diff --git a/akka-actor/src/main/scala/akka/actor/ActorRef.scala b/akka-actor/src/main/scala/akka/actor/ActorRef.scala index 523a12e44b..52c5bc2f0c 100644 --- a/akka-actor/src/main/scala/akka/actor/ActorRef.scala +++ b/akka-actor/src/main/scala/akka/actor/ActorRef.scala @@ -7,13 +7,15 @@ package akka.actor import scala.collection.immutable import akka.dispatch._ import akka.dispatch.sysmsg._ -import java.lang.{ UnsupportedOperationException, IllegalStateException } -import akka.serialization.{ Serialization, JavaSerializer } -import akka.event.EventStream +import java.lang.{ IllegalStateException, UnsupportedOperationException } + +import akka.serialization.{ JavaSerializer, Serialization } +import akka.event.{ EventStream, Logging, LoggingAdapter, MarkerLoggingAdapter } + import scala.annotation.tailrec import java.util.concurrent.ConcurrentHashMap -import akka.event.{ Logging, LoggingAdapter } import java.util.concurrent.atomic.AtomicReference + import scala.util.control.NonFatal object ActorRef { @@ -606,7 +608,7 @@ private[akka] class VirtualPathContainer( override val provider: ActorRefProvider, override val path: ActorPath, override val getParent: InternalActorRef, - val log: LoggingAdapter) extends MinimalActorRef { + val log: MarkerLoggingAdapter) extends MinimalActorRef { private val children = new ConcurrentHashMap[String, InternalActorRef] diff --git a/akka-actor/src/main/scala/akka/actor/ActorRefProvider.scala b/akka-actor/src/main/scala/akka/actor/ActorRefProvider.scala index bf99880055..16d69cd3a6 100644 --- a/akka-actor/src/main/scala/akka/actor/ActorRefProvider.scala +++ b/akka-actor/src/main/scala/akka/actor/ActorRefProvider.scala @@ -499,7 +499,7 @@ private[akka] class LocalActorRefProvider private[akka] ( override val rootPath: ActorPath = RootActorPath(Address("akka", _systemName)) - private[akka] val log: LoggingAdapter = Logging(eventStream, getClass.getName + "(" + rootPath.address + ")") + private[akka] val log: MarkerLoggingAdapter = Logging.withMarker(eventStream, getClass.getName + "(" + rootPath.address + ")") override val deadLetters: InternalActorRef = _deadLetters.getOrElse((p: ActorPath) ⇒ new DeadLetterActorRef(this, p, eventStream)).apply(rootPath / "deadLetters") diff --git a/akka-actor/src/main/scala/akka/actor/ActorSystem.scala b/akka-actor/src/main/scala/akka/actor/ActorSystem.scala index bd9afb83a2..fed18c491f 100644 --- a/akka-actor/src/main/scala/akka/actor/ActorSystem.scala +++ b/akka-actor/src/main/scala/akka/actor/ActorSystem.scala @@ -537,7 +537,7 @@ private[akka] class ActorSystemImpl( case _ ⇒ if (settings.JvmExitOnFatalError) { try { - log.error(cause, "Uncaught error from thread [{}] shutting down JVM since 'akka.jvm-exit-on-fatal-error' is enabled", thread.getName) + markerLogging.error(LogMarker.Security, cause, "Uncaught error from thread [{}] shutting down JVM since 'akka.jvm-exit-on-fatal-error' is enabled", thread.getName) import System.err err.print("Uncaught error from thread [") err.print(thread.getName) @@ -550,7 +550,7 @@ private[akka] class ActorSystemImpl( System.exit(-1) } } else { - log.error(cause, "Uncaught fatal error from thread [{}] shutting down ActorSystem [{}]", thread.getName, name) + markerLogging.error(LogMarker.Security, cause, "Uncaught fatal error from thread [{}] shutting down ActorSystem [{}]", thread.getName, name) terminate() } } @@ -605,7 +605,8 @@ private[akka] class ActorSystemImpl( dynamicAccess.createInstanceFor[LoggingFilter](LoggingFilter, arguments).get } - val log: LoggingAdapter = new BusLogging(eventStream, getClass.getName + "(" + name + ")", this.getClass, logFilter) + private[this] val markerLogging = new MarkerLoggingAdapter(eventStream, getClass.getName + "(" + name + ")", this.getClass, logFilter) + val log: LoggingAdapter = markerLogging val scheduler: Scheduler = createScheduler() diff --git a/akka-actor/src/main/scala/akka/event/Logging.scala b/akka-actor/src/main/scala/akka/event/Logging.scala index ea3292bb3e..f15bfd20b0 100644 --- a/akka-actor/src/main/scala/akka/event/Logging.scala +++ b/akka-actor/src/main/scala/akka/event/Logging.scala @@ -1398,6 +1398,8 @@ object LogMarker { case None ⇒ None } + private[akka] final val Security = apply("SECURITY") + } /** @@ -1678,3 +1680,49 @@ object NoLogging extends LoggingAdapter { final protected override def notifyInfo(message: String): Unit = () final protected override def notifyDebug(message: String): Unit = () } +/** + * NoLogging is a MarkerLoggingAdapter that does absolutely nothing – no logging at all. + */ +object NoMarkerLogging extends MarkerLoggingAdapter(null, "source", classOf[String], null) { + + /** + * Java API to return the reference to NoLogging + * @return The NoLogging instance + */ + def getInstance = this + + final override def isErrorEnabled = false + final override def isWarningEnabled = false + final override def isInfoEnabled = false + final override def isDebugEnabled = false + + final protected override def notifyError(message: String): Unit = () + final protected override def notifyError(cause: Throwable, message: String): Unit = () + final protected override def notifyWarning(message: String): Unit = () + final protected override def notifyInfo(message: String): Unit = () + final protected override def notifyDebug(message: String): Unit = () + final override def error(marker: LogMarker, cause: Throwable, message: String): Unit = () + final override def error(marker: LogMarker, cause: Throwable, template: String, arg1: Any): Unit = () + final override def error(marker: LogMarker, cause: Throwable, template: String, arg1: Any, arg2: Any): Unit = () + final override def error(marker: LogMarker, cause: Throwable, template: String, arg1: Any, arg2: Any, arg3: Any): Unit = () + final override def error(marker: LogMarker, cause: Throwable, template: String, arg1: Any, arg2: Any, arg3: Any, arg4: Any): Unit = () + final override def error(marker: LogMarker, message: String): Unit = () + final override def error(marker: LogMarker, template: String, arg1: Any): Unit = () + final override def error(marker: LogMarker, template: String, arg1: Any, arg2: Any): Unit = () + final override def error(marker: LogMarker, template: String, arg1: Any, arg2: Any, arg3: Any): Unit = () + final override def error(marker: LogMarker, template: String, arg1: Any, arg2: Any, arg3: Any, arg4: Any): Unit = () + final override def warning(marker: LogMarker, message: String): Unit = () + final override def warning(marker: LogMarker, template: String, arg1: Any): Unit = () + final override def warning(marker: LogMarker, template: String, arg1: Any, arg2: Any): Unit = () + final override def warning(marker: LogMarker, template: String, arg1: Any, arg2: Any, arg3: Any): Unit = () + final override def warning(marker: LogMarker, template: String, arg1: Any, arg2: Any, arg3: Any, arg4: Any): Unit = () + final override def info(marker: LogMarker, message: String): Unit = () + final override def info(marker: LogMarker, template: String, arg1: Any, arg2: Any): Unit = () + final override def info(marker: LogMarker, template: String, arg1: Any, arg2: Any, arg3: Any): Unit = () + final override def info(marker: LogMarker, template: String, arg1: Any, arg2: Any, arg3: Any, arg4: Any): Unit = () + final override def debug(marker: LogMarker, message: String): Unit = () + final override def debug(marker: LogMarker, template: String, arg1: Any): Unit = () + final override def debug(marker: LogMarker, template: String, arg1: Any, arg2: Any): Unit = () + final override def debug(marker: LogMarker, template: String, arg1: Any, arg2: Any, arg3: Any): Unit = () + final override def debug(marker: LogMarker, template: String, arg1: Any, arg2: Any, arg3: Any, arg4: Any): Unit = () +} diff --git a/akka-actor/src/main/scala/akka/serialization/Serialization.scala b/akka-actor/src/main/scala/akka/serialization/Serialization.scala index 5143402ec7..9ad0134e6c 100644 --- a/akka-actor/src/main/scala/akka/serialization/Serialization.scala +++ b/akka-actor/src/main/scala/akka/serialization/Serialization.scala @@ -6,16 +6,19 @@ package akka.serialization import com.typesafe.config.Config import akka.actor._ -import akka.event.Logging +import akka.event.{ LogMarker, Logging } import java.util.concurrent.ConcurrentHashMap + import scala.collection.mutable.ArrayBuffer import java.io.NotSerializableException -import scala.util.{ Try, DynamicVariable, Failure } + +import scala.util.{ DynamicVariable, Failure, Try } import scala.collection.immutable import scala.util.control.NonFatal import scala.util.Success import java.nio.ByteBuffer import java.util.concurrent.atomic.AtomicReference + import scala.annotation.tailrec import java.util.NoSuchElementException @@ -94,7 +97,7 @@ class Serialization(val system: ExtendedActorSystem) extends Extension { import Serialization._ val settings = new Settings(system.settings.config) - val log = Logging(system, getClass.getName) + val log = Logging.withMarker(system, getClass.getName) private val manifestCache = new AtomicReference[Map[String, Option[Class[_]]]](Map.empty[String, Option[Class[_]]]) /** @@ -223,13 +226,13 @@ class Serialization(val system: ExtendedActorSystem) extends Extension { throw new NotSerializableException("No configured serialization-bindings for class [%s]" format clazz.getName) case possibilities ⇒ if (!unique(possibilities)) - log.warning("Multiple serializers found for " + clazz + ", choosing first: " + possibilities) + log.warning(LogMarker.Security, "Multiple serializers found for " + clazz + ", choosing first: " + possibilities) possibilities(0)._2 } serializerMap.putIfAbsent(clazz, ser) match { case null ⇒ if (shouldWarnAboutJavaSerializer(clazz, ser)) { - log.warning("Using the default Java serializer for class [{}] which is not recommended because of " + + log.warning(LogMarker.Security, "Using the default Java serializer for class [{}] which is not recommended because of " + "performance implications. Use another serializer or disable this warning using the setting " + "'akka.actor.warn-about-java-serializer-usage'", clazz.getName) } diff --git a/akka-remote/src/main/scala/akka/remote/Endpoint.scala b/akka-remote/src/main/scala/akka/remote/Endpoint.scala index 497f179141..5ed21c8b94 100644 --- a/akka-remote/src/main/scala/akka/remote/Endpoint.scala +++ b/akka-remote/src/main/scala/akka/remote/Endpoint.scala @@ -8,24 +8,26 @@ import akka.actor.SupervisorStrategy._ import akka.actor.Terminated import akka.actor._ import akka.dispatch.sysmsg.SystemMessage -import akka.event.{ Logging, LoggingAdapter } +import akka.event.{ LogMarker, Logging, LoggingAdapter, MarkerLoggingAdapter } import akka.pattern.pipe -import akka.remote.EndpointManager.{ ResendState, Link, Send } -import akka.remote.EndpointWriter.{ StoppedReading, FlushAndStop } +import akka.remote.EndpointManager.{ Link, ResendState, Send } +import akka.remote.EndpointWriter.{ FlushAndStop, StoppedReading } import akka.remote.WireFormats.SerializedMessage import akka.remote.transport.AkkaPduCodec.Message -import akka.remote.transport.AssociationHandle.{ DisassociateInfo, ActorHandleEventListener, Disassociated, InboundPayload } +import akka.remote.transport.AssociationHandle.{ ActorHandleEventListener, DisassociateInfo, Disassociated, InboundPayload } import akka.remote.transport.Transport.InvalidAssociationException import akka.remote.transport._ import akka.serialization.Serialization import akka.util.ByteString -import akka.{ OnlyCauseStackTrace, AkkaException } +import akka.{ AkkaException, OnlyCauseStackTrace } import java.io.NotSerializableException -import java.util.concurrent.{ TimeUnit, TimeoutException, ConcurrentHashMap } +import java.util.concurrent.{ ConcurrentHashMap, TimeUnit, TimeoutException } + import scala.annotation.tailrec -import scala.concurrent.duration.