zookeeper-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From GitBox <...@apache.org>
Subject [GitHub] [zookeeper] lvfangmin commented on a change in pull request #843: ZOOKEEPER-3296: Explicitly closing the sslsocket when it failed handshake to prevent issue where peers cannot join quorum
Date Mon, 11 Mar 2019 16:52:45 GMT
lvfangmin commented on a change in pull request #843: ZOOKEEPER-3296: Explicitly closing the
sslsocket when it failed handshake to prevent issue where peers cannot join quorum
URL: https://github.com/apache/zookeeper/pull/843#discussion_r264328572
 
 

 ##########
 File path: zookeeper-server/src/main/java/org/apache/zookeeper/server/quorum/QuorumCnxManager.java
 ##########
 @@ -648,17 +650,16 @@ synchronized private boolean connectOne(long sid, InetSocketAddress
electionAddr
         try {
             LOG.debug("Opening channel to server " + sid);
             if (self.isSslQuorum()) {
-                 SSLSocket sslSock = self.getX509Util().createSSLSocket();
-                 setSockOpts(sslSock);
-                 sslSock.connect(electionAddr, cnxTO);
-                 sslSock.startHandshake();
 
 Review comment:
   Yes. During exception handling in the existing code, it will check and only close if the
sock instance is not null.
   
   Previously, we only assign the sock instance when it finished handshake, which may leak
the connection in case if failed there after connection is created.

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services

Mime
View raw message