From dev-return-75585-archive-asf-public=cust-asf.ponee.io@zookeeper.apache.org Tue Nov 6 19:12:35 2018 Return-Path: X-Original-To: archive-asf-public@cust-asf.ponee.io Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by mx-eu-01.ponee.io (Postfix) with SMTP id 946BD180658 for ; Tue, 6 Nov 2018 19:12:34 +0100 (CET) Received: (qmail 98387 invoked by uid 500); 6 Nov 2018 18:12:33 -0000 Mailing-List: contact dev-help@zookeeper.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@zookeeper.apache.org Delivered-To: mailing list dev@zookeeper.apache.org Received: (qmail 98375 invoked by uid 99); 6 Nov 2018 18:12:32 -0000 Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 06 Nov 2018 18:12:32 +0000 Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33) id B37CDE09EE; Tue, 6 Nov 2018 18:12:32 +0000 (UTC) From: ivmaykov To: dev@zookeeper.apache.org Reply-To: dev@zookeeper.apache.org References: In-Reply-To: Subject: [GitHub] zookeeper pull request #679: ZOOKEEPER-3172: Quorum TLS - fix port unificati... Content-Type: text/plain Message-Id: <20181106181232.B37CDE09EE@git1-us-west.apache.org> Date: Tue, 6 Nov 2018 18:12:32 +0000 (UTC) GitHub user ivmaykov reopened a pull request: https://github.com/apache/zookeeper/pull/679 ZOOKEEPER-3172: Quorum TLS - fix port unification to allow rolling upgrades Fix numerous problems with UnifiedServerSocket, such as hanging the accept() thread when the client doesn't send any data or crashing if less than 5 bytes are read from the socket in the initial read. Re-enable the "portUnification" config option. Note that this is stacked on top of #678 and thus includes it. Please only consider the ZOOKEEPER-3172 commit when reviewing. Once the other PR is merged upstream, I will rebase this so it only contains one commit. ## Fixed networking issues/bugs in UnifiedServerSocket - don't crash the `accept()` thread if the client closes the connection without sending any data - don't corrupt the connection if the client sends fewer than 5 bytes for the initial read - delay the detection of TLS vs. plaintext mode until a socket stream is read from or written to. This prevents the `accept()` thread from getting blocked on a `read()` operation from the newly connected socket. - prepending 5 bytes to `PrependableSocket` and then trying to read >5 bytes would only return the first 5 bytes, even if more bytes were available. This is fixed. You can merge this pull request into a Git repository by running: $ git pull https://github.com/ivmaykov/zookeeper ZOOKEEPER-3172 Alternatively you can review and apply these changes as the patch at: https://github.com/apache/zookeeper/pull/679.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #679 ---- commit 2122c8c23a0dbb27f9b2aff55e800e48d253f943 Author: Ilya Maykov Date: 2018-10-25T00:41:48Z ZOOKEEPER-3173: Quorum TLS - support PEM trust/key stores ZOOKEEPER-3175: Quorum TLS - test improvements Add support for loading key and trust stores from PEM files. Also added test utils for testing X509-related code, because it was very difficult to untangle them from the PEM support code. commit 514d48a26aeeca37290ad14ff8f0cdae69b53eb2 Author: Ilya Maykov Date: 2018-10-25T01:22:24Z ZOOKEEPER-3172: Quorum TLS - fix port unification to allow rolling upgrades ---- ---