Bill commented on code in PR #7449: URL: https://github.com/apache/geode/pull/7449#discussion_r844433366
########## geode-core/src/distributedTest/java/org/apache/geode/distributed/internal/P2pMessagingSslTlsKeyUpdateDistributedTest.java: ########## @@ -0,0 +1,369 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for additional information regarding + * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance with the License. You may obtain a + * copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software distributed under the License + * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the License for the specific language governing permissions and limitations under + * the License. + */ + +package org.apache.geode.distributed.internal; + +import static org.apache.geode.distributed.ConfigurationProperties.SSL_CIPHERS; +import static org.apache.geode.distributed.ConfigurationProperties.SSL_PROTOCOLS; +import static org.apache.geode.test.awaitility.GeodeAwaitility.await; +import static org.assertj.core.api.Assertions.assertThat; + +import java.io.DataInput; +import java.io.DataOutput; +import java.io.IOException; +import java.lang.reflect.Field; +import java.security.GeneralSecurityException; +import java.security.Security; +import java.time.Duration; +import java.util.Map; +import java.util.Properties; +import java.util.Set; +import java.util.concurrent.ThreadLocalRandom; +import java.util.concurrent.atomic.LongAdder; + +import junitparams.Parameters; +import org.jetbrains.annotations.NotNull; +import org.junit.After; +import org.junit.Rule; +import org.junit.Test; +import org.junit.experimental.categories.Category; +import org.junit.runner.RunWith; + +import org.apache.geode.cache.CacheFactory; +import org.apache.geode.cache.ssl.CertStores; +import org.apache.geode.cache.ssl.CertificateBuilder; +import org.apache.geode.cache.ssl.CertificateMaterial; +import org.apache.geode.distributed.internal.membership.InternalDistributedMember; +import org.apache.geode.internal.cache.InternalCache; +import org.apache.geode.internal.serialization.DeserializationContext; +import org.apache.geode.internal.serialization.SerializationContext; +import org.apache.geode.test.dunit.SerializableRunnableIF; +import org.apache.geode.test.dunit.rules.ClusterStartupRule; +import org.apache.geode.test.dunit.rules.MemberVM; +import org.apache.geode.test.junit.categories.MembershipTest; +import org.apache.geode.test.junit.runners.GeodeParamsRunner; +import org.apache.geode.test.version.VersionManager; + +/** + * In TLSv1.3, when a GCM-based cipher is used, there is a limit on the number + * of bytes that may be encoded with a key. When that limit is reached, a TLS + * KeyUpdate message is generated (by the SSLEngine). That message causes a new + * key to be negotiated between the peer SSLEngines. + * + * This test arranges for a low encryption byte limit to be set for the sending member + * and then for the receiving member. With the low byte limit configured, the test + * sends P2P messages via TLS and verifies request-reply message processing. + */ +@Category({MembershipTest.class}) +@RunWith(GeodeParamsRunner.class) +public class P2pMessagingSslTlsKeyUpdateDistributedTest { + + private static final String TLS_PROTOCOL = "TLSv1.3"; + private static final String TLS_CIPHER_SUITE = "TLS_AES_256_GCM_SHA384"; + + private static final int ENCRYPTED_BYTES_LIMIT = 64 * 1024; + + private static final int MESSAGE_SIZE = 1024; + + /* + * How many messages will be generated? We generate enough to cause KeyUpdate + * to be generated, and then we generate many more beyond that. Even with buggy + * wrap/unwrap logic, the retries in DirectChannel.sendToMany() and the transparent + * connection reestablishment in ConnectionTable can mask those bugs. So to reliably + * fail in the presence of bugs we need to generate lots of extra messages. + */ + private static final int MESSAGES_PER_SENDER = ENCRYPTED_BYTES_LIMIT / MESSAGE_SIZE + 2000; + + { + assertThat(MESSAGE_SIZE * MESSAGES_PER_SENDER > 10 * ENCRYPTED_BYTES_LIMIT); + } + + public static final int MAX_REPLY_WAIT_MILLIS = 1_000; + + private static Properties geodeConfigurationProperties; + + @Rule + public final ClusterStartupRule clusterStartupRule = new ClusterStartupRule(3); + + private MemberVM sender; + private MemberVM receiver; + + @After + public void afterEach() { + clusterStartupRule.getVM(0).bounceForcibly(); + clusterStartupRule.getVM(1).bounceForcibly(); + clusterStartupRule.getVM(2).bounceForcibly(); + } + + /* + * bytes sent on sender JVM, bytes received on receiver JVM + * (not used in test JVM) + */ + private static LongAdder bytesTransferredAdder; + + // in receiver JVM only Review Comment: Why here? Should every field get a javadoc comment? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@geode.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org