[cassandra] branch trunk updated: FBUtilities.getJustLocalAddress falls back to lo ip on misconfigured nodes

Tue, 07 Jul 2020 02:32:33 -0700 

This is an automated email from the ASF dual-hosted git repository.

mck pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/cassandra.git


The following commit(s) were added to refs/heads/trunk by this push:
     new 4654ef0  FBUtilities.getJustLocalAddress falls back to lo ip on 
misconfigured nodes
4654ef0 is described below

commit 4654ef09c1d3736e0b50e8d5756664cbf9e4ca84
Author: Bereng <berenguerbl...@gmail.com>
AuthorDate: Thu Jul 2 17:44:22 2020 +0200

    FBUtilities.getJustLocalAddress falls back to lo ip on misconfigured nodes
    
     patch by Berenguer Blasi; reviewed by Robert Stupp, Mick Semb Wever for 
CASSANDRA-15901
---
 CHANGES.txt                                        |  1 +
 conf/cassandra.yaml                                |  3 ++-
 .../org/apache/cassandra/utils/FBUtilities.java    | 29 ++++++++++++++++------
 .../org/apache/cassandra/utils/JMXServerUtils.java | 12 +++++++--
 .../org/apache/cassandra/auth/jmx/JMXAuthTest.java |  2 +-
 5 files changed, 35 insertions(+), 12 deletions(-)

diff --git a/CHANGES.txt b/CHANGES.txt
index c3fdf4f..76cd271 100644
--- a/CHANGES.txt
+++ b/CHANGES.txt
@@ -1,4 +1,5 @@
 4.0-alpha5
+ * FBUtilities.getJustLocalAddress falls back to lo ip on misconfigured nodes 
(CASSANDRA-15901)
  * Close channel and reduce buffer allocation during entire sstable streaming 
with SSL (CASSANDRA-15900)
  * Prune expired messages less frequently in internode messaging 
(CASSANDRA-15700)
  * Fix Ec2Snitch handling of legacy mode for dc names matching both formats, 
eg "us-west-2" (CASSANDRA-15878)
diff --git a/conf/cassandra.yaml b/conf/cassandra.yaml
index 0778628..80dbf38 100644
--- a/conf/cassandra.yaml
+++ b/conf/cassandra.yaml
@@ -630,7 +630,8 @@ ssl_storage_port: 7001
 # Leaving it blank leaves it up to InetAddress.getLocalHost(). This
 # will always do the Right Thing _if_ the node is properly configured
 # (hostname, name resolution, etc), and the Right Thing is to use the
-# address associated with the hostname (it might not be).
+# address associated with the hostname (it might not be). If unresolvable
+# it will fall back to InetAddress.getLoopbackAddress(), which is wrong for 
production systems.
 #
 # Setting listen_address to 0.0.0.0 is always wrong.
 #
diff --git a/src/java/org/apache/cassandra/utils/FBUtilities.java 
b/src/java/org/apache/cassandra/utils/FBUtilities.java
index 6db50a4..8e000d5 100644
--- a/src/java/org/apache/cassandra/utils/FBUtilities.java
+++ b/src/java/org/apache/cassandra/utils/FBUtilities.java
@@ -130,16 +130,29 @@ public class FBUtilities
     public static InetAddress getJustLocalAddress()
     {
         if (localInetAddress == null)
-            try
-            {
-                localInetAddress = DatabaseDescriptor.getListenAddress() == 
null
-                                    ? InetAddress.getLocalHost()
-                                    : DatabaseDescriptor.getListenAddress();
-            }
-            catch (UnknownHostException e)
+        {
+            if (DatabaseDescriptor.getListenAddress() == null)
             {
-                throw new RuntimeException(e);
+                try
+                {
+                    localInetAddress = InetAddress.getLocalHost();
+                    logger.info("InetAddress.getLocalHost() was used to 
resolve listen_address to {}, double check this is "
+                                + "correct. Please check your node's config 
and set the listen_address in cassandra.yaml accordingly if applicable.",
+                                localInetAddress);
+                }
+                catch(UnknownHostException e)
+                {
+                    logger.info("InetAddress.getLocalHost() could not resolve 
the address for the hostname ({}), please "
+                                + "check your node's config and set the 
listen_address in cassandra.yaml. Falling back to {}",
+                                e,
+                                InetAddress.getLoopbackAddress());
+                    // CASSANDRA-15901 fallback for misconfigured nodes
+                    localInetAddress = InetAddress.getLoopbackAddress();
+                }
             }
+            else
+                localInetAddress = DatabaseDescriptor.getListenAddress();
+        }
         return localInetAddress;
     }
 
