You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@pulsar.apache.org by GitBox <gi...@apache.org> on 2021/02/05 15:44:36 UTC
[GitHub] [pulsar] weibetter opened a new issue #9495: [pulsar-client-cpp] ProducerConfiguration's addEncryptionKey really not adding encryption.
weibetter opened a new issue #9495:
URL: https://github.com/apache/pulsar/issues/9495
#### Expected behavior
Tell us what should happen:
While waiting for the DefaultCryptoKeyReader, I follow the https://pulsar.apache.org/docs/en/security-encryption/ page by implementing the RawFileKeyReader in cpp. By including the setCryptoKeyReader and addEncryptionKey, the producerconfiguration.isEncryptedEnabled returns True. Then calling the client.createProducer(topic, config, producer), the Pulsar Serve should allow the creation of Producer.
#### Actual behavior
INFORM----PULSARMain.cc:0234:05/02/21 10:28:13 > Encryption is enabled
Tell us what happens instead:
2021-02-05 10:28:13.714 WARN [] ClientConnection:960 | [] Received error response from server: BrokerMetadataError -- req_id: 0
10:28:13.713 [bookkeeper-ml-workers-OrderedExecutor-0-0] WARN org.apache.pulsar.broker.service.ServerCnx - [] Encryption is required in persistent://public/default/testing_topic
#### Steps to reproduce
How can we reproduce the issue:
`class RawFileKeyReader : public CryptoKeyReader {
private:
std::string msPublicKeyFile = "";
std::string msPrivateKeyFile = "";
public:
RawFileKeyReader(std::string pubKeyFile, std::string privKeyFile);
~RawFileKeyReader();
Result getPublicKey(const std::string& keyName, std::map<std::string, std::string>& keyMeta, EncryptionKeyInfo& encKeyInfo) const;
Result getPrivateKey(const std::string& keyName, std::map<std::string, std::string>& keyMeta, EncryptionKeyInfo& encKeyInfo) const;
void readFile(std::string fileName, std::string& fileContents) const;
};
RawFileKeyReader::RawFileKeyReader(std::string pubKeyFile, std::string privKeyFile) {
msPrivateKeyFile = privKeyFile;
msPublicKeyFile = pubKeyFile;
}
RawFileKeyReader::~RawFileKeyReader() {
}
Result RawFileKeyReader::getPublicKey(const std::string& keyName, std::map<std::string, std::string>& keyMeta, EncryptionKeyInfo& encKeyInfo) const {
std::string keyContents;
readFile(msPublicKeyFile, keyContents);
encKeyInfo.setKey(keyContents);
return ResultOk;
}
Result RawFileKeyReader::getPrivateKey(const std::string& keyName, std::map<std::string, std::string>& keyMeta, EncryptionKeyInfo& encKeyInfo) const {
std::string keyContents;
readFile(msPrivateKeyFile, keyContents);
encKeyInfo.setKey(keyContents);
return ResultOk;
}
void RawFileKeyReader::readFile(std::string fileName, std::string& fileContents) const {
std::ifstream ifs(fileName);
std::stringstream fileStream;
fileStream << ifs.rdbuf();
fileContents = fileStream.str();
}
// Local instance
std::string hostname = "localhost";
// Without SSL
std::string port = "6650";
// Topic
std::string topic = "testing_topic";
ClientConfiguration cconfig;
// Create a client - add +ssl after pulsar to enable SSL
Client client("pulsar://" + hostname + ":" + port + "/", cconfig);
// Create ProducerConfiguration
ProducerConfiguration pcconfig;
int iCurrentSendTimeout = pcconfig.getSendTimeout();
int iMaxPendingMessages = pcconfig.getMaxPendingMessages();
unsigned int iMaxBatchingMessages = pcconfig.getBatchingMaxMessages();
bool bIsBatchingEnabled = pcconfig.getBatchingEnabled();
std::string sboolIsBatchingEnabled = "False";
if (bIsBatchingEnabled) {
sboolIsBatchingEnabled = "True";
} else {
sboolIsBatchingEnabled = "False";
}
// Change configuration
pcconfig.setMaxPendingMessages(5000);
iMaxPendingMessages = pcconfig.getMaxPendingMessages();
pcconfig.setBatchingMaxMessages(5000);
iMaxBatchingMessages = pcconfig.getBatchingMaxMessages();
int iBatchingMaxPublishDelayMs = pcconfig.getBatchingMaxPublishDelayMs();
pcconfig.setBatchingEnabled(true);
pcconfig.setBatchingMaxPublishDelayMs(50000);
pcconfig.setPartitionsRoutingMode(pcconfig.RoundRobinDistribution);
pcconfig.setCompressionType(CompressionLZ4);
// From github pulsar -- Seems to work and not longer fail to load the public key
std::string privateKeyFile = "./private-key.client-rsa.pem";
std::string publicKeyFile = "./public-key.client-rsa.pem";
CryptoKeyReaderPtr sp(new RawFileKeyReader(publicKeyFile, privateKeyFile));
pcconfig.addEncryptionKey("client-rsa.pem");
pcconfig.setCryptoKeyReader(sp);
// Create producer
Producer producer;
Result result = client.createProducer(topic, pcconfig, producer);
// Getting the sample json data with 50 events as usage array of objects
char data[10000];
ifstream infile;
infile.open("./json.txt", ios::in);
std::string tp;
while (getline(infile, tp)) {
Message msg = MessageBuilder().setContent(tp + to_string(count)).build();
Result res = producer.send(msg);
if (res == ResultOk) {
count = count + 1;
} else if (res != ResultOk) {
}
}
infile.close();
producer.flush();
client.close();
'
#### System configuration
**Pulsar version**: 2.70 Prebuilt Linux.rpm
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [pulsar] BewareMyPower commented on issue #9495: [pulsar-client-cpp] ProducerConfiguration's addEncryptionKey really not adding encryption.
Posted by GitBox <gi...@apache.org>.
BewareMyPower commented on issue #9495:
URL: https://github.com/apache/pulsar/issues/9495#issuecomment-775831192
Could you follow the [tests](https://github.com/apache/pulsar/pull/9074/files#diff-4864d6f442c0448dfa305af4f15c52d5f6f008f4779c535a5953b8a411c104f4) and try the `DefaultCryptoKeyReader`?
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [pulsar] sijie closed issue #9495: [pulsar-client-cpp] ProducerConfiguration's addEncryptionKey really not adding encryption.
Posted by GitBox <gi...@apache.org>.
sijie closed issue #9495:
URL: https://github.com/apache/pulsar/issues/9495
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org