{ Deadline } +import scala.concurrent.duration.Deadline import scala.util.control.NonFatal import java.util.concurrent.locks.LockSupport + import scala.concurrent.Future import akka.util.OptionVal import akka.util.OptionVal @@ -47,7 +49,7 @@ private[remote] trait InboundMessageDispatcher { private[remote] class DefaultMessageDispatcher( private val system: ExtendedActorSystem, private val provider: RemoteActorRefProvider, - private val log: LoggingAdapter) extends InboundMessageDispatcher { + private val log: MarkerLoggingAdapter) extends InboundMessageDispatcher { private val remoteDaemon = provider.remoteDaemon @@ -69,7 +71,7 @@ private[remote] class DefaultMessageDispatcher( recipient match { case `remoteDaemon` ⇒ - if (UntrustedMode) log.debug("dropping daemon message in untrusted mode") + if (UntrustedMode) log.debug(LogMarker.Security, "dropping daemon message in untrusted mode") else { if (LogReceive) log.debug("received daemon message {}", msgLog) remoteDaemon ! payload @@ -82,6 +84,7 @@ private[remote] class DefaultMessageDispatcher( if (UntrustedMode && (!TrustedSelectionPaths.contains(sel.elements.mkString("/", "/", "")) || sel.msg.isInstanceOf[PossiblyHarmful] || l != provider.rootGuardian)) log.debug( + LogMarker.Security, "operating in UntrustedMode, dropping inbound actor selection to [{}], " + "allow it by adding the path to 'akka.remote.trusted-selection-paths' configuration", sel.elements.mkString("/", "/", "")) @@ -89,7 +92,7 @@ private[remote] class DefaultMessageDispatcher( // run the receive logic for ActorSelectionMessage here to make sure it is not stuck on busy user actor ActorSelection.deliverSelection(l, sender, sel) case msg: PossiblyHarmful if UntrustedMode ⇒ - log.debug("operating in UntrustedMode, dropping inbound PossiblyHarmful message of type [{}]", msg.getClass.getName) + log.debug(LogMarker.Security, "operating in UntrustedMode, dropping inbound PossiblyHarmful message of type [{}]", msg.getClass.getName) case msg: SystemMessage ⇒ l.sendSystemMessage(msg) case msg ⇒ l.!(msg)(sender) } @@ -532,6 +535,7 @@ private[remote] class EndpointWriter( import EndpointWriter._ import context.dispatcher + private val markLog = Logging.withMarker(this) val extendedSystem: ExtendedActorSystem = context.system.asInstanceOf[ExtendedActorSystem] val remoteMetrics = RemoteMetricsExtension(extendedSystem) val backoffDispatcher = context.system.dispatchers.lookup("akka.remote.backoff-remote-dispatcher") @@ -550,7 +554,7 @@ private[remote] class EndpointWriter( } val provider = RARP(extendedSystem).provider - val msgDispatch = new DefaultMessageDispatcher(extendedSystem, provider, log) + val msgDispatch = new DefaultMessageDispatcher(extendedSystem, provider, markLog) val inbound = handle.isDefined var stopReason: DisassociateInfo = AssociationHandle.Unknown diff --git a/akka-remote/src/main/scala/akka/remote/RemoteActorRefProvider.scala b/akka-remote/src/main/scala/akka/remote/RemoteActorRefProvider.scala index 7b8b871941..c8892b3f10 100644 --- a/akka-remote/src/main/scala/akka/remote/RemoteActorRefProvider.scala +++ b/akka-remote/src/main/scala/akka/remote/RemoteActorRefProvider.scala @@ -195,7 +195,7 @@ private[akka] class RemoteActorRefProvider( local.rootPath / "remote", rootGuardian, remotingTerminator, - log, + _log, untrustedMode = remoteSettings.UntrustedMode) local.registerExtraNames(Map(("remote", d))) d @@ -206,7 +206,7 @@ private[akka] class RemoteActorRefProvider( _internals = internals remotingTerminator ! internals - _log = Logging(eventStream, getClass.getName) + _log = Logging.withMarker(eventStream, getClass.getName) // this enables reception of remote requests transport.start() diff --git a/akka-remote/src/main/scala/akka/remote/RemoteDaemon.scala b/akka-remote/src/main/scala/akka/remote/RemoteDaemon.scala index 589ff937af..1550a480ec 100644 --- a/akka-remote/src/main/scala/akka/remote/RemoteDaemon.scala +++ b/akka-remote/src/main/scala/akka/remote/RemoteDaemon.scala @@ -4,14 +4,11 @@ package akka.remote -import java.util -import java.util.Collections - import scala.concurrent.duration._ import scala.annotation.tailrec import scala.util.control.NonFatal import akka.actor.{ Actor, ActorPath, ActorPathExtractor, ActorRef, ActorSystemImpl, AddressTerminated, Deploy, InternalActorRef, Nobody, Props, VirtualPathContainer } -import akka.event.LoggingAdapter +import akka.event.