * copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software distributed under the License + * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the License for the specific language governing permissions and limitations under + * the License. + */ + +package org.apache.geode.internal.tcp; + +import static org.apache.geode.distributed.ConfigurationProperties.CONSERVE_SOCKETS; +import static org.apache.geode.distributed.ConfigurationProperties.ENABLE_CLUSTER_CONFIGURATION; +import static org.apache.geode.distributed.ConfigurationProperties.LOCATORS; +import static org.apache.geode.distributed.ConfigurationProperties.NAME; +import static org.apache.geode.distributed.ConfigurationProperties.SOCKET_BUFFER_SIZE; +import static org.apache.geode.distributed.ConfigurationProperties.SOCKET_LEASE_TIME; +import static org.apache.geode.distributed.ConfigurationProperties.SSL_ENABLED_COMPONENTS; +import static org.apache.geode.distributed.ConfigurationProperties.SSL_KEYSTORE; +import static org.apache.geode.distributed.ConfigurationProperties.SSL_KEYSTORE_PASSWORD; +import static org.apache.geode.distributed.ConfigurationProperties.SSL_PROTOCOLS; +import static org.apache.geode.distributed.ConfigurationProperties.SSL_REQUIRE_AUTHENTICATION; +import static org.apache.geode.distributed.ConfigurationProperties.SSL_TRUSTSTORE; +import static org.apache.geode.distributed.ConfigurationProperties.SSL_TRUSTSTORE_PASSWORD; +import static org.
[geode] 03/03: GEODE-8652: NioSslEngine.close() Bypasses Locks (#5666)
This is an automated email from the ASF dual-hosted git repository. burcham pushed a commit to branch backport-1-13-GEODE-8652-and-friends in repository https://gitbox.apache.org/repos/asf/geode.git commit 0906b08f8f77d5e22d4fd155205129c864a3a85a Author: Bill Burcham AuthorDate: Thu Oct 29 16:38:25 2020 -0700 GEODE-8652: NioSslEngine.close() Bypasses Locks (#5666) - NioSslEngine.close() proceeds even if readers (or writers) are operating on its ByteBuffers, allowing Connection.close() to close its socket and proceed. - NioSslEngine.close() needed a lock only on the output buffer, so we split what was a single lock into two. Also instead of using synchronized we use a ReentrantLock so we can call tryLock() and time out if needed in NioSslEngine.close(). - Since readers/writers may hold locks on these input/output buffers when NioSslEngine.close() is called a reference count is maintained and the buffers are returned to the pool only when the last user is done. - To manage the locking and reference counting a new AutoCloseable ByteBufferSharing interface is introduced with a trivial implementation: ByteBufferSharingNoOp and a real implementation: ByteBufferSharingImpl. Co-authored-by: Bill Burcham Co-authored-by: Darrel Schneider Co-authored-by: Ernie Burghardt (cherry picked from commit 08e9e9673d0ed0a3d74c6d16e706817cab09) --- .../tcp/ConnectionCloseSSLTLSDUnitTest.java| 238 + .../org/apache/geode/internal/tcp/server.keystore | Bin 0 -> 1256 bytes ...LSocketHostNameVerificationIntegrationTest.java | 4 +- .../internal/net/SSLSocketIntegrationTest.java | 57 +-- .../apache/geode/codeAnalysis/excludedClasses.txt | 1 + .../geode/internal/net/ByteBufferSharing.java | 55 +++ .../geode/internal/net/ByteBufferSharingImpl.java | 148 .../geode/internal/net/ByteBufferSharingNoOp.java | 52 +++ .../org/apache/geode/internal/net/NioFilter.java | 69 ++-- .../apache/geode/internal/net/NioPlainEngine.java | 27 +- .../apache/geode/internal/net/NioSslEngine.java| 353 ++- .../org/apache/geode/internal/tcp/Connection.java | 34 +- .../org/apache/geode/internal/tcp/MsgReader.java | 15 +- .../internal/net/ByteBufferSharingImplTest.java| 163 + .../geode/internal/net/NioPlainEngineTest.java | 47 ++- .../geode/internal/net/NioSslEngineTest.java | 392 +++-- 16 files changed, 1195 insertions(+), 460 deletions(-) diff --git a/geode-core/src/distributedTest/java/org/apache/geode/internal/tcp/ConnectionCloseSSLTLSDUnitTest.java b/geode-core/src/distributedTest/java/org/apache/geode/internal/tcp/ConnectionCloseSSLTLSDUnitTest.java new file mode 100644 index 000..77fe9bf --- /dev/null +++ b/geode-core/src/distributedTest/java/org/apache/geode/internal/tcp/ConnectionCloseSSLTLSDUnitTest.java @@ -0,0 +1,238 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for additional information regarding + * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance with the License. You may obtain a + * copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software distributed under the License + * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the License for the specific language governing permissions and limitations under + * the License. + */ + +package org.apache.geode.internal.tcp; + +import static org.apache.geode.distributed.ConfigurationProperties.CONSERVE_SOCKETS; +import static org.apache.geode.distributed.ConfigurationProperties.ENABLE_CLUSTER_CONFIGURATION; +import static org.apache.geode.distributed.ConfigurationProperties.LOCATORS; +import static org.apache.geode.distributed.ConfigurationProperties.NAME; +import static org.apache.geode.distributed.ConfigurationProperties.SOCKET_BUFFER_SIZE; +import static org.apache.geode.distributed.ConfigurationProperties.SOCKET_LEASE_TIME; +import static org.apache.geode.distributed.ConfigurationProperties.SSL_ENABLED_COMPONENTS; +import static org.apache.geode.distributed.ConfigurationProperties.SSL_KEYSTORE; +import static org.apache.geode.distributed.ConfigurationProperties.SSL_KEYSTORE_PASSWORD; +import static org.apache.geode.distributed.ConfigurationProperties.SSL_PROTOCOLS; +import static org.apache.geode.distributed.ConfigurationProperties.SSL_REQUIRE_AUTHENTICATION; +import static org.apache.geode.distributed.ConfigurationProperties.SSL_TRUSTSTORE; +import static org.apache.geode.distributed.ConfigurationProperties.SSL_TRUSTSTORE_PASSWO
