geode-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF subversion and git services (Jira)" <>
Subject [jira] [Commented] (GEODE-7157) SSLConfigurationFactory and SSLConfig are NOT Thread-safe!
Date Tue, 05 Nov 2019 18:46:00 GMT


ASF subversion and git services commented on GEODE-7157:

Commit 9a6036b7cb266e43b5e583b443003a56f90eaca3 in geode's branch refs/heads/develop from
[;h=9a6036b ]

Revert "GEODE-7157: SSLConfigurationFactory thread-safe"

This reverts commit 649acd2d5c8711e40c160fc64bb7b55afddc12f3.

> SSLConfigurationFactory and SSLConfig are NOT Thread-safe!
> ----------------------------------------------------------
>                 Key: GEODE-7157
>                 URL:
>             Project: Geode
>          Issue Type: Bug
>          Components: configuration, core, security
>            Reporter: John Blum
>            Assignee: Alberto Gomez
>            Priority: Critical
>              Labels: affects-spring
>          Time Spent: 2h 50m
>  Remaining Estimate: 0h
> {{SSLConfig}} is a "_shared_" object (if you carefully analyze the {{SSLConfigurationFactory}}
class) and needs to be Thread-safe!!
> {{SSLConfigurationFactory}} does NOT properly guard all access points to the (once again)
"_shared_" {{registeredSSLConfig}} {{Map}} instance.  Furthermore, this class also uses an
non-Thread-safe {{Map}} implementation for {{registeredSSLConfig}}, i.e. {{HashMap}}, to "cache"
{{SSLConfig}} objects, which is "safe" iff "_all_" access to this "shared" {{registeredSSLConfig}}
{{Map}} instance is "{{synchronized}}", which it isn't (!!) ... e.g. {{SSLConfigurationFactory.close()}},
which subsequently calls {{clearSSLConfigForAllComponents()}}, which "_clears_" the {{registeredSSLConfig}}
{{Map}}.  Because it is not properly protected, it is possible to see stale state, especially
between tests!!!

This message was sent by Atlassian Jira

View raw message