Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

8255148: Confusing log output: SSLSocket duplex close failed #4354

Closed
wants to merge 4 commits into from

Conversation

evwhelan
Copy link
Contributor

@evwhelan evwhelan commented Jun 4, 2021

Hi,

Please review my fix for JDK-8255148 which clarifies when an exception contains debug information only.

Regards,
Evan


Progress

  • Change must not contain extraneous whitespace
  • Commit message must refer to an issue
  • Change must be properly reviewed

Issue

  • JDK-8255148: Confusing log output: SSLSocket duplex close failed

Reviewers

Reviewing

Using git

Checkout this PR locally:
$ git fetch https://git.openjdk.java.net/jdk pull/4354/head:pull/4354
$ git checkout pull/4354

Update a local copy of the PR:
$ git checkout pull/4354
$ git pull https://git.openjdk.java.net/jdk pull/4354/head

Using Skara CLI tools

Checkout this PR locally:
$ git pr checkout 4354

View PR using the GUI difftool:
$ git pr show -t 4354

Using diff file

Download this PR as a diff file:
https://git.openjdk.java.net/jdk/pull/4354.diff

@bridgekeeper
Copy link

bridgekeeper bot commented Jun 4, 2021

👋 Welcome back ewhelan! A progress list of the required criteria for merging this PR into master will be added to the body of your pull request. There are additional pull request commands available for use with this pull request.

@openjdk openjdk bot added the rfr Pull request is ready for review label Jun 4, 2021
@openjdk
Copy link

openjdk bot commented Jun 4, 2021

@evwhelan The following label will be automatically applied to this pull request:

  • security

When this pull request is ready to be reviewed, an "RFR" email will be sent to the corresponding mailing list. If you would like to change these labels, use the /label pull request command.

@openjdk openjdk bot added the security security-dev@openjdk.org label Jun 4, 2021
@mlbridge
Copy link

mlbridge bot commented Jun 4, 2021

Webrevs

@@ -587,7 +587,7 @@ public void close() throws IOException {
} catch (IOException ioe) {
// ignore the exception
if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
SSLLogger.warning("SSLSocket duplex close failed", ioe);
SSLLogger.warning("SSLSocket duplex close failed. Debug info only. Exception details:", ioe);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If this is a debug message, shouldn't we just use SSLLogger.fine() instead of SSLLogger.warning(), with the same message "SSLSocket duplex close failed"? @coffeys what do you think?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@seanjmullan - It's the exception stacktrace printed after the message that's causing issue for some. Some are reading it as a JDK functionality issue (when it's not)

I've no strong preference whether this should be printed at warning() or fine() level. That granularity is largely broken since JDK 11 - people need to use -Djavax.net.debug=all to get any reasonable amount of data. It would be good to see https://bugs.openjdk.java.net/browse/JDK-8044609 worked on.

I think the patch looks ok as ie. Evan has fixed up some issues with the test - we should expect a new version shortly.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi @seanjmullan @coffeys

I also don't have a logging level preference, so if there's merit to changing it, I'll be happy to do so.
I've updated the test case and verified it passes on all platforms.

Looking forward to any further feedback :)

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ok, It sounds like whether it should be a different logging level (fine) or not can be handled separately as part of a more global effort across other SSL logging messages. So I am ok with the change as-is.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks Sean!

@openjdk
Copy link

openjdk bot commented Jun 9, 2021

@evwhelan This change now passes all automated pre-integration checks.

ℹ️ This project also has non-automated pre-integration requirements. Please see the file CONTRIBUTING.md for details.

After integration, the commit message for the final commit will be:

8255148: Confusing log output: SSLSocket duplex close failed

Reviewed-by: mullan

You can use pull request commands such as /summary, /contributor and /issue to adjust it as needed.

At the time when this comment was updated there had been 213 new commits pushed to the master branch:

As there are no conflicts, your changes will automatically be rebased on top of these commits when integrating. If you prefer to avoid this automatic rebasing, please check the documentation for the /integrate command for further details.

As you do not have Committer status in this project an existing Committer must agree to sponsor your change. Possible candidates are the reviewers of this PR (@seanjmullan) but any other Committer may sponsor as well.

➡️ To flag this PR as ready for integration with the above commit message, type /integrate in a new comment. (Afterwards, your sponsor types /sponsor in a new comment to perform the integration).

@openjdk openjdk bot added the ready Pull request is ready to be integrated label Jun 9, 2021
@evwhelan
Copy link
Contributor Author

evwhelan commented Jun 9, 2021

/integrate

@openjdk openjdk bot added the sponsor Pull request is ready to be sponsored label Jun 9, 2021
@openjdk
Copy link

openjdk bot commented Jun 9, 2021

@evwhelan
Your change (at version c4ad5ab) is now ready to be sponsored by a Committer.

@seanjmullan
Copy link
Member

/sponsor

@openjdk openjdk bot closed this Jun 9, 2021
@openjdk openjdk bot added integrated Pull request has been integrated and removed sponsor Pull request is ready to be sponsored ready Pull request is ready to be integrated rfr Pull request is ready for review labels Jun 9, 2021
@openjdk
Copy link

openjdk bot commented Jun 9, 2021

@seanjmullan @evwhelan Since your change was applied there have been 213 commits pushed to the master branch:

Your commit was automatically rebased without conflicts.

Pushed as commit 408e0a9.

💡 You may see a message that your pull request was closed with unmerged commits. This can be safely ignored.

@@ -1329,7 +1329,7 @@ public void close() throws IOException {
} catch (IOException ioe) {
// ignore the exception
if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
SSLLogger.warning("output stream close failed", ioe);
SSLLogger.warning("output stream close failed. Debug info only. Exception details:", ioe);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I may look at this bug report different. It is a problem that the user does not understand the debug log properly. Debug log is for debug information only, and the debug log level indicates the level of the message.

It looks like there is too much duplicated information. A log message has already indicated that the message is debug information only. Otherwise, exception should has been thrown in application level. The adding of "Exception details:" adds unnecessary dependency of the exception logging format.

It may be fine to keep it unchanged, as if the users understand the logging message and logging levels. This kind of information normally means there is something that an application should take care of. That why we use a warning level log, rather than a fine level log message.

It we really want an update, may be we could have a documentation enhancement instead.

Similar comments for other update.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry that I did not have my comment earlier, and while I was typing the comment the update was integrated. Please just ignore this comment.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
integrated Pull request has been integrated security security-dev@openjdk.org
4 participants