Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-26125

[CLUSTERING] rejected decryption of unicast message from non-member

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Major Major
    • None
    • 8.0.0.GA-CR1, 8.0.0.GA-CR2, 8.1.0.Beta
    • Clustering
    • None
    • False
    • Hide

      None

      Show
      None
    • False

      Scenario: we have a 4 nodes cluster where each node is configured to use Asymmetric encryption for clustered traffic:

      embed-server --server-config=standalone-ha.xml
/subsystem=infinispan/cache-container=web/distributed-cache=testDist:add()
/subsystem=infinispan/cache-container=web/distributed-cache=testDist/component=locking:write-attribute(name=isolation, value=REPEATABLE_READ)
/subsystem=infinispan/cache-container=web/distributed-cache=testDist/component=transaction:write-attribute(name=mode, value=BATCH)
/subsystem=infinispan/cache-container=web:write-attribute(name=default-cache, value=testDist)
# ASYM_ENCRYPT: Configured with algorithms and key sizes: secret key is generated and distributed by coordinator
batch
/subsystem=jgroups/stack=udp/protocol=AUTH:add(add-index=8)
/subsystem=jgroups/stack=udp/protocol=AUTH/token=digest:add(algorithm=SHA-512, shared-secret-reference={clear-text=123PIPPOBAUDO})
/subsystem=jgroups/stack=tcp/protocol=AUTH:add(add-index=8)
/subsystem=jgroups/stack=tcp/protocol=AUTH/token=digest:add(algorithm=SHA-512, shared-secret-reference={clear-text=123PIPPOBAUDO})
run-batch
/subsystem=jgroups/stack=udp/protocol=ASYM_ENCRYPT:add(add-index=5,properties={sym_keylength=128,sym_algorithm=AES/ECB/PKCS5Padding,asym_keylength=512,asym_algorithm=RSA})
/subsystem=jgroups/stack=tcp/protocol=ASYM_ENCRYPT:add(add-index=5,properties={sym_keylength=128,sym_algorithm=AES/ECB/PKCS5Padding,asym_keylength=512,asym_algorithm=RSA})
# we had an error with UDP on PSI
if (outcome != success) of /subsystem=jgroups:read-attribute(name=default-stack)
/subsystem=jgroups/channel=ee:write-attribute(name=stack,value=tcp)
else
/subsystem=jgroups:write-attribute(name=default-stack,value=tcp)
/subsystem=jgroups/channel=ee:write-attribute(name=stack,value=tcp)
end-if

      When, at the end of the test, the nodes are shut down, we observe the following error on node4 when node1 and node2 are already shut down and node3 has just been shut down:

      2023-11-20 20:18:11,589 INFO  [org.infinispan.CLUSTER] (thread-40,ejb,wildfly4) ISPN100001: Node wildfly3 left the cluster
2023-11-20 20:18:11,593 ERROR [org.jgroups.protocols.ASYM_ENCRYPT] (thread-38,ejb,wildfly4) wildfly4: rejected decryption of unicast message from non-member wildfly3

      Complete logs in eap-8.x-clustering-http-session-encrypt-asym#150.zip

        1. eap-8.x-clustering-http-session-encrypt-asym#150.zip
          188 kB

              rhn-engineering-rhusar Radoslav Husar
              tborgato@redhat.com Tommaso Borgato
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated: