[jira] [Commented] (GEODE-7157) SSLConfigurationFactory and SSLConfig are NOT Thread-safe!

Tue, 05 Nov 2019 17:07:11 -0800 


    [ 
https://issues.apache.org/jira/browse/GEODE-7157?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16967993#comment-16967993
 ] 

Bill Burcham commented on GEODE-7157:
-------------------------------------

[~alberto.gomez] I saw that your PR had to be reverted. I suspect your PR fixes 
problems in my own PR, so I made a new PR for you and attempted to fix it up:

https://github.com/apache/geode/pull/4285

There was the compile error. After that there was a test failure. Everything is 
green so far. I'm waiting for a green light on the final test. I think it'll be 
done in about an hour.

If it turns green and nobody has merged this, I'll merge it when I get to work 
tomorrow around 09:00 PST.

> SSLConfigurationFactory and SSLConfig are NOT Thread-safe!
> ----------------------------------------------------------
>
>                 Key: GEODE-7157
>                 URL: https://issues.apache.org/jira/browse/GEODE-7157
>             Project: Geode
>          Issue Type: Bug
>          Components: configuration, core, security
>            Reporter: John Blum
>            Assignee: Alberto Gomez
>            Priority: Critical
>              Labels: affects-spring
>          Time Spent: 3.5h
>  Remaining Estimate: 0h
>
> {{SSLConfig}} is a "_shared_" object (if you carefully analyze the 
> {{SSLConfigurationFactory}} class) and needs to be Thread-safe!!
> {{SSLConfigurationFactory}} does NOT properly guard all access points to the 
> (once again) "_shared_" {{registeredSSLConfig}} {{Map}} instance.  
> Furthermore, this class also uses an non-Thread-safe {{Map}} implementation 
> for {{registeredSSLConfig}}, i.e. {{HashMap}}, to "cache" {{SSLConfig}} 
> objects, which is "safe" iff "_all_" access to this "shared" 
> {{registeredSSLConfig}} {{Map}} instance is "{{synchronized}}", which it 
> isn't (!!) ... e.g. {{SSLConfigurationFactory.close()}}, which subsequently 
> calls {{clearSSLConfigForAllComponents()}}, which "_clears_" the 
> {{registeredSSLConfig}} {{Map}}.  Because it is not properly protected, it is 
> possible to see stale state, especially between tests!!!



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Reply via email to