grpc
/
grpc-java
mirror of https://github.com/grpc/grpc-java.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add client-side logging for TLS negotiation.

This commit is contained in:
nmittler 2015-09-09 13:00:47 -07:00
parent ccf328f367
commit f80ca40fb9
1 changed files with 19 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
netty/src/main/java/io/grpc/netty/ProtocolNegotiators.java
View File

@ -61,6 +61,7 @@ import java.util.Queue;
import java.util.logging.Level; import java.util.logging.Level;
import java.util.logging.Logger; import java.util.logging.Logger;
import javax.annotation.Nullable;
import javax.net.ssl.SSLEngine; import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLParameters; import javax.net.ssl.SSLParameters;
@ -113,18 +114,10 @@ public final class ProtocolNegotiators {
} }
private void fail(ChannelHandlerContext ctx, Throwable exception) { private void fail(ChannelHandlerContext ctx, Throwable exception) {
Level level = Level.FINE; logSslEngineDetails(Level.FINE, ctx, "TLS negotiation failed for new client.", exception);
if (log.isLoggable(level)) {
log.log(level, errorMessage(ctx), exception);
}
ctx.close(); ctx.close();
} }
private String errorMessage(ChannelHandlerContext ctx) {
StringBuilder builder = new StringBuilder("TLS negotiation failed for new client.\n");
return sslEngineDetails(sslHandler(ctx), builder).toString();
}
private SslHandler sslHandler(ChannelHandlerContext ctx) { private SslHandler sslHandler(ChannelHandlerContext ctx) {
return ctx.pipeline().get(SslHandler.class); return ctx.pipeline().get(SslHandler.class);
} }
@ -195,9 +188,17 @@ public final class ProtocolNegotiators {
return Status.UNAVAILABLE.withDescription(msg).asRuntimeException(); return Status.UNAVAILABLE.withDescription(msg).asRuntimeException();
} }
private static StringBuilder sslEngineDetails(SslHandler sslHandler, StringBuilder builder) { private static void logSslEngineDetails(Level level, ChannelHandlerContext ctx, String msg,
@Nullable Throwable t) {
if (!log.isLoggable(level)) {
return;
}
SslHandler sslHandler = ctx.pipeline().get(SslHandler.class);
SSLEngine engine = sslHandler.engine(); SSLEngine engine = sslHandler.engine();
builder.append("SSLEngine Details: [\n");
StringBuilder builder = new StringBuilder(msg);
builder.append("\nSSLEngine Details: [\n");
if (engine instanceof OpenSslEngine) { if (engine instanceof OpenSslEngine) {
builder.append(" OpenSSL, "); builder.append(" OpenSSL, ");
builder.append("Version: 0x").append(Integer.toHexString(OpenSsl.version())); builder.append("Version: 0x").append(Integer.toHexString(OpenSsl.version()));
@ -225,7 +226,8 @@ public final class ProtocolNegotiators {
builder.append("\n Enabled ciphers="); builder.append("\n Enabled ciphers=");
builder.append(Arrays.toString(engine.getEnabledCipherSuites())); builder.append(Arrays.toString(engine.getEnabledCipherSuites()));
builder.append("\n]"); builder.append("\n]");
return builder;
log.log(level, builder.toString(), t);
} }
/** /**
@ -392,10 +394,13 @@ public final class ProtocolNegotiators {
SslHandler handler = ctx.pipeline().get(SslHandler.class); SslHandler handler = ctx.pipeline().get(SslHandler.class);
if (handler.applicationProtocol() != null) { if (handler.applicationProtocol() != null) {
// Successfully negotiated the protocol. // Successfully negotiated the protocol.
logSslEngineDetails(Level.FINER, ctx, "TLS negotiation succeeded.", null);
writeBufferedAndRemove(ctx); writeBufferedAndRemove(ctx);
} else { } else {
fail(ctx, new Exception( Exception ex = new Exception(
"Failed ALPN negotiation: Unable to find compatible protocol.")); "Failed ALPN negotiation: Unable to find compatible protocol.");
logSslEngineDetails(Level.FINE, ctx, "TLS negotiation failed.", ex);
fail(ctx, ex);
} }
} else { } else {
fail(ctx, handshakeEvent.cause()); fail(ctx, handshakeEvent.cause());