Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

2.x,1.x EncryptedData bug in client. #7039

Closed
CherishCai opened this issue Oct 9, 2021 · 10 comments
Closed

2.x,1.x EncryptedData bug in client. #7039

CherishCai opened this issue Oct 9, 2021 · 10 comments
Assignees
@realJackSun
Labels
kind/bug Category issues or prs related to bug.
Milestone
2.1.1

Comments

@CherishCai
Copy link
Contributor

Describe the bug
relate [ISSUE #5367]SPI IConfigFilter (#5369)

1.4.2 Implementation of IConfigFilter spi configuration decryption, there is a problem when CacheData maintains the content and md5 values, the maintenance is encrypted content, and md5 is obtained from the decrypted content; because CacheData.md5 is wrong, every time checkUpdateDataIds will get changedGroupKeys, thus continuously GetServerConfig after listening. For details, please see LongPollingRunnable.

1.4.2 实现 IConfigFilter spi 配置解密,在 CacheData 维护 content 和 md5 值时有问题,维护的为加密内容,且md5从解密内容得到;因 CacheData.md5 不对,所以每次 checkUpdateDataIds 都会得到 changedGroupKeys,从而不断地进行 listening 后 getServerConfig。具体情况请看 LongPollingRunnable

image

Expected behavior
CacheData cache decryptContent and decryptContent's md5.

Acutally behavior
CacheData cache encryptedContent and encryptedContent's md5.
@realJackSun realJackSun added the kind/discussion Category issues related to discussion label Oct 12, 2021
@CherishCai
Copy link
Contributor Author

@robberphex 要不讨论一下,这个这个场景是否没有验证到;会造成

  1. 服务端的 listening queue 为空;
  2. 客户端不断轮询。

CherishCai added a commit to CherishCai/nacos that referenced this issue Nov 7, 2021
@CherishCai
fix(alibaba#7039): tmp fix EncryptedData Long-Polling listerning bug.
fea07dc
CherishCai added a commit to CherishCai/nacos that referenced this issue Nov 7, 2021
@CherishCai
fix(alibaba#7039): tmp fix EncryptedData Long-Polling listerning bug.
7d02426
@CherishCai CherishCai mentioned this issue Nov 7, 2021
Merged
realJackSun pushed a commit that referenced this issue Nov 16, 2021
@CherishCai
fix 1.4.2 EncryptedData Long-Polling listerning bug in client(LongPol…
b59de4c 
…lingRunnable). (#7191)

* fix(#7039): tmp fix EncryptedData Long-Polling listerning bug.

* fix(#7039): tmp fix EncryptedData Long-Polling listerning bug.
@CherishCai
Copy link
Contributor Author

AbstractConfigChangeListener parseChangeData not right content bug.

image

CherishCai added a commit to CherishCai/nacos that referenced this issue Dec 22, 2021
@CherishCai
fix(alibaba#7039): tmp fix AbstractConfigChangeListener parseChangeDa…
0bd5982 
…ta not right content bug.
CherishCai added a commit to CherishCai/nacos that referenced this issue Dec 22, 2021
@CherishCai
fix(alibaba#7039): tmp fix AbstractConfigChangeListener parseChangeDa…
6cfd08d 
…ta not right content bug.
@CherishCai CherishCai mentioned this issue Dec 22, 2021
Closed
@CherishCai
Copy link
Contributor Author

这里还会有一个 bug,因为 String content = getConfig(dataId, group, timeoutMs); 拿到的是解密后的内容;然后 worker.addTenantListenersWithContent 的逻辑再执行了一次。看了代码不好解决,还是期待一次重构治理。
暂时调用分开为 getConfig 和 addListener 吧[笑哭]

@Override
    public String getConfigAndSignListener(String dataId, String group, long timeoutMs, Listener listener)
            throws NacosException {
        String content = getConfig(dataId, group, timeoutMs);
        worker.addTenantListenersWithContent(dataId, group, content, Arrays.asList(listener));
        return content;
    }

@CherishCai CherishCai changed the title 1.4.2 EncryptedData Long-Polling listerning bug in client(LongPollingRunnable). 2.x,1.x EncryptedData Long-Polling listerning bug in client(LongPollingRunnable). May 23, 2022
@CherishCai
Copy link
Contributor Author

2.x 的加解密一样存在问题,以下列出的是临时修复方案

#7191
#7479

@CherishCai
Copy link
Contributor Author

@li-xiao-shuang 哈哈,2.x 这部分加解密要不要统一看下

CherishCai added a commit to CherishCai/nacos that referenced this issue May 25, 2022
@CherishCai
fix(alibaba#7039): Temporary fix encryptedContent bug.
aace9b8
@CherishCai CherishCai mentioned this issue May 25, 2022
Merged
5 tasks
@CherishCai CherishCai changed the title 2.x,1.x EncryptedData Long-Polling listerning bug in client(LongPollingRunnable). 2.x,1.x EncryptedData bug in client. May 25, 2022
@li-xiao-shuang
Copy link
Collaborator

1.x 服务端没有适配加解密,加解密只在 > 2.0.3 做了

@li-xiao-shuang
Copy link
Collaborator

@li-xiao-shuang 哈哈,2.x 这部分加解密要不要统一看下

如果你要使用配置加解密 建议就使用2.x 的版本,如果 2.x 的有什么bug可以一起解决下

@CherishCai
Copy link
Contributor Author

@li-xiao-shuang 没事哈,我内部都定制了,所以知道客户端有些 bug ,才提的 issue 和 PR

@li-xiao-shuang
Copy link
Collaborator

@li-xiao-shuang 没事哈,我内部都定制了,所以知道客户端有些 bug ,才提的 issue 和 PR

客户端这块 2.x 我有空在详细看看

CherishCai added a commit to CherishCai/nacos that referenced this issue Jul 6, 2022
@CherishCai
fix(alibaba#7039): optimization the 2.x Temporary fix.
6c63e23
CherishCai added a commit to CherishCai/nacos that referenced this issue Jul 13, 2022
@CherishCai
cr(alibaba#7039): getConfigAndSignListener get a decryptContent.
b8ced64
CherishCai added a commit to CherishCai/nacos that referenced this issue Jul 13, 2022
@CherishCai
test(alibaba#7039): fix getConfigAndSignListener test.
24a14cc
KomachiSion pushed a commit that referenced this issue Jul 19, 2022
@CherishCai
[ISSUE #7039] Temporary fix encryptedContent bug. (#8463)
837b1c1 
* fix(#7039): Temporary fix encryptedContent bug.

* fix(#7039): optimization the 2.x Temporary fix.

* cr(#7039): getConfigAndSignListener get a decryptContent.

* test(#7039): fix getConfigAndSignListener test.
@CherishCai
Copy link
Contributor Author

@ ready to close @

2.x fix in #8463 , 1.4.x encrypted imperfect, so no need to deal with.

2.x 已修复,1.4.x 配置加密并不完善,故无需处理。

@KomachiSion KomachiSion added kind/bug Category issues or prs related to bug. and removed kind/discussion Category issues related to discussion labels Jul 19, 2022
@KomachiSion KomachiSion added this to the 2.1.1 milestone Jul 19, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@realJackSun realJackSun

Labels
kind/bug Category issues or prs related to bug.
Projects
None yet
Milestone
2.1.1
Development

No branches or pull requests
4 participants
@CherishCai @li-xiao-shuang @KomachiSion @realJackSun