[geode] 03/03: GEODE-8652: NioSslEngine.close() Bypasses Locks (#5666)
This is an automated email from the ASF dual-hosted git repository. burcham pushed a commit to branch backport-1-13-GEODE-8652-and-friends in repository https://gitbox.apache.org/repos/asf/geode.git commit 0906b08f8f77d5e22d4fd155205129c864a3a85a Author: Bill Burcham AuthorDate: Thu Oct 29 16:38:25 2020 -0700 GEODE-8652: NioSslEngine.close() Bypasses Locks (#5666) - NioSslEngine.close() proceeds even if readers (or writers) are operating on its ByteBuffers, allowing Connection.close() to close its socket and proceed. - NioSslEngine.close() needed a lock only on the output buffer, so we split what was a single lock into two. Also instead of using synchronized we use a ReentrantLock so we can call tryLock() and time out if needed in NioSslEngine.close(). - Since readers/writers may hold locks on these input/output buffers when NioSslEngine.close() is called a reference count is maintained and the buffers are returned to the pool only when the last user is done. - To manage the locking and reference counting a new AutoCloseable ByteBufferSharing interface is introduced with a trivial implementation: ByteBufferSharingNoOp and a real implementation: ByteBufferSharingImpl. Co-authored-by: Bill Burcham Co-authored-by: Darrel Schneider Co-authored-by: Ernie Burghardt (cherry picked from commit 08e9e9673d0ed0a3d74c6d16e706817cab09) --- .../tcp/ConnectionCloseSSLTLSDUnitTest.java| 238 + .../org/apache/geode/internal/tcp/server.keystore | Bin 0 -> 1256 bytes ...LSocketHostNameVerificationIntegrationTest.java | 4 +- .../internal/net/SSLSocketIntegrationTest.java | 57 +-- .../apache/geode/codeAnalysis/excludedClasses.txt | 1 + .../geode/internal/net/ByteBufferSharing.java | 55 +++ .../geode/internal/net/ByteBufferSharingImpl.java | 148 .../geode/internal/net/ByteBufferSharingNoOp.java | 52 +++ .../org/apache/geode/internal/net/NioFilter.java | 69 ++-- .../apache/geode/internal/net/NioPlainEngine.java | 27 +- .../apache/geode/internal/net/NioSslEngine.java| 353 ++- .../org/apache/geode/internal/tcp/Connection.java | 34 +- .../org/apache/geode/internal/tcp/MsgReader.java | 15 +- .../internal/net/ByteBufferSharingImplTest.java| 163 + .../geode/internal/net/NioPlainEngineTest.java | 47 ++- .../geode/internal/net/NioSslEngineTest.java | 392 +++-- 16 files changed, 1195 insertions(+), 460 deletions(-) diff --git a/geode-core/src/distributedTest/java/org/apache/geode/internal/tcp/ConnectionCloseSSLTLSDUnitTest.java b/geode-core/src/distributedTest/java/org/apache/geode/internal/tcp/ConnectionCloseSSLTLSDUnitTest.java new file mode 100644 index 000..77fe9bf --- /dev/null +++ b/geode-core/src/distributedTest/java/org/apache/geode/internal/tcp/ConnectionCloseSSLTLSDUnitTest.java @@ -0,0 +1,238 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for additional information regarding + * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance with the License. You may obtain a + * copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software distributed under the License + * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the License for the specific language governing permissions and limitations under + * the License. + */ + +package org.apache.geode.internal.tcp; + +import static org.apache.geode.distributed.ConfigurationProperties.CONSERVE_SOCKETS; +import static org.apache.geode.distributed.ConfigurationProperties.ENABLE_CLUSTER_CONFIGURATION; +import static org.apache.geode.distributed.ConfigurationProperties.LOCATORS; +import static org.apache.geode.distributed.ConfigurationProperties.NAME; +import static org.apache.geode.distributed.ConfigurationProperties.SOCKET_BUFFER_SIZE; +import static org.apache.geode.distributed.ConfigurationProperties.SOCKET_LEASE_TIME; +import static org.apache.geode.distributed.ConfigurationProperties.SSL_ENABLED_COMPONENTS; +import static org.apache.geode.distributed.ConfigurationProperties.SSL_KEYSTORE; +import static org.apache.geode.distributed.ConfigurationProperties.SSL_KEYSTORE_PASSWORD; +import static org.apache.geode.distributed.ConfigurationProperties.SSL_PROTOCOLS; +import static org.apache.geode.distributed.ConfigurationProperties.SSL_REQUIRE_AUTHENTICATION; +import static org.apache.geode.distributed.ConfigurationProperties.SSL_TRUSTSTORE; +import static org.apache.geode.distributed.ConfigurationProperties.SSL_TRUSTSTORE_PASSWO