Details
-
Bug
-
Resolution: Done
-
Major
-
3.1
-
None
Description
I am running 3.1.0-FINAL and have observed that message headers are not
being encrypted even though the "encrypt_entire_message" option is set to
true. After stepping through the code I suspect that the headers are being
appended to the output stream that is used at the TCP layer.
Specifically...
org.jgroups.protocols.ENCRYPT.sendDown(Event evt) will encrypt the message
(including headers) and send down the stack via this block...
private void sendDown(Event evt) throws Exception { ... EncryptHeader hdr=new EncryptHeader(EncryptHeader.ENCRYPT, getSymVersion()); hdr.encrypt_entire_msg=this.encrypt_entire_message; if(encrypt_entire_message) { byte[] serialized_msg=Util.streamableToByteBuffer(msg); byte[] encrypted_msg=encryptMessage(symEncodingCipher, serialized_msg, 0, serialized_msg.length); Message tmp=msg.copy(false); // we need to preserve headers which may already be present tmp.setBuffer(encrypted_msg); if(tmp.getSrc() == null) tmp.setSrc(local_addr); tmp.putHeader(this.id, hdr); passItDown(new Event(Event.MSG, tmp)); return; } ... }
Note that the unencrypted headers are preserved even though the encrypted
headers are included in "encrypted_msg".
Later on, org.jgroups.protocols.TP.writeMessage(Message msg, DataOutputStream dos, boolean multicast) will call
Message.writeTo(DataOutput) to build the message that is sent. The problem
seems to be that Message.writeTo(DataOutput) will include the encrypted
byte[] (expected) but also include the unencrypted headers that were
preserved.
