You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@ignite.apache.org by "Alexey Kukushkin (Jira)" <ji...@apache.org> on 2022/06/17 08:49:00 UTC

[jira] [Created] (IGNITE-17189) Java 17: Untrusted Ignite node never exits after failure to connect to the cluster

Alexey Kukushkin created IGNITE-17189:
-----------------------------------------

             Summary: Java 17: Untrusted Ignite node never exits after failure to connect to the cluster
                 Key: IGNITE-17189
                 URL: https://issues.apache.org/jira/browse/IGNITE-17189
             Project: Ignite
          Issue Type: Bug
          Components: security
    Affects Versions: 2.13
            Reporter: Alexey Kukushkin


*Steps to reproduce*
* Start an Ignite server node with SSL enabled
* Start another Ignite node with SSL enabled and SSL keys signed by wrong CA authority

*Expected*


*Actual*


*Reproducer*
{code:java}
    @Test
    public void untrustedServerNeverExitsOnFailureToConnectToCluster() {
        final Function<String, IgniteConfiguration> igniteConfigurationFactory = name ->
            new IgniteConfiguration()
                .setIgniteInstanceName(name)
                .setDiscoverySpi(
                    new TcpDiscoverySpi()
                        .setIpFinder(
                            new TcpDiscoveryVmIpFinder().setAddresses(Collections.singleton("127.0.0.1:47500..47501"))
                        )
                );

        final var serverSslContextFactory = new SslContextFactory();
        serverSslContextFactory.setProtocols("TLSv1.2");
        serverSslContextFactory.setKeyStoreFilePath("server-keys.jks");
        serverSslContextFactory.setKeyStorePassword("123456".toCharArray());
        serverSslContextFactory.setTrustStoreFilePath("server-trust.jks");
        serverSslContextFactory.setTrustStorePassword("123456".toCharArray());

        final var tmpSslContextFactory = new SslContextFactory();
        tmpSslContextFactory.setProtocols("TLSv1.2");
        tmpSslContextFactory.setKeyStoreFilePath("tmp-keys.jks");
        tmpSslContextFactory.setKeyStorePassword("123456".toCharArray());
        tmpSslContextFactory.setTrustStoreFilePath("tmp-trust.jks");
        tmpSslContextFactory.setTrustStorePassword("123456".toCharArray());


        final var igniteConfiguration = igniteConfigurationFactory.apply("server1")
            .setSslContextFactory(tmpSslContextFactory);
        final var untrustedIgniteConfiguration = igniteConfigurationFactory.apply("server2")
            .setSslContextFactory(tmpSslContextFactory);

        try (final var unused = Ignition.start(igniteConfiguration)) {
            try (final var unused2 = Ignition.start(untrustedIgniteConfiguration)) {
            }
        }
    }
{code}



--
This message was sent by Atlassian Jira
(v8.20.7#820007)