You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@jmeter.apache.org by bu...@apache.org on 2019/12/06 18:58:00 UTC

[Bug 63990] New: SSL RMI Binding

https://bz.apache.org/bugzilla/show_bug.cgi?id=63990

            Bug ID: 63990
           Summary: SSL RMI Binding
           Product: JMeter
           Version: 5.2.1
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: regression
          Priority: P2
         Component: Main
          Assignee: issues@jmeter.apache.org
          Reporter: tomasz.lagodzinski@outlook.com
  Target Milestone: JMETER_5.2

In AWS when using Elastic IP for public IP mapping, it's not possible to use
SSL RMI as setting java.rmi.server.hostname when using SSL RMI, it wants to
bind to the provided address. This doesn't happen on non SSL setup, which
allows remote jmeter master to manage EC2 based jmeter runners.

Seems to be caused in RMIServerSocketFactoryImpl by the createServerSocket
override which also provides localAddress.

Security wise, it seems to not matter, as binding to a local address and
reporting a remote one requires non standard manual configuration.

Log from binding when using SSL RMI:
Server failed to start: java.rmi.server.ExportException: Listen failed on port:
1099; nested exception is:
        java.io.IOException: Could not bind /XXX.XXX.XXX.XXX using port 1099
An error occurred: Listen failed on port: 0; nested exception is:
        java.io.IOException: Could not bind to /XXX.XXX.XXX.XXX using port 1099

With -Jserver.rmi.ssl.disable=true it works without a hitch, therefore marking
it as regression.

-- 
You are receiving this mail because:
You are the assignee for the bug.

[Bug 63990] SSL RMI Binding

Posted by bu...@apache.org.

https://bz.apache.org/bugzilla/show_bug.cgi?id=63990

tomasz.lagodzinski@outlook.com changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEEDINFO                    |NEW

--- Comment #2 from tomasz.lagodzinski@outlook.com ---
Sure,

0. Setup 4 linux jmeter servers in AWS.
1. Using Elastic IP in AWS on EC2, which makes something similar to NAT, so the
public IP is not available on host.
2. Using a remote windows machine as master.
3. Set java.rmi.server.hostname to public IP.
4. Configure keystore using provided shell script.
5. Jmeter-server tries to bind to public IP as set in java.rmi.server.hostname
due to some weird behaviour from rmi ssl connection factory.


AFAIK if any of the following is not met, it's not possible to reproduce this
error:
- Windows master
- Linux runners
- Runners behind NAT

-- 
You are receiving this mail because:
You are the assignee for the bug.

[Bug 63990] SSL RMI Binding

Posted by bu...@apache.org.

https://bz.apache.org/bugzilla/show_bug.cgi?id=63990

--- Comment #3 from Tom Lagodzinski <to...@outlook.com> ---
Upon further deliberation it seems that to replicate this bug it should only be
necessary to use ssl rmi and to set java.rmi.server.hostname to a non local ip.

-- 
You are receiving this mail because:
You are the assignee for the bug.

[Bug 63990] SSL RMI Binding

Posted by bu...@apache.org.

https://bz.apache.org/bugzilla/show_bug.cgi?id=63990

Philippe Mouawad <p....@ubik-ingenierie.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |p.mouawad@ubik-ingenierie.c
                   |                            |om
             Status|NEW                         |NEEDINFO

--- Comment #1 from Philippe Mouawad <p....@ubik-ingenierie.com> ---
Can you provide more informations on your setup and how you start each server
and test ? 

Do you set this property:

java.rmi.server.hostname

-- 
You are receiving this mail because:
You are the assignee for the bug.