[ 
https://issues.apache.org/jira/browse/IGNITE-22605?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Nikita Amelchev updated IGNITE-22605:
-------------------------------------
    Release Note: Added check for SSL errors on TcpDiscovery writing failures

> Wrong certificate chain might lead to split brain
> -------------------------------------------------
>
>                 Key: IGNITE-22605
>                 URL: https://issues.apache.org/jira/browse/IGNITE-22605
>             Project: Ignite
>          Issue Type: Bug
>            Reporter: Maksim Timonin
>            Assignee: Maksim Timonin
>            Priority: Major
>              Labels: ise
>             Fix For: 2.17
>
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> There is a flaky test, it actually fails due to the bug.
> {code:java}
> TcpDiscoverySslTrustedUntrustedTest#testMismatchingCaFirst{code}
> Test scenario is as follows:
>  # Start node A
>  # Try start node B with mismatching certificates
>  # Node B doesn't fail but starts new topology.
> Logic that leads to the error:
>  # Node A started - create topology from single node.
>  # Node B is starting. Node B opens socket to node A
>  # Node B writes {{IGNITE_HEADER}} to the socket.
>  # Node B doesn't read any ack after sending {{IGNITE_HEADER}} and tries send 
> {{TcpDiscoveryHandshakeRequest}}
>  # Node A receives the {{{}IGNITE_HEADER{}}}, fails on SSL handshake, closes 
> the connection with SSL error, and doesn't receive 
> {{TcpDiscoveryHandshakeRequest}}
>  # Node B doesn't check any ack for {{IGNITE_HEADER and get error "socket 
> closed" for writing TcpDiscoveryHandshakeRequest}}
>  # Node B decides that node A doesn't exist and creates own topology
> Proposal fix: In case of SSL enabled and socket failure, Node B should check 
> the input stream after sending {{IGNITE_HEADER }}and 
> TcpDiscoveryHandshakeRequest.
>  
>  



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to