New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Validate SslContext
thoroughly
#2124
Conversation
Motivation: In some case, servers can start with miss-configured `SslContext` and fail when users request ssl/tls connections. If servers refuse to start in that case, users can fix their configuration before severs start. Modifications: Add `VirtualHostBuilder.validateSslContext()` Result: Fixes line#1844
Hello, here is my draft.
Thank you in advance 🙇♂️ |
One more question, |
@jyblue wrote:
I think so. If not, we can add more checks later.
You have to try to reproduce the problem with 1) a PEM format private key and 2) OpenSSL enabled (which is enabled by default, but you'll have to check using
I don't think it has any security implication if you used a self-signed certificate and if it's not encrypted with your personal password. 😄 |
We have validation of created contexts here I think the new checks here look the same as what we do so maybe they don't help with the issue. I guess we need to reproduce the error case we first to know for sure. |
@anuraaga Thanks for good hint. I think I found the reason. Line 500 in 45c1633
If steps reproduced,
I will write a test case to reproduce it. |
Thanks @jyblue! Looks like we are going into the right direction. Please keep us posted. |
Codecov Report
@@ Coverage Diff @@
## master #2124 +/- ##
============================================
- Coverage 73.59% 73.56% -0.03%
+ Complexity 9571 9567 -4
============================================
Files 837 837
Lines 36836 36863 +27
Branches 4543 4547 +4
============================================
+ Hits 27108 27119 +11
- Misses 7402 7421 +19
+ Partials 2326 2323 -3
Continue to review full report at Codecov.
|
Hello, here is my research and code updated. PTAL 😀 Test conclusion Internal cause Validation
Note FYI |
Please remove the WIP status if it's ready for reviews. 😉 |
core/src/main/java/com/linecorp/armeria/server/VirtualHostBuilder.java
Outdated
Show resolved
Hide resolved
core/src/main/java/com/linecorp/armeria/server/VirtualHostBuilder.java
Outdated
Show resolved
Hide resolved
core/src/main/java/com/linecorp/armeria/server/VirtualHostBuilder.java
Outdated
Show resolved
Hide resolved
core/src/main/java/com/linecorp/armeria/server/VirtualHostBuilder.java
Outdated
Show resolved
Hide resolved
core/src/main/java/com/linecorp/armeria/server/VirtualHostBuilder.java
Outdated
Show resolved
Hide resolved
core/src/test/java/com/linecorp/armeria/server/ServerTlsTest.java
Outdated
Show resolved
Hide resolved
core/src/test/java/com/linecorp/armeria/server/ServerTlsTest.java
Outdated
Show resolved
Hide resolved
core/src/test/java/com/linecorp/armeria/server/ServerTlsTest.java
Outdated
Show resolved
Hide resolved
core/src/test/java/com/linecorp/armeria/server/ServerTlsTest.java
Outdated
Show resolved
Hide resolved
core/src/test/java/com/linecorp/armeria/server/ServerTlsTest.java
Outdated
Show resolved
Hide resolved
You also have to release the two
|
Here is my update.
|
It seems |
core/src/test/java/com/linecorp/armeria/server/ServerTlsValidationTest.java
Show resolved
Hide resolved
`VirtualHost.validateSslContext()` * Remove the `validateSslContext()` call from VirtualHost's constructor. * Add `SSLException` exception to method signature `ServerBuilder.tls(SslContext)` `VirtualHostBuilder.tls(SslContext)` * Update javadoc on `testJksKeyStoreWithNullPassword()` test case * Remove deprecated method `ServerBuilder.sslContext(sslContext)` `ServerBuilder.sslContext(protocol, keyCertChainFile, keyFile)` `ServerBuilder.sslContext(protocol, keyCertChainFile, keyFile, keyPassword)` `VirtualHostBuilder.sslContext(sslContext)` `VirtualHostBuilder.sslContext(protocol, keyCertChainFile, keyFile)` `VirtualHostBuilder.sslContext(protocol, keyCertChainFile, keyFile, keyPassword)`
Thank you for review, again. Here is my update. I fixed items from previous review
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks a lot for your work! 🙇
core/src/main/java/com/linecorp/armeria/server/VirtualHost.java
Outdated
Show resolved
Hide resolved
core/src/main/java/com/linecorp/armeria/server/VirtualHost.java
Outdated
Show resolved
Hide resolved
core/src/main/java/com/linecorp/armeria/server/VirtualHost.java
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just one nit. Nice work, @jyblue! 👍
core/src/main/java/com/linecorp/armeria/server/VirtualHostBuilder.java
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks, Great job!
core/src/main/java/com/linecorp/armeria/server/VirtualHostBuilder.java
Outdated
Show resolved
Hide resolved
core/src/main/java/com/linecorp/armeria/server/VirtualHostBuilder.java
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks a lot, @jyblue!
Nice work, @jyblue! I've updated the PR description and commit message for you. 😉 |
Motivation: In some case, a server can start with a misconfigured `SslContext` and fail when the serving its first request. If a server refuses to start in such a case, users could fix their configuration problem at an earlier stage with much less confusion. Modifications: - Move `VirtualHost.validateSslContext()` to `VirtualHostBuilder` - Make an actual `SslEngine` with the given `SslContext` and perform an initial handshake to trigger most configuration issues. - Add `throws SSLException` to `tls()` builder methods. - Remove the deprecated `sslContext()` methods. Result: - Fixes line#1844 - (Breaking) `tls()` now throws a checked `SSLException`. - (Breaking) `sslContext()` methods, previously deprecated, have been removed.
Motivation: In some case, a server can start with a misconfigured `SslContext` and fail when the serving its first request. If a server refuses to start in such a case, users could fix their configuration problem at an earlier stage with much less confusion. Modifications: - Move `VirtualHost.validateSslContext()` to `VirtualHostBuilder` - Make an actual `SslEngine` with the given `SslContext` and perform an initial handshake to trigger most configuration issues. - Add `throws SSLException` to `tls()` builder methods. - Remove the deprecated `sslContext()` methods. Result: - Fixes line#1844 - (Breaking) `tls()` now throws a checked `SSLException`. - (Breaking) `sslContext()` methods, previously deprecated, have been removed.
Motivation:
In some case, a server can start with a misconfigured
SslContext
andfail when the serving its first request. If a server refuses to start
in such a case, users could fix their configuration problem at an earlier
stage with much less confusion.
Modifications:
VirtualHost.validateSslContext()
toVirtualHostBuilder
SslEngine
with the givenSslContext
and performan initial handshake to trigger most configuration issues.
throws SSLException
totls()
builder methods.sslContext()
methods.Result:
tls()
now throws a checkedSSLException
.sslContext()
methods, previously deprecated, have beenremoved.