diff --git a/src/java/org/apache/cassandra/utils/JMXServerUtils.java 
b/src/java/org/apache/cassandra/utils/JMXServerUtils.java
index 12036f9..1f79a33 100644
--- a/src/java/org/apache/cassandra/utils/JMXServerUtils.java
+++ b/src/java/org/apache/cassandra/utils/JMXServerUtils.java
@@ -47,6 +47,7 @@ import javax.rmi.ssl.SslRMIClientSocketFactory;
 import javax.rmi.ssl.SslRMIServerSocketFactory;
 import javax.security.auth.Subject;
 
+import com.google.common.annotations.VisibleForTesting;
 import com.google.common.collect.ImmutableMap;
 import org.apache.commons.lang3.StringUtils;
 import org.slf4j.Logger;
@@ -63,7 +64,8 @@ public class JMXServerUtils
      * inaccessable.
      */
     @SuppressWarnings("resource")
-    public static JMXConnectorServer createJMXServer(int port, boolean local)
+    @VisibleForTesting
+    public static JMXConnectorServer createJMXServer(int port, String 
hostname, boolean local)
     throws IOException
     {
         Map<String, Object> env = new HashMap<>();
@@ -120,7 +122,7 @@ public class JMXServerUtils
                                                          
(RMIClientSocketFactory) 
env.get(RMIConnectorServer.RMI_CLIENT_SOCKET_FACTORY_ATTRIBUTE),
                                                          
(RMIServerSocketFactory) 
env.get(RMIConnectorServer.RMI_SERVER_SOCKET_FACTORY_ATTRIBUTE),
                                                          env);
-        JMXServiceURL serviceURL = new JMXServiceURL("rmi", null, rmiPort);
+        JMXServiceURL serviceURL = new JMXServiceURL("rmi", hostname, rmiPort);
         RMIConnectorServer jmxServer = new RMIConnectorServer(serviceURL, env, 
server, ManagementFactory.getPlatformMBeanServer());
 
         // If a custom authz proxy was created, attach it to the server now.
@@ -133,6 +135,12 @@ public class JMXServerUtils
         return jmxServer;
     }
 
+    @SuppressWarnings("resource")
+    public static JMXConnectorServer createJMXServer(int port, boolean local) 
throws IOException
+    {
+        return createJMXServer(port, null, local);
+    }
+
     private static Map<String, Object> configureJmxAuthentication()
     {
         Map<String, Object> env = new HashMap<>();
diff --git a/test/unit/org/apache/cassandra/auth/jmx/JMXAuthTest.java 
b/test/unit/org/apache/cassandra/auth/jmx/JMXAuthTest.java
index 10c871b..3bc28a9 100644
--- a/test/unit/org/apache/cassandra/auth/jmx/JMXAuthTest.java
+++ b/test/unit/org/apache/cassandra/auth/jmx/JMXAuthTest.java
@@ -90,7 +90,7 @@ public class JMXAuthTest extends CQLTester
         System.setProperty("java.security.auth.login.config", config);
         System.setProperty("cassandra.jmx.remote.login.config", "TestLogin");
         System.setProperty("cassandra.jmx.authorizer", 
NoSuperUserAuthorizationProxy.class.getName());
-        jmxServer = JMXServerUtils.createJMXServer(9999, true);
+        jmxServer = JMXServerUtils.createJMXServer(9999, "localhost", true);
         jmxServer.start();
 
         JMXServiceURL jmxUrl = new 
JMXServiceURL("service:jmx:rmi:///jndi/rmi://localhost:9999/jmxrmi");


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org
For additional commands, e-mail: commits-h...@cassandra.apache.org

Reply via email to