Uploaded image for project: 'A-MQ Broker'
  1. A-MQ Broker
  2. ENTMQBR-967

[AMQ 7.1.0 CR1.1] limit non-ssl connection, handshake-timeout not configurable

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Done
    • Priority: Major
    • Resolution: Done
    • Affects Version/s: AMQ 7.1.0.GA
    • Fix Version/s: AMQ 7.2.0.GA
    • Component/s: None
    • Target Release:
    • Steps to Reproduce:
      Hide
      1. Create new instance of artemis broker.
      2. Add "handshake-timeout" to any acceptor in borker.xml like in the following example with significantly longer value than default one. 

        <acceptor name="amqp">tcp://0.0.0.0:5672?tcpSendBufferSize=1048576;tcpReceiveBufferSize=1048576;protocols=AMQP;useEpoll=true;amqpCredits=1000;amqpMinCredits=300;handshake-timeout=30</acceptor>

      3. start the broker with run command 

        <PATH_TO_BROKER_INSTANCE>/bin/artemis run

      4. in separate terminal try to connect to modified acceptor with Netcat tool just to open new socket 

        nc -4 -w 40 <IPv4_addres_of_broker> 5672

      5. wait for following error to appear: 

        ERROR [org.apache.activemq.artemis.core.server] AMQ224088: Timeout (10 seconds) while handshaking has occurred.

        It will happend in ~10 seconds.

      6. kill Netcat, kill broker
      7. change configuration to significantly shorter timeout (2 seconds)
      8. try to run broker and netcat again. Error message will appear in the same interval as with (previously configured) longer time out.
      Show
      Create new instance of artemis broker. Add "handshake-timeout" to any acceptor in borker.xml like in the following example with significantly longer value than default one. <acceptor name="amqp">tcp://0.0.0.0:5672?tcpSendBufferSize=1048576;tcpReceiveBufferSize=1048576;protocols=AMQP;useEpoll=true;amqpCredits=1000;amqpMinCredits=300;handshake-timeout=30</acceptor> start the broker with run command <PATH_TO_BROKER_INSTANCE>/bin/artemis run in separate terminal try to connect to modified acceptor with Netcat tool just to open new socket nc -4 -w 40 <IPv4_addres_of_broker> 5672 wait for following error to appear: ERROR [org.apache.activemq.artemis.core.server] AMQ224088: Timeout (10 seconds) while handshaking has occurred. It will happend in ~10 seconds. kill Netcat, kill broker change configuration to significantly shorter timeout (2 seconds) try to run broker and netcat again. Error message will appear in the same interval as with (previously configured) longer time out.
    • Affects:
      Release Notes
    • Release Notes Text:
      Previously, the broker did not disconnect unauthenticated clients. With AMQ Broker 7.2, you can use the configuration parameter handshake-timeout to limit the amount of time that an unauthenticated client can remain connected.
    • Release Notes Docs Status:
      Documented as Resolved Issue

      Description

      "handshake-timeout" option for acceptor in broker.xml doesn't influence actual time out. Connection is always cut after 10 seconds (default value) regardless actual value configured.

        Gliffy Diagrams

          Attachments

            Issue Links

            is caused by

            Enhancement - An enhancement or refactoring of existing functionality ENTMQBR-427 limit non-ssl connection hangs up exceeding client(s)

            • Major - A request that should be considered seriously but is not a show stopper.
            • Done
            cloned to

            ARTEMIS-1581 Loading...

              Activity

                People

                • Assignee:
                  sknot Stanislav Knot
                  Reporter:
                  rvais Roman Vais
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  4 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: