AMQ-6698 - Allow timeout of SSL handshake for auto+nio+ssl

The handshake now takes place inside of the async task that timesout so that if the SSL handshake takes too long the connection attempt will honor protocolDetectionTimeout and actually timeout. Also, change the default of protocolDetectionTimeout to 30 seconds so it matches the rest of the broker's default connection timeout settings.
2017-06-08 12:32:35 -04:00 · 2017-06-08 12:32:35 -04:00 · 2a0b785a04
parent daeb70929e
commit 2a0b785a04
3 changed files with 9 additions and 5 deletions
--- a/activemq-broker/src/main/java/org/apache/activemq/transport/auto/AutoTcpTransportServer.java
+++ b/activemq-broker/src/main/java/org/apache/activemq/transport/auto/AutoTcpTransportServer.java
@ -78,7 +78,7 @@ public class AutoTcpTransportServer extends TcpTransportServer {
    protected final ThreadPoolExecutor newConnectionExecutor;
    protected final ThreadPoolExecutor protocolDetectionExecutor;
    protected int maxConnectionThreadPoolSize = Integer.MAX_VALUE;
-    protected int protocolDetectionTimeOut = 15000;
+    protected int protocolDetectionTimeOut = 30000;

    private static final FactoryFinder TRANSPORT_FACTORY_FINDER = new FactoryFinder("META-INF/services/org/apache/activemq/transport/");
    private final ConcurrentMap<String, TransportFactory> transportFactories = new ConcurrentHashMap<String, TransportFactory>();
--- a/activemq-broker/src/main/java/org/apache/activemq/transport/auto/nio/AutoNIOSSLTransportServer.java
+++ b/activemq-broker/src/main/java/org/apache/activemq/transport/auto/nio/AutoNIOSSLTransportServer.java
@ -110,14 +110,18 @@ public class AutoNIOSSLTransportServer extends AutoTcpTransportServer {
            //Clone the map because we will need to set the options later on the actual transport
            IntrospectionSupport.setProperties(in, new HashMap<>(transportOptions));
        }
-        in.start();
-        SSLEngine engine = in.getSslSession();

        //Attempt to read enough bytes to detect the protocol until the timeout period
        //is reached
        Future<?> future = protocolDetectionExecutor.submit(new Runnable() {
            @Override
            public void run() {
+                try {
+                    in.start();
+                } catch (Exception e) {
+                    throw new IllegalStateException("Could not complete Transport start", e);
+                }
+
                int attempts = 0;
                do {
                    if(attempts > 0) {
@ -157,7 +161,7 @@ public class AutoNIOSSLTransportServer extends AutoTcpTransportServer {
        }

        WireFormat format = protocolInfo.detectedWireFormatFactory.createWireFormat();
-        Transport transport = createTransport(socket, format, engine, initBuffer, in.getInputBuffer(), protocolInfo.detectedTransportFactory);
+        Transport transport = createTransport(socket, format, in.getSslSession(), initBuffer, in.getInputBuffer(), protocolInfo.detectedTransportFactory);

        return new TransportInfo(format, transport, protocolInfo.detectedTransportFactory);
    }
--- a/activemq-unit-tests/src/test/java/org/apache/activemq/openwire/OpenWireConnectionTimeoutTest.java
+++ b/activemq-unit-tests/src/test/java/org/apache/activemq/openwire/OpenWireConnectionTimeoutTest.java
@ -179,7 +179,7 @@ public class OpenWireConnectionTimeoutTest {
            case "auto+ssl":
            case "nio+ssl":
            case "auto+nio+ssl":
-                useSsl = true;;
+                useSsl = true;
                break;
            default:
                throw new IOException("Invalid OpenWire connector scheme passed to test.");