Some code tidy up ahead of post-GA development. (#3500)

Handle SSL Handshake timeouts properly
2025-06-12 20:28:18 +00:00 · 2018-07-03 14:16:31 +01:00
parent a5f43110f0
commit d0568121b7
10 changed files with 200 additions and 135 deletions
--- a/node-api/src/main/kotlin/net/corda/nodeapi/internal/bridging/AMQPBridgeManager.kt
+++ b/node-api/src/main/kotlin/net/corda/nodeapi/internal/bridging/AMQPBridgeManager.kt
@ -11,13 +11,13 @@ import net.corda.nodeapi.internal.ArtemisMessagingClient
 import net.corda.nodeapi.internal.ArtemisMessagingComponent
 import net.corda.nodeapi.internal.ArtemisMessagingComponent.Companion.NODE_P2P_USER
 import net.corda.nodeapi.internal.ArtemisMessagingComponent.Companion.P2PMessagingHeaders
-import net.corda.nodeapi.internal.ArtemisMessagingComponent.Companion.PEER_USER
 import net.corda.nodeapi.internal.ArtemisMessagingComponent.RemoteInboxAddress.Companion.translateLocalQueueToInboxAddress
 import net.corda.nodeapi.internal.ArtemisSessionProvider
 import net.corda.nodeapi.internal.bridging.AMQPBridgeManager.AMQPBridge.Companion.getBridgeName
 import net.corda.nodeapi.internal.config.NodeSSLConfiguration
 import net.corda.nodeapi.internal.protonwrapper.messages.MessageStatus
 import net.corda.nodeapi.internal.protonwrapper.netty.AMQPClient
+import net.corda.nodeapi.internal.protonwrapper.netty.AMQPConfiguration
 import org.apache.activemq.artemis.api.core.SimpleString
 import org.apache.activemq.artemis.api.core.client.ActiveMQClient.DEFAULT_ACK_BATCH_SIZE
 import org.apache.activemq.artemis.api.core.client.ClientConsumer
@ -37,16 +37,24 @@ import kotlin.concurrent.withLock
 *  The Netty thread pool used by the AMQPBridges is also shared and managed by the AMQPBridgeManager.
 */
@VisibleForTesting
-class AMQPBridgeManager(config: NodeSSLConfiguration, private val maxMessageSize: Int, private val artemisMessageClientFactory: () -> ArtemisSessionProvider) : BridgeManager {
+class AMQPBridgeManager(config: NodeSSLConfiguration, maxMessageSize: Int, private val artemisMessageClientFactory: () -> ArtemisSessionProvider) : BridgeManager {

    private val lock = ReentrantLock()
    private val bridgeNameToBridgeMap = mutableMapOf<String, AMQPBridge>()
+
+    private class AMQPConfigurationImpl private constructor(override val keyStore: KeyStore,
+                                                            override val keyStorePrivateKeyPassword: CharArray,
+                                                            override val trustStore: KeyStore,
+                                                            override val maxMessageSize: Int) : AMQPConfiguration {
+        constructor(config: NodeSSLConfiguration, maxMessageSize: Int) : this(config.loadSslKeyStore().internal,
+                config.keyStorePassword.toCharArray(),
+                config.loadTrustStore().internal,
+                maxMessageSize)
+    }
+
+    private val amqpConfig: AMQPConfiguration = AMQPConfigurationImpl(config, maxMessageSize)
    private var sharedEventLoopGroup: EventLoopGroup? = null
-    private val keyStore = config.loadSslKeyStore().internal
-    private val keyStorePrivateKeyPassword: String = config.keyStorePassword
-    private val trustStore = config.loadTrustStore().internal
    private var artemis: ArtemisSessionProvider? = null
-    private val crlCheckSoftFail: Boolean = config.crlCheckSoftFail

    constructor(config: NodeSSLConfiguration, p2pAddress: NetworkHostAndPort, maxMessageSize: Int) : this(config, maxMessageSize, { ArtemisMessagingClient(config, p2pAddress, maxMessageSize) })

