zydronium/google-nomulus
1
0
Fork 0
mirror of https://github.com/google/nomulus.git synced 2025-05-13 16:07:15 +02:00
Code Issues Projects Releases Packages Wiki Activity

Log remote IP when EPP SSL handshake fails

Browse source 
This makes it easy to debug issues when registrars cannot finish SSL
handshake. There's no privacy concerns because we keep a record of the
registrars' IP address in our whitelist anyway.

The remote address attribute it set by the ProxyProtocolHandler, which runs before anything is done. The GCLP added the protocol header at the beginning of a stream, so we know that by the time handshake is finished (successful or not), this key must be set.

-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=209169683
This commit is contained in:
jianglai 2018-08-17 10:34:10 -07:00
parent d2f849ac0f
commit 0065e52d84
1 changed files with 2 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

3
java/google/registry/proxy/handler/EppServiceHandler.java
View file

@ -119,7 +119,8 @@ public class EppServiceHandler extends HttpsRelayServiceHandler {
channelRead(ctx, Unpooled.wrappedBuffer(helloBytes)); channelRead(ctx, Unpooled.wrappedBuffer(helloBytes));
} else { } else {
logger.atWarning().withCause(promise.cause()).log( logger.atWarning().withCause(promise.cause()).log(
"Cannot finish handshake for channel %s", ctx.channel()); "Cannot finish handshake for channel %s, remote IP %s",
ctx.channel(), ctx.channel().attr(REMOTE_ADDRESS_KEY).get());
ChannelFuture unusedFuture = ctx.close(); ChannelFuture unusedFuture = ctx.close();
} }
}); });