svn commit: r1850506 - in /tomcat/trunk: java/org/apache/catalina/tribes/group/interceptors/ test/org/apache/catalina/tribes/group/interceptors/ webapps/docs/config/

Sat, 05 Jan 2019 12:04:28 -0800 

Author: schultz
Date: Sat Jan  5 20:03:49 2019
New Revision: 1850506

URL: http://svn.apache.org/viewvc?rev=1850506&view=rev
Log:
Document that EncryptInterceptor must be upstream of TcpFailureDetector.
Check on channel-start that these interceptors are in the appropriate order.

Modified:
    
tomcat/trunk/java/org/apache/catalina/tribes/group/interceptors/EncryptInterceptor.java
    
tomcat/trunk/java/org/apache/catalina/tribes/group/interceptors/LocalStrings.properties
    
tomcat/trunk/test/org/apache/catalina/tribes/group/interceptors/TestEncryptInterceptor.java
    tomcat/trunk/webapps/docs/config/cluster-interceptor.xml

Modified: 
tomcat/trunk/java/org/apache/catalina/tribes/group/interceptors/EncryptInterceptor.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/tribes/group/interceptors/EncryptInterceptor.java?rev=1850506&r1=1850505&r2=1850506&view=diff
==============================================================================
--- 
tomcat/trunk/java/org/apache/catalina/tribes/group/interceptors/EncryptInterceptor.java
 (original)
+++ 
tomcat/trunk/java/org/apache/catalina/tribes/group/interceptors/EncryptInterceptor.java
 Sat Jan  5 20:03:49 2019
@@ -31,6 +31,7 @@ import javax.crypto.spec.SecretKeySpec;
 
 import org.apache.catalina.tribes.Channel;
 import org.apache.catalina.tribes.ChannelException;
+import org.apache.catalina.tribes.ChannelInterceptor;
 import org.apache.catalina.tribes.ChannelMessage;
 import org.apache.catalina.tribes.Member;
 import org.apache.catalina.tribes.group.ChannelInterceptorBase;
@@ -72,6 +73,8 @@ public class EncryptInterceptor extends
 
     @Override
     public void start(int svc) throws ChannelException {
+        validateChannelChain();
+
         if(Channel.SND_TX_SEQ == (svc & Channel.SND_TX_SEQ)) {
             try {
                 encryptionManager = 
createEncryptionManager(getEncryptionAlgorithm(),
@@ -85,6 +88,16 @@ public class EncryptInterceptor extends
         super.start(svc);
     }
 
+    private void validateChannelChain() throws ChannelException {
+        ChannelInterceptor interceptor = getPrevious();
+        while(null != interceptor) {
+            if(interceptor instanceof TcpFailureDetector)
+                throw new 
ChannelConfigException(sm.getString("encryptInterceptor.tcpFailureDetector.ordering"));
+
+            interceptor = interceptor.getPrevious();
+        }
+    }
+
     @Override
     public void stop(int svc) throws ChannelException {
         if(Channel.SND_TX_SEQ == (svc & Channel.SND_TX_SEQ)) {
@@ -613,4 +626,14 @@ public class EncryptInterceptor extends
             return null;
         }
     }
+
+    static class ChannelConfigException
+        extends ChannelException
+    {
+        private static final long serialVersionUID = 1L;
+
+        public ChannelConfigException(String message) {
+            super(message);
+        }
+    }
 }

Modified: 
tomcat/trunk/java/org/apache/catalina/tribes/group/interceptors/LocalStrings.properties
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/tribes/group/interceptors/LocalStrings.properties?rev=1850506&r1=1850505&r2=1850506&view=diff
==============================================================================
--- 
tomcat/trunk/java/org/apache/catalina/tribes/group/interceptors/LocalStrings.properties
 [UTF-8] (original)
+++ 
tomcat/trunk/java/org/apache/catalina/tribes/group/interceptors/LocalStrings.properties
 [UTF-8] Sat Jan  5 20:03:49 2019
@@ -23,6 +23,7 @@ encryptInterceptor.decrypt.failed=Failed
 encryptInterceptor.encrypt.failed=Failed to encrypt message
 encryptInterceptor.init.failed=Failed to initialize EncryptInterceptor
 encryptInterceptor.key.required=Encryption key is required
+encryptInterceptor.tcpFailureDetector.ordering=EncryptInterceptor must be 
upstream of TcpFailureDetector. Please re-order EncryptInterceptor to be listed 
before TcpFailureDetector in your channel interceptor pipeline. 
 
