Return-Path: X-Original-To: apmail-tinkerpop-commits-archive@minotaur.apache.org Delivered-To: apmail-tinkerpop-commits-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id F1ADB181A5 for ; Thu, 8 Oct 2015 19:08:03 +0000 (UTC) Received: (qmail 51688 invoked by uid 500); 8 Oct 2015 19:08:03 -0000 Delivered-To: apmail-tinkerpop-commits-archive@tinkerpop.apache.org Received: (qmail 51663 invoked by uid 500); 8 Oct 2015 19:08:03 -0000 Mailing-List: contact commits-help@tinkerpop.incubator.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@tinkerpop.incubator.apache.org Delivered-To: mailing list commits@tinkerpop.incubator.apache.org Received: (qmail 51654 invoked by uid 99); 8 Oct 2015 19:08:03 -0000 Received: from Unknown (HELO spamd3-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 08 Oct 2015 19:08:03 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd3-us-west.apache.org (ASF Mail Server at spamd3-us-west.apache.org) with ESMTP id 3AE1A180E0D for ; Thu, 8 Oct 2015 19:08:03 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd3-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: 1.771 X-Spam-Level: * X-Spam-Status: No, score=1.771 tagged_above=-999 required=6.31 tests=[KAM_ASCII_DIVIDERS=0.8, KAM_LAZY_DOMAIN_SECURITY=1, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, T_RP_MATCHES_RCVD=-0.01, URIBL_BLOCKED=0.001] autolearn=disabled Received: from mx1-us-west.apache.org ([10.40.0.8]) by localhost (spamd3-us-west.apache.org [10.40.0.10]) (amavisd-new, port 10024) with ESMTP id HJa-Af_jgOKs for ; Thu, 8 Oct 2015 19:07:56 +0000 (UTC) Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by mx1-us-west.apache.org (ASF Mail Server at mx1-us-west.apache.org) with SMTP id 1AD1A20F7B for ; Thu, 8 Oct 2015 19:07:56 +0000 (UTC) Received: (qmail 51551 invoked by uid 99); 8 Oct 2015 19:07:55 -0000 Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 08 Oct 2015 19:07:55 +0000 Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33) id C8C1CE0BED; Thu, 8 Oct 2015 19:07:55 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: spmallette@apache.org To: commits@tinkerpop.incubator.apache.org Date: Thu, 08 Oct 2015 19:07:55 -0000 Message-Id: <1b7dc102a5654017abcdd35d25abc981@git.apache.org> X-Mailer: ASF-Git Admin Mailer Subject: [1/2] incubator-tinkerpop git commit: Fixed problem where driver would hang if ssl was enabled on server but not client. Repository: incubator-tinkerpop Updated Branches: refs/heads/tp30 7a252de40 -> d13c2d047 Fixed problem where driver would hang if ssl was enabled on server but not client. Project: http://git-wip-us.apache.org/repos/asf/incubator-tinkerpop/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-tinkerpop/commit/efe27cd7 Tree: http://git-wip-us.apache.org/repos/asf/incubator-tinkerpop/tree/efe27cd7 Diff: http://git-wip-us.apache.org/repos/asf/incubator-tinkerpop/diff/efe27cd7 Branch: refs/heads/tp30 Commit: efe27cd74a2796ddb5b24ac8d8655d8279fe2e58 Parents: 3f94580 Author: Stephen Mallette Authored: Thu Oct 8 15:06:52 2015 -0400 Committer: Stephen Mallette Committed: Thu Oct 8 15:06:52 2015 -0400 ---------------------------------------------------------------------- .../tinkerpop/gremlin/driver/Channelizer.java | 10 ++++++++-- .../server/GremlinServerAuthIntegrateTest.java | 20 ++++++++++++++++++++ 2 files changed, 28 insertions(+), 2 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-tinkerpop/blob/efe27cd7/gremlin-driver/src/main/java/org/apache/tinkerpop/gremlin/driver/Channelizer.java ---------------------------------------------------------------------- diff --git a/gremlin-driver/src/main/java/org/apache/tinkerpop/gremlin/driver/Channelizer.java b/gremlin-driver/src/main/java/org/apache/tinkerpop/gremlin/driver/Channelizer.java index 3adced1..36d8eda 100644 --- a/gremlin-driver/src/main/java/org/apache/tinkerpop/gremlin/driver/Channelizer.java +++ b/gremlin-driver/src/main/java/org/apache/tinkerpop/gremlin/driver/Channelizer.java @@ -22,6 +22,7 @@ import io.netty.channel.Channel; import io.netty.handler.codec.http.websocketx.CloseWebSocketFrame; import io.netty.handler.ssl.SslContextBuilder; import io.netty.handler.ssl.util.InsecureTrustManagerFactory; +import org.apache.tinkerpop.gremlin.driver.exception.ConnectionException; import org.apache.tinkerpop.gremlin.driver.handler.NioGremlinRequestEncoder; import org.apache.tinkerpop.gremlin.driver.handler.NioGremlinResponseDecoder; import org.apache.tinkerpop.gremlin.driver.handler.WebSocketClientHandler; @@ -44,6 +45,7 @@ import java.io.File; import java.util.Optional; import java.util.UUID; import java.util.concurrent.ConcurrentMap; +import java.util.concurrent.TimeUnit; /** * Client-side channel initializer interface. It is responsible for constructing the Netty {@code ChannelPipeline} @@ -194,9 +196,13 @@ public interface Channelizer extends ChannelHandler { @Override public void connected() { try { - handler.handshakeFuture().sync(); + // block for a few seconds - if the handshake takes longer than there's gotta be issues with that + // server. more than likely, SSL is enabled on the server, but the client forgot to enable it or + // perhaps the server is not configured for websockets. + handler.handshakeFuture().get(15000, TimeUnit.MILLISECONDS); } catch (Exception ex) { - throw new RuntimeException(ex); + throw new RuntimeException(new ConnectionException(connection.getUri(), + "Could not complete websocket handshake - ensure that client protocol matches server", ex)); } } } http://git-wip-us.apache.org/repos/asf/incubator-tinkerpop/blob/efe27cd7/gremlin-server/src/test/java/org/apache/tinkerpop/gremlin/server/GremlinServerAuthIntegrateTest.java ---------------------------------------------------------------------- diff --git a/gremlin-server/src/test/java/org/apache/tinkerpop/gremlin/server/GremlinServerAuthIntegrateTest.java b/gremlin-server/src/test/java/org/apache/tinkerpop/gremlin/server/GremlinServerAuthIntegrateTest.java index 7f6c3bf..2cfa2fe 100644 --- a/gremlin-server/src/test/java/org/apache/tinkerpop/gremlin/server/GremlinServerAuthIntegrateTest.java +++ b/gremlin-server/src/test/java/org/apache/tinkerpop/gremlin/server/GremlinServerAuthIntegrateTest.java @@ -29,6 +29,8 @@ import org.junit.Test; import java.util.HashMap; import java.util.Map; +import java.util.concurrent.TimeoutException; + import org.apache.tinkerpop.gremlin.driver.ser.Serializers; import static org.hamcrest.CoreMatchers.startsWith; @@ -60,6 +62,7 @@ public class GremlinServerAuthIntegrateTest extends AbstractGremlinServerIntegra final String nameOfTest = name.getMethodName(); switch (nameOfTest) { case "shouldAuthenticateOverSslWithPlainText": + case "shouldFailIfSslEnabledOnServerButNotClient": final Settings.SslSettings sslConfig = new Settings.SslSettings(); sslConfig.enabled = true; settings.ssl = sslConfig; @@ -70,6 +73,23 @@ public class GremlinServerAuthIntegrateTest extends AbstractGremlinServerIntegra } @Test + public void shouldFailIfSslEnabledOnServerButNotClient() throws Exception { + final Cluster cluster = Cluster.build().create(); + final Client client = cluster.connect(); + + try { + client.submit("1+1").all().get(); + fail("This should not succeed as the client did not enable SSL"); + } catch(Exception ex) { + final Throwable root = ExceptionUtils.getRootCause(ex); + assertEquals(TimeoutException.class, root.getClass()); + assertEquals("Timed out waiting for an available host.", root.getMessage()); + } finally { + cluster.close(); + } + } + + @Test public void shouldAuthenticateWithPlainText() throws Exception { final Cluster cluster = Cluster.build().credentials("stephen", "password").create(); final Client client = cluster.connect();