From cb480aee7df15566a7ff1cf918ed79b4e9c01bfd Mon Sep 17 00:00:00 2001 From: Simon Rettberg Date: Fri, 31 Mar 2023 14:10:56 +0200 Subject: [thrift] Show source IP address for "payload too big" fails --- .../openslx/thrifthelper/TBinaryProtocolSafe.java | 47 ++++++++++++++++++---- 1 file changed, 39 insertions(+), 8 deletions(-) diff --git a/src/main/java/org/openslx/thrifthelper/TBinaryProtocolSafe.java b/src/main/java/org/openslx/thrifthelper/TBinaryProtocolSafe.java index 0f96788..c3f4763 100644 --- a/src/main/java/org/openslx/thrifthelper/TBinaryProtocolSafe.java +++ b/src/main/java/org/openslx/thrifthelper/TBinaryProtocolSafe.java @@ -1,19 +1,26 @@ package org.openslx.thrifthelper; +import java.net.InetAddress; +import java.net.InetSocketAddress; +import java.net.SocketAddress; import java.net.SocketException; import java.nio.ByteBuffer; import java.nio.charset.StandardCharsets; import javax.net.ssl.SSLException; +import org.apache.logging.log4j.LogManager; +import org.apache.logging.log4j.Logger; import org.apache.thrift.TException; import org.apache.thrift.protocol.TBinaryProtocol; import org.apache.thrift.protocol.TMessage; import org.apache.thrift.protocol.TProtocol; import org.apache.thrift.protocol.TProtocolException; import org.apache.thrift.protocol.TProtocolFactory; +import org.apache.thrift.transport.TSocket; import org.apache.thrift.transport.TTransport; import org.apache.thrift.transport.TTransportException; +import org.apache.thrift.transport.layered.TLayeredTransport; /** * Binary protocol implementation for thrift. @@ -22,6 +29,9 @@ import org.apache.thrift.transport.TTransportException; */ public class TBinaryProtocolSafe extends TBinaryProtocol { + + private final static Logger LOGGER = LogManager.getLogger( ThriftHandler.class ); + /** * Factory */ @@ -71,7 +81,7 @@ public class TBinaryProtocolSafe extends TBinaryProtocol /* * Reading methods. */ - + @Override public TMessage readMessageBegin() throws TException { @@ -84,12 +94,13 @@ public class TBinaryProtocolSafe extends TBinaryProtocol String m = e.getCause().getMessage(); // We still want SSL errors that help diagnosing more specific SSL errors that relate to actual // SSL handshake attempts, like incompatible TLS versions or ciphers. - if ( m.contains( "Remote host terminated the handshake" ) - || m.contains( "Unsupported or unrecognized SSL message" ) ) { - // Fake an END_OF_FILE exception, as the logException() method in the server class will - // ignore there. Let's hope it will stay ignored in the future. - throw new TTransportException( TTransportException.END_OF_FILE ); + if ( !m.contains( "Remote host terminated the handshake" ) + && !m.contains( "Unsupported or unrecognized SSL message" ) ) { + LOGGER.warn( getIp() + m ); } + // Fake an END_OF_FILE exception, as the logException() method in the server class will + // ignore there. Let's hope it will stay ignored in the future. + throw new TTransportException( TTransportException.END_OF_FILE ); } else if ( e.getCause() instanceof SocketException && ( e.getCause().getMessage().contains( " timed out" ) || e.getCause().getMessage().contains( "Connection reset" ) ) ) { // Faaaake @@ -102,7 +113,7 @@ public class TBinaryProtocolSafe extends TBinaryProtocol throw e; } if ( size > maxLen ) - throw new TProtocolException( TProtocolException.SIZE_LIMIT, "Payload too big." ); + throw new TProtocolException( TProtocolException.SIZE_LIMIT, getIp() + "Payload too big." ); if ( size < 0 ) { int version = size & VERSION_MASK; if ( version != VERSION_1 ) { @@ -117,6 +128,27 @@ public class TBinaryProtocolSafe extends TBinaryProtocol } } + private String getIp() + { + TTransport t = trans_; + while ( t instanceof TLayeredTransport ) { + t = ( (TLayeredTransport)t ).getInnerTransport(); + } + InetAddress ia = null; + if ( t instanceof TSocket ) { + SocketAddress sa = ( (TSocket)t ).getSocket().getRemoteSocketAddress(); + if ( sa != null && ( sa instanceof InetSocketAddress ) ) + ia = ( (InetSocketAddress)sa ).getAddress(); + if ( ia == null ) + ia = ( (TSocket)t ).getSocket().getInetAddress(); + } else { + LOGGER.debug( "getIp(" + t.getClass().getSimpleName() + ")" ); + } + if ( ia == null ) + return ""; + return ia.getHostAddress() + ": "; + } + @Override public String readString() throws TException { @@ -150,4 +182,3 @@ public class TBinaryProtocolSafe extends TBinaryProtocol } } - -- cgit v1.2.3-55-g7522