Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Resolving the TLS url issue #459

Merged
merged 3 commits into from
Jun 27, 2024
Merged

Resolving the TLS url issue #459

merged 3 commits into from
Jun 27, 2024

Conversation

limbooverlambda
Copy link
Contributor

@limbooverlambda limbooverlambda commented Jun 17, 2024
edited
Loading

While running the client we are running into issues where the client fails to connect to a TLS enabled PD endpoint with the error:

[WARN] [config_logging.go:287] ["rejected connection"] [remote-addr="[addr]:port"] [server-name=] [error="tls: first record does not look like a TLS handshake"]

Digging into the code, the problem seems to stem from the following logic in the client (

client-rust/src/common/security.rs

Line 80 in c6110dd

 let addr = "http://".to_string() + &SCHEME_REG.replace(addr, ""); 
)
let addr = "http://".to_string() + &SCHEME_REG.replace(addr, "");

info!("connect to rpc server at endpoint: {:?}", addr);

let mut builder = Channel::from_shared(addr)?
    .tcp_keepalive(Some(Duration::from_secs(10)))
    .keep_alive_timeout(Duration::from_secs(3));

Here SCHEME_REG is the regex to find "https" in the prefix of the address (

client-rust/src/common/security.rs

Line 19 in c6110dd

 lazy_static::lazy_static! { 
).
lazy_static::lazy_static! {
    static ref SCHEME_REG: Regex = Regex::new(r"^\s*(https?://)").unwrap();
}

This is a problem during the ssl handshake since the server is not acknowledging the requests sent to an addressed prefixed with "http" instead of "https". Adding the logic to handle these variations.

@limbooverlambda
resolving the url issue
d52fcf4 
Signed-off-by: limbooverlambda <schakra1@gmail.com>
@limbooverlambda limbooverlambda mentioned this pull request Jun 17, 2024
Closed
@pingyu
Copy link
Collaborator

pingyu commented Jun 22, 2024

@limbooverlambda

Thanks for your contribution !

Please fix the error of "make check" in CI.

Rest LGTM~

@limbooverlambda
fix formatting
a9bfa35 
Signed-off-by: limbooverlambda <schakra1@gmail.com>
@limbooverlambda
Copy link
Contributor Author

@limbooverlambda

Thanks for your contribution !

Please fix the error of "make check" in CI.

Rest LGTM~

Thanks @pingyu . I fixed the issues with the formatting.

@limbooverlambda
make check fixes
cd9bd29 
Signed-off-by: limbooverlambda <schakra1@gmail.com>
pingyu
pingyu approved these changes Jun 27, 2024
View reviewed changes
Copy link
Collaborator

@pingyu pingyu left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM~

@pingyu pingyu merged commit ec8dbcc into tikv:master Jun 27, 2024
4 checks passed
@BlueSialia BlueSialia mentioned this pull request Oct 10, 2024
Open
2 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pingyu pingyu pingyu approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@limbooverlambda @pingyu