 fragmentationInterceptor.fragments.missing=Fragments are missing.
 fragmentationInterceptor.heartbeat.failed=Unable to perform heartbeat clean up 
in the frag interceptor

Modified: 
tomcat/trunk/test/org/apache/catalina/tribes/group/interceptors/TestEncryptInterceptor.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/catalina/tribes/group/interceptors/TestEncryptInterceptor.java?rev=1850506&r1=1850505&r2=1850506&view=diff
==============================================================================
--- 
tomcat/trunk/test/org/apache/catalina/tribes/group/interceptors/TestEncryptInterceptor.java
 (original)
+++ 
tomcat/trunk/test/org/apache/catalina/tribes/group/interceptors/TestEncryptInterceptor.java
 Sat Jan  5 20:03:49 2019
@@ -224,7 +224,7 @@ public class TestEncryptInterceptor {
     }
 
     @Test
-    @Ignore("ECB mode isn't because it's insecure")
+    @Ignore("ECB mode isn't implemented because it's insecure")
     public void testECB() throws Exception {
         src.setEncryptionAlgorithm("AES/ECB/PKCS5Padding");
         src.start(Channel.SND_TX_SEQ);
@@ -429,6 +429,23 @@ public class TestEncryptInterceptor {
             Assert.assertArrayEquals("Message is corrupted", message, bytes);
     }
 
+    @Test
+    public void testTcpFailureDetectorDetection() {
+        src.setPrevious(new TcpFailureDetector());
+
+        try {
+            src.start(Channel.SND_TX_SEQ);
+            Assert.fail("EncryptInterceptor should detect TcpFailureDetector 
and throw an error");
+        } catch (EncryptInterceptor.ChannelConfigException cce) {
+            // Expected behavior
+        } catch (AssertionError ae) {
+            // This is the junit assertion being thrown
+            throw ae;
+        } catch (Throwable t) {
+            Assert.fail("EncryptionInterceptor should throw 
ChannelConfigException, not " + t.getClass().getName());
+        }
+    }
+
     /**
      * Interceptor that delivers directly to a destination.
      */

Modified: tomcat/trunk/webapps/docs/config/cluster-interceptor.xml
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/config/cluster-interceptor.xml?rev=1850506&r1=1850505&r2=1850506&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/config/cluster-interceptor.xml (original)
+++ tomcat/trunk/webapps/docs/config/cluster-interceptor.xml Sat Jan  5 
20:03:49 2019
@@ -202,6 +202,17 @@
      The EncryptInterceptor adds encryption to the channel messages carrying
      session data between nodes. Added in Tomcat 9.0.13.
    </p>
+   <p>
+     If using the <code>TcpFailureDetector</code>, the 
<code>EncryptInterceptor</code>
+     <i>must</i> be inserted into the interceptor chain <i>before</i> the
+     <code>TcpFailureDetector</code>. This is becuase when validating cluster
+     members, <code>TcpFailureDetector</code> writes channel data directly
+     to the other members without using the remainder of the interceptor chain,
+     but on the receiving side, the message still goes through the chain (in 
reverse).
+     Because of this asymmetry, the <code>EncryptInterceptor</code> must 
execute
+     <i>before</i> the <code>TcpFailureDetector</code> on the sender and 
<i>after</i>
+     it on the receiver, otherwise message corruption will occur.
+   </p>
    <attributes>
      <attribute name="encryptionAlgorithm" required="false">
        The encryption algorithm to be used, including the mode and padding. 
Please see



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to