@ -65,26 +73,26 @@ class AMQPBridgeManager(config: NodeSSLConfiguration, private val maxMessageSize
    private class AMQPBridge(private val queueName: String,
                             private val target: NetworkHostAndPort,
                             private val legalNames: Set<CordaX500Name>,
-                             keyStore: KeyStore,
-                             keyStorePrivateKeyPassword: String,
-                             trustStore: KeyStore,
-                             crlCheckSoftFail: Boolean,
+                             private val amqpConfig: AMQPConfiguration,
                             sharedEventGroup: EventLoopGroup,
-                             private val artemis: ArtemisSessionProvider,
-                             private val maxMessageSize: Int) {
+                             private val artemis: ArtemisSessionProvider) {
        companion object {
            fun getBridgeName(queueName: String, hostAndPort: NetworkHostAndPort): String = "$queueName -> $hostAndPort"
            private val log = contextLogger()
        }

        private fun withMDC(block: () -> Unit) {
-            MDC.put("queueName", queueName)
-            MDC.put("target", target.toString())
-            MDC.put("bridgeName", bridgeName)
-            MDC.put("legalNames", legalNames.joinToString(separator = ";") { it.toString() })
-            MDC.put("maxMessageSize", maxMessageSize.toString())
-            block()
-            MDC.clear()
+            val oldMDC = MDC.getCopyOfContextMap()
+            try {
+                MDC.put("queueName", queueName)
+                MDC.put("target", target.toString())
+                MDC.put("bridgeName", bridgeName)
+                MDC.put("legalNames", legalNames.joinToString(separator = ";") { it.toString() })
+                MDC.put("maxMessageSize", amqpConfig.maxMessageSize.toString())
+                block()
+            } finally {
+                MDC.setContextMap(oldMDC)
+            }
        }

        private fun logDebugWithMDC(msg: () -> String) {
@ -97,7 +105,7 @@ class AMQPBridgeManager(config: NodeSSLConfiguration, private val maxMessageSize

        private fun logWarnWithMDC(msg: String) = withMDC { log.warn(msg) }

-        val amqpClient = AMQPClient(listOf(target), legalNames, PEER_USER, PEER_USER, keyStore, keyStorePrivateKeyPassword, trustStore, crlCheckSoftFail, sharedThreadPool = sharedEventGroup, maxMessageSize = maxMessageSize)
+        val amqpClient = AMQPClient(listOf(target), legalNames, amqpConfig, sharedThreadPool = sharedEventGroup)
        val bridgeName: String get() = getBridgeName(queueName, target)
        private val lock = ReentrantLock() // lock to serialise session level access
        private var session: ClientSession? = null
@ -149,8 +157,8 @@ class AMQPBridgeManager(config: NodeSSLConfiguration, private val maxMessageSize
        }

        private fun clientArtemisMessageHandler(artemisMessage: ClientMessage) {
-            if (artemisMessage.bodySize > maxMessageSize) {
-                logWarnWithMDC("Message exceeds maxMessageSize network parameter, maxMessageSize: [$maxMessageSize], message size: [${artemisMessage.bodySize}], " +
+            if (artemisMessage.bodySize > amqpConfig.maxMessageSize) {
+                logWarnWithMDC("Message exceeds maxMessageSize network parameter, maxMessageSize: [${amqpConfig.maxMessageSize}], message size: [${artemisMessage.bodySize}], " +
                        "dropping message, uuid: ${artemisMessage.getObjectProperty("_AMQ_DUPL_ID")}")
                // Ack the message to prevent same message being sent to us again.
                artemisMessage.acknowledge()
@ -198,7 +206,7 @@ class AMQPBridgeManager(config: NodeSSLConfiguration, private val maxMessageSize
        if (bridgeExists(getBridgeName(queueName, target))) {
            return
        }
-        val newBridge = AMQPBridge(queueName, target, legalNames, keyStore, keyStorePrivateKeyPassword, trustStore, crlCheckSoftFail, sharedEventLoopGroup!!, artemis!!, maxMessageSize)
+        val newBridge = AMQPBridge(queueName, target, legalNames, amqpConfig, sharedEventLoopGroup!!, artemis!!)
        lock.withLock {
            bridgeNameToBridgeMap[newBridge.bridgeName] = newBridge
        }
--- a/node-api/src/main/kotlin/net/corda/nodeapi/internal/protonwrapper/engine/ConnectionStateMachine.kt
+++ b/node-api/src/main/kotlin/net/corda/nodeapi/internal/protonwrapper/engine/ConnectionStateMachine.kt
@ -47,11 +47,15 @@ internal class ConnectionStateMachine(private val serverMode: Boolean,
    }

    private fun withMDC(block: () -> Unit) {
-        MDC.put("serverMode", serverMode.toString())
-        MDC.put("localLegalName", localLegalName)
-        MDC.put("remoteLegalName", remoteLegalName)
-        block()
-        MDC.clear()
+        val oldMDC = MDC.getCopyOfContextMap()
+        try {
+            MDC.put("serverMode", serverMode.toString())
+            MDC.put("localLegalName", localLegalName)
+            MDC.put("remoteLegalName", remoteLegalName)
+            block()
+        } finally {
+            MDC.setContextMap(oldMDC)
+        }
    }

