vertx-sql-client icon indicating copy to clipboard operation
vertx-sql-client copied to clipboard
verified publisher icon eclipse-vertx

Issues with ssl connection

Open nabil-mansouri opened this issue 3 years ago • 5 comments

Questions

We are trying to use vertx-sql-client driver with a Postgres database using SSL connection. We have found that the driver is not working neither in a worker context neither in event loop context.

This check is failing, the verticle is loosing his context: https://github.com/eclipse-vertx/vertx-sql-client/blob/d00b8ae2ff8d915854b9ded53802b07a70a325ff/vertx-sql-client/src/main/java/io/vertx/sqlclient/impl/SocketConnectionBase.java#L134

if (context != this.context) { throw new IllegalStateException(); }

This error occured only when this function is called "socket.upgradeToSslConnection" :

https://github.com/eclipse-vertx/vertx-sql-client/blob/9143c90114fe37c87f4a1860982eef53cc8e6bad/vertx-pg-client/src/main/java/io/vertx/pgclient/impl/PgConnectionFactory.java#L137

Version

Which version(s) did you encounter this bug ?

We are using vertx-sql-client 3.9.5 and vertx 3.9.5

Context

When we try to use the driver inside a worker we have an: SSL Handshake Error We tried to use the driver without SSL connection : it works Then we tried to use the driver in an event loop thread: it works half the time we need to restart to make it works and if we restart again it does not works

We supposed that the driver is not working with SSL (and it is worse inside a worker).

Steps to reproduce

  1. Create a verticle (prefer a worker)
  2. Configure postgres 14 using SSL connection
  3. Make any query using the driver
  4. Expect a connection failed : with a "SSL Handshake failed" error inside a worker or IllegalStateException inside event loop.

Extra

OS Version: Debian 11 JVM version: openjdk version "1.8.0_322" 64 bits Postgres 14

nabil-mansouri avatar Dec 06 '22 09:12 nabil-mansouri

can you provide a reproducer ? (e.g with docker), we do test with SSL and it works fine for us.

vietj avatar Dec 08 '22 07:12 vietj

can you provide a reproducer ? (e.g with docker), we do test with SSL and it works fine for us.

Hi, thanks for your reply.

You can find here an example: https://github.com/opendigitaleducation/pg-ssl-sample

In this project there are 3 tests cases:

shouldSucceedToInitFromEventLoop

This test calls Postgres Driver using SSL connection from a verticle running in the event loop => it works well

shouldFailToInitFromWorker

This test calls Postgres Driver using SSL connection from a verticle running in a worker => it does not work

shouldFailRandomlyToInitFromWorkerUsingBus

This test calls Postgres Driver using SSL connection from a verticle running in a worker but by delegating the call to another verticle running in event loop => it works randomly in our production environnement (but i was not able to reproduce it in my test case)

nabil-mansouri avatar Dec 14 '22 11:12 nabil-mansouri

thank I will have a look

vietj avatar Dec 19 '22 14:12 vietj

actually I didn't realize until now, vertx 3 does not support correctly the PG client from a worker thread and this version support is actually ending soon (end of this year). you should upgrade to Vert.x 4 your system where we do support properly using the vertx PG client in a worker.

vietj avatar Dec 20 '22 10:12 vietj

I'm leaving the bug open as it is an actual bug, I'm not saying the above to escape this of course

vietj avatar Dec 20 '22 10:12 vietj