[jboss-jira] [JBoss JIRA] (WFWIP-92) SNI - circular dependency causes server to crash

Jan Stourac (JIRA) issues at jboss.org
Wed Aug 8 17:15:00 EDT 2018 

     [ https://issues.jboss.org/browse/WFWIP-92?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Jan Stourac updated WFWIP-92:
-----------------------------
    Steps to Reproduce: 
Note: {{application.keystore}} has to be present in standalone/configuration server directory
{code}
/subsystem=elytron/key-store=ks:add(credential-reference={clear-text=password},type=JKS,relative-to=jboss.server.config.dir,path=application.keystore)
/subsystem=elytron/key-manager=km:add(credential-reference={clear-text=password},key-store=ks)
/subsystem=elytron/server-ssl-context=srvSslCtx:add(key-manager=km)
/subsystem=elytron/server-ssl-sni-context=srvSniSslCtx:add(default-ssl-context=srvSslCtx)
batch
/subsystem=undertow/server=default-server/https-listener=https:undefine-attribute(name=security-realm)
/subsystem=undertow/server=default-server/https-listener=https:write-attribute(name=ssl-context,value=srvSniSslCtx)
run-batch
reload
/subsystem=elytron/server-ssl-sni-context=srvSniSslCtx/sni-mapping=server:add(ssl-context=srvSniSslCtx)
reload
{code}

  was:
{code}
/subsystem=elytron/key-store=ks:add(credential-reference={clear-text=password},type=JKS,relative-to=jboss.server.config.dir,path=application.keystore)
/subsystem=elytron/key-manager=km:add(credential-reference={clear-text=password},key-store=ks)
/subsystem=elytron/server-ssl-context=srvSslCtx:add(key-manager=km)
/subsystem=elytron/server-ssl-sni-context=srvSniSslCtx:add(default-ssl-context=srvSslCtx)
/subsystem=elytron/server-ssl-sni-context=srvSniSslCtx/sni-mapping=server:add(ssl-context=srvSniSslCtx)
{code}



> SNI - circular dependency causes server to crash
> ------------------------------------------------
>
>                 Key: WFWIP-92
>                 URL: https://issues.jboss.org/browse/WFWIP-92
>             Project: WildFly WIP
>          Issue Type: Bug
>         Environment: Wildfly build with undertow and wildfly-core modules build from following sources:
> * https://github.com/stuartwdouglas/undertow/tree/sni
> * https://github.com/stuartwdouglas/wildfly-core/tree/sni
>            Reporter: Jan Stourac
>            Assignee: Stuart Douglas
>              Labels: SNI
>
> When I try to utilize recently added {{server-ssl-sni-context}} and put its reference again in the {{sni-mapping}}, after a server reload the server completely crash and one has to restore configuration manually:
> {code:title=command example}
> /subsystem=elytron/server-ssl-sni-context=srvSniSslCtx/sni-mapping=server:add(ssl-context=srvSniSslCtx)
> {code}
> {code:title=server.log output}
> 22:58:51,998 ERROR [org.jboss.as.controller.management-operation] (ServerService Thread Pool -- 44) WFLYCTL0013: Operation ("add") failed - address: ([
>     ("subsystem" => "elytron"),
>     ("server-ssl-sni-context" => "srvSniSslCtx")
> ]): org.jboss.msc.service.CircularDependencyException: Container jboss-as has a circular dependency: [service org.wildfly.security.ssl-context.srvSniSslCtx]
> 	at org.jboss.msc.service.ServiceContainerImpl.detectCircularity(ServiceContainerImpl.java:803)
> 	at org.jboss.msc.service.ServiceContainerImpl.detectCircularity(ServiceContainerImpl.java:784)
> 	at org.jboss.msc.service.ServiceContainerImpl.install(ServiceContainerImpl.java:761)
> 	at org.jboss.msc.service.ServiceTargetImpl.install(ServiceTargetImpl.java:260)
> 	at org.jboss.msc.service.ServiceControllerImpl$ChildServiceTarget.install(ServiceControllerImpl.java:2056)
> 	at org.jboss.msc.service.ServiceTargetImpl.install(ServiceTargetImpl.java:260)
> 	at org.jboss.msc.service.ServiceControllerImpl$ChildServiceTarget.install(ServiceControllerImpl.java:2056)
> 	at org.jboss.msc.service.ObsoleteServiceBuilderImpl.install(ObsoleteServiceBuilderImpl.java:293)
> 	at org.jboss.as.controller.OperationContextImpl.installService(OperationContextImpl.java:2034)
> 	at org.jboss.as.controller.OperationContextImpl.access$600(OperationContextImpl.java:132)
> 	at org.jboss.as.controller.OperationContextImpl$2$1.installService(OperationContextImpl.java:761)
> 	at org.jboss.as.controller.OperationContextImpl$ContextServiceBuilder.install(OperationContextImpl.java:2165)
> 	at org.jboss.msc.service.DelegatingServiceBuilder.install(DelegatingServiceBuilder.java:104)
> 	at org.wildfly.extension.elytron.TrivialAddHandler.performRuntime(TrivialAddHandler.java:72)
> 	at org.jboss.as.controller.AbstractAddStepHandler$1.execute(AbstractAddStepHandler.java:159)
> 	at org.jboss.as.controller.AbstractOperationContext.executeStep(AbstractOperationContext.java:999)
> 	at org.jboss.as.controller.AbstractOperationContext.processStages(AbstractOperationContext.java:743)
> 	at org.jboss.as.controller.AbstractOperationContext.executeOperation(AbstractOperationContext.java:467)
> 	at org.jboss.as.controller.ParallelBootOperationStepHandler$ParallelBootTask.run(ParallelBootOperationStepHandler.java:384)
> 	at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
> 	at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1985)
> 	at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1487)
> 	at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1349)
> 	at java.lang.Thread.run(Thread.java:748)
> 	at org.jboss.threads.JBossThread.run(JBossThread.java:485)
> {code}
> I understand that such configuration does not make sense, although it would be nice if we could detect this problem ahead to avoid server crush. Is it possible?



--
This message was sent by Atlassian JIRA
(v7.5.0#75005)

More information about the jboss-jira mailing list