    private fun logDebugWithMDC(msg: () -> String) {
--- a/node-api/src/main/kotlin/net/corda/nodeapi/internal/protonwrapper/engine/EventProcessor.kt
+++ b/node-api/src/main/kotlin/net/corda/nodeapi/internal/protonwrapper/engine/EventProcessor.kt
@ -41,11 +41,15 @@ internal class EventProcessor(channel: Channel,
    }

    private fun withMDC(block: () -> Unit) {
-        MDC.put("serverMode", serverMode.toString())
-        MDC.put("localLegalName", localLegalName)
-        MDC.put("remoteLegalName", remoteLegalName)
-        block()
-        MDC.clear()
+        val oldMDC = MDC.getCopyOfContextMap()
+        try {
+            MDC.put("serverMode", serverMode.toString())
+            MDC.put("localLegalName", localLegalName)
+            MDC.put("remoteLegalName", remoteLegalName)
+            block()
+        } finally {
+            MDC.setContextMap(oldMDC)
+        }
    }

    private fun logDebugWithMDC(msg: () -> String) {
--- a/node-api/src/main/kotlin/net/corda/nodeapi/internal/protonwrapper/netty/AMQPChannelHandler.kt
+++ b/node-api/src/main/kotlin/net/corda/nodeapi/internal/protonwrapper/netty/AMQPChannelHandler.kt
@ -23,6 +23,7 @@ import org.slf4j.MDC
 import java.net.InetSocketAddress
 import java.nio.channels.ClosedChannelException
 import java.security.cert.X509Certificate
+import javax.net.ssl.SSLException

 /**
 *  An instance of AMQPChannelHandler sits inside the netty pipeline and controls the socket level lifecycle.
@ -48,13 +49,17 @@ internal class AMQPChannelHandler(private val serverMode: Boolean,
    private var badCert: Boolean = false

    private fun withMDC(block: () -> Unit) {
-        MDC.put("serverMode", serverMode.toString())
-        MDC.put("remoteAddress", remoteAddress.toString())
-        MDC.put("localCert", localCert?.subjectDN?.toString())
-        MDC.put("remoteCert", remoteCert?.subjectDN?.toString())
-        MDC.put("allowedRemoteLegalNames", allowedRemoteLegalNames?.joinToString(separator = ";") { it.toString() })
-        block()
-        MDC.clear()
+        val oldMDC = MDC.getCopyOfContextMap()
+        try {
+            MDC.put("serverMode", serverMode.toString())
+            MDC.put("remoteAddress", remoteAddress.toString())
+            MDC.put("localCert", localCert?.subjectDN?.toString())
+            MDC.put("remoteCert", remoteCert?.subjectDN?.toString())
+            MDC.put("allowedRemoteLegalNames", allowedRemoteLegalNames?.joinToString(separator = ";") { it.toString() })
+            block()
+        } finally {
+            MDC.setContextMap(oldMDC)
+        }
    }

    private fun logDebugWithMDC(msg: () -> String) {
@ -129,9 +134,12 @@ internal class AMQPChannelHandler(private val serverMode: Boolean,
                createAMQPEngine(ctx)
                onOpen(Pair(ctx.channel() as SocketChannel, ConnectionChange(remoteAddress, remoteCert, true, false)))
            } else {
+                val cause = evt.cause()
                // This happens when the peer node is closed during SSL establishment.
-                if (evt.cause() is ClosedChannelException) {
+                if (cause is ClosedChannelException) {
                    logWarnWithMDC("SSL Handshake closed early.")
+                } else if (cause is SSLException && cause.message == "handshake timed out") { // Sadly the exception thrown by Netty wrapper requires that we check the message.
+                    logWarnWithMDC("SSL Handshake timed out")
                } else {
                    badCert = true
                }
--- a/node-api/src/main/kotlin/net/corda/nodeapi/internal/protonwrapper/netty/AMQPClient.kt
+++ b/node-api/src/main/kotlin/net/corda/nodeapi/internal/protonwrapper/netty/AMQPClient.kt
@ -19,7 +19,6 @@ import net.corda.nodeapi.internal.requireMessageSize
 import rx.Observable
 import rx.subjects.PublishSubject
 import java.lang.Long.min
-import java.security.KeyStore
 import java.util.concurrent.TimeUnit
 import java.util.concurrent.locks.ReentrantLock
 import javax.net.ssl.KeyManagerFactory
@ -35,15 +34,8 @@ import kotlin.concurrent.withLock
 */
 class AMQPClient(val targets: List<NetworkHostAndPort>,
                 val allowedRemoteLegalNames: Set<CordaX500Name>,
-                 private val userName: String?,
-                 private val password: String?,
-                 private val keyStore: KeyStore,
-                 private val keyStorePrivateKeyPassword: String,
-                 private val trustStore: KeyStore,
-                 private val crlCheckSoftFail: Boolean,
-                 private val trace: Boolean = false,
-                 private val sharedThreadPool: EventLoopGroup? = null,
-                 private val maxMessageSize: Int) : AutoCloseable {
+                 private val configuration: AMQPConfiguration,
+                 private val sharedThreadPool: EventLoopGroup? = null) : AutoCloseable {
    companion object {
        init {
            InternalLoggerFactory.setDefaultFactory(Slf4JLoggerFactory.INSTANCE)
@ -121,10 +113,11 @@ class AMQPClient(val targets: List<NetworkHostAndPort>,
    private class ClientChannelInitializer(val parent: AMQPClient) : ChannelInitializer<SocketChannel>() {
        private val keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm())
        private val trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm())
+        private val conf = parent.configuration

        init {
-            keyManagerFactory.init(parent.keyStore, parent.keyStorePrivateKeyPassword.toCharArray())
-            trustManagerFactory.init(initialiseTrustStoreAndEnableCrlChecking(parent.trustStore, parent.crlCheckSoftFail))
+            keyManagerFactory.init(conf.keyStore, conf.keyStorePrivateKeyPassword)
+            trustManagerFactory.init(initialiseTrustStoreAndEnableCrlChecking(conf.trustStore, conf.crlCheckSoftFail))
        }

        override fun initChannel(ch: SocketChannel) {
@ -132,12 +125,12 @@ class AMQPClient(val targets: List<NetworkHostAndPort>,
            val target = parent.currentTarget
            val handler = createClientSslHelper(target, keyManagerFactory, trustManagerFactory)
            pipeline.addLast("sslHandler", handler)
-            if (parent.trace) pipeline.addLast("logger", LoggingHandler(LogLevel.INFO))
+            if (conf.trace) pipeline.addLast("logger", LoggingHandler(LogLevel.INFO))
            pipeline.addLast(AMQPChannelHandler(false,
                    parent.allowedRemoteLegalNames,
-                    parent.userName,
-                    parent.password,
-                    parent.trace,
+                    conf.userName,
+                    conf.password,
+                    conf.trace,
                    {
                        parent.retryInterval = MIN_RETRY_INTERVAL // reset to fast reconnect if we connect properly
                        parent._onConnection.onNext(it.second)
@ -205,7 +198,7 @@ class AMQPClient(val targets: List<NetworkHostAndPort>,
                      topic: String,
                      destinationLegalName: String,
                      properties: Map<String, Any?>): SendableMessage {
-        requireMessageSize(payload.size, maxMessageSize)
+        requireMessageSize(payload.size, configuration.maxMessageSize)
        return SendableMessageImpl(payload, topic, destinationLegalName, currentTarget, properties)
    }

