Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Prevent x509_cert from hanging on UDP connection #9323

Merged
merged 9 commits into from
Jul 23, 2021
Merged

Prevent x509_cert from hanging on UDP connection #9323

merged 9 commits into from
Jul 23, 2021

Conversation

akrantz01
Copy link
Contributor

@akrantz01 akrantz01 commented Jun 1, 2021
edited
Loading

Required for all PRs:

  • Updated associated README.md.
  • Wrote appropriate unit tests.

resolves #9310

Fixes the bug where the x509_cert plugin would hang indefinitely when you try to gather certificate metrics from a UDP address. This was done by adding UDP support to the plugin using the pion/dtls library.

Note: #9289 should be merged before this PR since all URLs are currently parsed as globs causing telegraf to fail to pull the certificate. Similarly, the TestGatherUDPCert test will fail because of this. Rebased to master.

@akrantz01 akrantz01 added the fix pr to fix corresponding bug label Jun 1, 2021
@telegraf-tiger telegraf-tiger bot added the feat Improvement on an existing feature such as adding a new setting/mode to an existing plugin label Jun 1, 2021
helenosheaa
helenosheaa reviewed Jun 3, 2021
View reviewed changes
Copy link
Member

@helenosheaa helenosheaa left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good!

One note: if you look at the ci/circleci: test-go-1_15 check you'll see CircleCI is complaining about additional licenses needing to be added for the following:

+github.com/pion/logging
+github.com/pion/transport
+github.com/pion/udp

@jjh74
Copy link
Contributor

jjh74 commented Jun 11, 2021

@akrantz01 Does udp:// mean DTLS(rfc6347) after this PR ? (udp:// only works with DTLS servers and not with some homegrown tls on top of udp socket). Maybe README.md could mention that udp:// means DTLS ?

@akrantz01
Copy link
Contributor Author

That'd probably be good to mention. However, there shouldn't be any additional problems with homegrown implementations over UDP since previously, it fails to send a packet if you configure it to pull from a UDP address as the standard library isn't equipped to handle it.

srebhan
srebhan reviewed Jun 13, 2021
View reviewed changes
plugins/inputs/x509_cert/x509_cert_test.go Outdated
Comment on lines 283 to 285
m := &X509Cert{
Sources: []string{"udp://" + listener.Addr().String()},
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You need to set the logging facility here or you will get segfaults (that are the failing CI tests you see):

Suggested change
m := &X509Cert{
Sources: []string{"udp://" + listener.Addr().String()},
}
m := &X509Cert{
Sources: []string{"udp://" + listener.Addr().String()},
Log: testutil.Logger{},
}

srebhan
srebhan reviewed Jun 13, 2021
View reviewed changes
Copy link
Member

@srebhan srebhan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@akrantz01 thanks for looking into this. The code looks quite good and I added a comment to fix the failing CI tests. Let me know if I can be of any further help.

@srebhan srebhan self-assigned this Jun 13, 2021
srebhan
srebhan reviewed Jun 14, 2021
View reviewed changes
plugins/inputs/x509_cert/x509_cert_test.go Outdated

go func() {
_, err := listener.Accept()
require.NoError(t, err)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You shall not use any require methods that terminate (i.e. call require.Fail internally) in goroutines as this will only end the goroutine and not the test. See the go release notes for reference also describing a potential workaround.

In this specific instance I think just ignoring the error and quitting the goroutine might be sufficient as the test relying on the accept will probably fail anyway...

srebhan
srebhan approved these changes Jul 21, 2021
View reviewed changes
Copy link
Member

@srebhan srebhan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me. Thanks for the nice PR!

@srebhan srebhan added the ready for final review This pull request has been reviewed and/or tested by multiple users and is ready for a final review. label Jul 21, 2021
@telegraf-tiger
Copy link
Contributor

Looks like new artifacts were built from this PR. Get them here!

Artifact URLs

@akrantz01 akrantz01 merged commit 32d4234 into influxdata:master Jul 23, 2021
reimda pushed a commit that referenced this pull request Jul 28, 2021
@akrantz01 @reimda
Prevent x509_cert from hanging on UDP connection (#9323)
cce7539 
(cherry picked from commit 32d4234)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@helenosheaa helenosheaa helenosheaa left review comments

@MyaLongmire MyaLongmire MyaLongmire approved these changes

@srebhan srebhan srebhan approved these changes

Assignees

@srebhan srebhan

Labels
feat Improvement on an existing feature such as adding a new setting/mode to an existing plugin fix pr to fix corresponding bug ready for final review This pull request has been reviewed and/or tested by multiple users and is ready for a final review.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

x509_cert hangs when using UDP connection
5 participants
@akrantz01 @jjh74 @MyaLongmire @srebhan @helenosheaa