You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@ignite.apache.org by "Sergey Chugunov (JIRA)" <ji...@apache.org> on 2019/06/18 12:58:00 UTC

[jira] [Comment Edited] (IGNITE-11875) Thin client is unable to authenticate with long password

    [ https://issues.apache.org/jira/browse/IGNITE-11875?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16866579#comment-16866579 ] 

Sergey Chugunov edited comment on IGNITE-11875 at 6/18/19 12:57 PM:
--------------------------------------------------------------------

[~isapego],

As far as I can see we have a race condition in *ClientListenerNioListener#onHandshake* method between timeout thread counting handshake timeout and whatever thread that calls onHandshake method.

The point is that if timeout thread manages to close the session before it is deleted by logic of onHandshake method, lately the method will try to write a response to already closed session.

However I may be wrong here and session object we use here has some internal logic to handle this situation.



was (Author: sergey-chugunov):
[~isapego],

As far as I can see we have a race condition in *ClientListenerNioListener#onHandshake* method between timeout thread counting handshake timeout and whatever thread that calls onHandshake method.

The point is that if timeout thread manages to close the session before it is deleted by login of onHandshake method, lately the method will try to write a response to already closed session.

However I may be wrong here and session object we use here has some internal logic to handle this situation.


> Thin client is unable to authenticate with long password
> --------------------------------------------------------
>
>                 Key: IGNITE-11875
>                 URL: https://issues.apache.org/jira/browse/IGNITE-11875
>             Project: Ignite
>          Issue Type: Bug
>          Components: jdbc, odbc, thin client
>    Affects Versions: 2.7
>            Reporter: Igor Sapego
>            Assignee: Igor Sapego
>            Priority: Major
>             Fix For: 2.8
>
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> Token authentication could use long usernames/passwords, that leads to "Invalid handshake message" 
> ClientListenerNioServerBuffer:
> {code:java}
>         if (cnt == msgSize) {
>             byte[] data0 = data;
>             reset();
>             return data0;
>         }
>         else {
>             if (checkHandshake && cnt > 0 && (msgSize > ClientListenerNioListener.MAX_HANDSHAKE_MSG_SIZE
>                 || data[0] != ClientListenerRequest.HANDSHAKE))
>                 throw new IgniteCheckedException("Invalid handshake message");
>             return null;
>         }
> {code}
> The reproducer is attached.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)