--- a/node-api/src/main/kotlin/net/corda/nodeapi/internal/protonwrapper/netty/AMQPConfiguration.kt
+++ b/node-api/src/main/kotlin/net/corda/nodeapi/internal/protonwrapper/netty/AMQPConfiguration.kt
@ -0,0 +1,59 @@
+package net.corda.nodeapi.internal.protonwrapper.netty
+
+import net.corda.nodeapi.internal.ArtemisMessagingComponent
+import java.security.KeyStore
+
+interface AMQPConfiguration {
+    /**
+     * SASL User name presented during protocol handshake. No SASL login if NULL.
+     * For legacy interoperability with Artemis authorisation we typically require this to be "PEER_USER"
+     */
+    @JvmDefault
+    val userName: String?
+        get() = ArtemisMessagingComponent.PEER_USER
+
+    /**
+     * SASL plain text password presented during protocol handshake. No SASL login if NULL.
+     * For legacy interoperability with Artemis authorisation we typically require this to be "PEER_USER"
+     */
+    @JvmDefault
+    val password: String?
+        get() = ArtemisMessagingComponent.PEER_USER
+
+    /**
+     * The keystore used for TLS connections
+     */
+    val keyStore: KeyStore
+
+    /**
+     * Password used to unlock TLS private keys in the KeyStore.
+     */
+    val keyStorePrivateKeyPassword: CharArray
+
+    /**
+     * The trust root KeyStore to validate the peer certificates against
+     */
+    val trustStore: KeyStore
+
+    /**
+     * Setting crlCheckSoftFail to true allows certificate paths where some leaf certificates do not contain cRLDistributionPoints
+     * and also allows validation to continue if the CRL distribution server is not contactable.
+     */
+    @JvmDefault
+    val crlCheckSoftFail: Boolean
+        get() = true
+
+    /**
+     * Enables full debug tracing of all netty and AMQP level packets. This logs aat very high volume and is only for developers.
+     */
+    @JvmDefault
+    val trace: Boolean
+        get() = false
+
+    /**
+     * The maximum allowed size for packets, which will be dropped ahead of send. In future may also be enforced on receive,
+     * but currently that is deferred to Artemis and the bridge code.
+     */
+    val maxMessageSize: Int
+}
+
--- a/node-api/src/main/kotlin/net/corda/nodeapi/internal/protonwrapper/netty/AMQPServer.kt
+++ b/node-api/src/main/kotlin/net/corda/nodeapi/internal/protonwrapper/netty/AMQPServer.kt
@ -23,7 +23,6 @@ import rx.Observable
 import rx.subjects.PublishSubject
 import java.net.BindException
 import java.net.InetSocketAddress
-import java.security.KeyStore
 import java.util.concurrent.ConcurrentHashMap
 import java.util.concurrent.locks.ReentrantLock
 import javax.net.ssl.KeyManagerFactory
@ -36,14 +35,7 @@ import kotlin.concurrent.withLock
 */
 class AMQPServer(val hostName: String,
                 val port: Int,
-                 private val userName: String?,
-                 private val password: String?,
-                 private val keyStore: KeyStore,
-                 private val keyStorePrivateKeyPassword: CharArray,
-                 private val trustStore: KeyStore,
-                 private val crlCheckSoftFail: Boolean,
-                 private val trace: Boolean = false,
-                 private val maxMessageSize: Int) : AutoCloseable {
+                 private val configuration: AMQPConfiguration) : AutoCloseable {

    companion object {
        init {
@ -62,36 +54,26 @@ class AMQPServer(val hostName: String,
    private var serverChannel: Channel? = null
    private val clientChannels = ConcurrentHashMap<InetSocketAddress, SocketChannel>()

-    constructor(hostName: String,
-                port: Int,
-                userName: String?,
-                password: String?,
-                keyStore: KeyStore,
-                keyStorePrivateKeyPassword: String,
-                trustStore: KeyStore,
-                crlCheckSoftFail: Boolean,
-                trace: Boolean = false,
-                maxMessageSize: Int) : this(hostName, port, userName, password, keyStore, keyStorePrivateKeyPassword.toCharArray(), trustStore, crlCheckSoftFail, trace, maxMessageSize)
-
    private class ServerChannelInitializer(val parent: AMQPServer) : ChannelInitializer<SocketChannel>() {
        private val keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm())
        private val trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm())
+        private val conf = parent.configuration

        init {
-            keyManagerFactory.init(parent.keyStore, parent.keyStorePrivateKeyPassword)
-            trustManagerFactory.init(initialiseTrustStoreAndEnableCrlChecking(parent.trustStore, parent.crlCheckSoftFail))
+            keyManagerFactory.init(conf.keyStore, conf.keyStorePrivateKeyPassword)
+            trustManagerFactory.init(initialiseTrustStoreAndEnableCrlChecking(conf.trustStore, conf.crlCheckSoftFail))
        }

        override fun initChannel(ch: SocketChannel) {
            val pipeline = ch.pipeline()
            val handler = createServerSslHelper(keyManagerFactory, trustManagerFactory)
            pipeline.addLast("sslHandler", handler)
-            if (parent.trace) pipeline.addLast("logger", LoggingHandler(LogLevel.INFO))
+            if (conf.trace) pipeline.addLast("logger", LoggingHandler(LogLevel.INFO))
            pipeline.addLast(AMQPChannelHandler(true,
                    null,
-                    parent.userName,
-                    parent.password,
-                    parent.trace,
+                    conf.userName,
+                    conf.password,
+                    conf.trace,
                    {
                        parent.clientChannels[it.first.remoteAddress()] = it.first
                        parent._onConnection.onNext(it.second)
@ -159,7 +141,7 @@ class AMQPServer(val hostName: String,
                      destinationLegalName: String,
                      destinationLink: NetworkHostAndPort,
                      properties: Map<String, Any?>): SendableMessage {
-        requireMessageSize(payload.size, maxMessageSize)
+        requireMessageSize(payload.size, configuration.maxMessageSize)
        val dest = InetSocketAddress(destinationLink.host, destinationLink.port)
        require(dest in clientChannels.keys) {
            "Destination not available"