{ AddressTerminatedTopic, LogMarker, LoggingAdapter, MarkerLoggingAdapter } import akka.dispatch.sysmsg.{ DeathWatchNotification, SystemMessage, Watch } import akka.actor.ActorRefWithCell import akka.actor.ActorRefScope @@ -23,13 +20,11 @@ import akka.actor.SelectChildPattern import akka.actor.Identify import akka.actor.ActorIdentity import akka.actor.EmptyLocalActorRef -import akka.event.AddressTerminatedTopic import java.util.concurrent.ConcurrentHashMap -import scala.collection.immutable +import scala.collection.immutable import akka.dispatch.sysmsg.Unwatch import akka.NotUsed -import com.typesafe.config.Config /** * INTERNAL API @@ -54,7 +49,7 @@ private[akka] class RemoteSystemDaemon( _path: ActorPath, _parent: InternalActorRef, terminator: ActorRef, - _log: LoggingAdapter, + _log: MarkerLoggingAdapter, val untrustedMode: Boolean) extends VirtualPathContainer(system.provider, _path, _parent, _log) { @@ -163,8 +158,9 @@ private[akka] class RemoteSystemDaemon( doCreateActor(message, props, deploy, path, supervisor) else { val ex = new NotWhitelistedClassRemoteDeploymentAttemptException(props.actorClass, remoteDeploymentWhitelist) - log.error(ex, "Received command to create remote Actor, but class [{}] is not white-listed! " + - "Target path: [{}]", props.actorClass, path) // TODO add security marker? + log.error(LogMarker.Security, ex, + "Received command to create remote Actor, but class [{}] is not white-listed! " + + "Target path: [{}]", props.actorClass, path) } case DaemonMsgCreate(props, deploy, path, supervisor) ⇒ doCreateActor(message, props, deploy, path, supervisor) @@ -211,7 +207,7 @@ private[akka] class RemoteSystemDaemon( case _ ⇒ // skip, this child doesn't belong to the terminated address } - case unknown ⇒ log.warning("Unknown message [{}] received by [{}]", unknown, this) + case unknown ⇒ log.warning(LogMarker.Security, "Unknown message [{}] received by [{}]", unknown, this) } catch { case NonFatal(e) ⇒ log.error(e, "exception while processing remote command [{}] from [{}]", msg, sender) diff --git a/akka-remote/src/main/scala/akka/remote/artery/MessageDispatcher.scala b/akka-remote/src/main/scala/akka/remote/artery/MessageDispatcher.scala index d60f43f476..33c4fc917b 100644 --- a/akka-remote/src/main/scala/akka/remote/artery/MessageDispatcher.scala +++ b/akka-remote/src/main/scala/akka/remote/artery/MessageDispatcher.scala @@ -13,11 +13,10 @@ import akka.actor.LocalRef import akka.actor.PossiblyHarmful import akka.actor.RepointableRef import akka.dispatch.sysmsg.SystemMessage -import akka.event.Logging +import akka.event.{ LogMarker, Logging, LoggingReceive } import akka.remote.RemoteActorRefProvider import akka.remote.RemoteRef import akka.util.OptionVal -import akka.event.LoggingReceive /** * INTERNAL API @@ -27,7 +26,7 @@ private[remote] class MessageDispatcher( provider: RemoteActorRefProvider) { private val remoteDaemon = provider.remoteDaemon - private val log = Logging(system, getClass.getName) + private val log = Logging.withMarker(system, getClass.getName) private val debugLogEnabled = log.isDebugEnabled def dispatch( @@ -47,6 +46,7 @@ private[remote] class MessageDispatcher( case `remoteDaemon` ⇒ if (UntrustedMode) { if (debugLogEnabled) log.debug( + LogMarker.Security, "dropping daemon message [{}] in untrusted mode", messageClassName(message)) } else { @@ -65,6 +65,7 @@ private[remote] class MessageDispatcher( if (UntrustedMode && (!TrustedSelectionPaths.contains(sel.elements.mkString("/", "/", "")) || sel.msg.isInstanceOf[PossiblyHarmful] || l != provider.rootGuardian)) { if (debugLogEnabled) log.debug( + LogMarker.Security, "operating in UntrustedMode, dropping inbound actor selection to [{}], " + "allow it by adding the path to 'akka.remote.trusted-selection-paths' configuration", sel.elements.mkString("/", "/", "")) @@ -73,6 +74,7 @@ private[remote] class MessageDispatcher( ActorSelection.deliverSelection(l, sender, sel) case msg: PossiblyHarmful if UntrustedMode ⇒ if (debugLogEnabled) log.debug( + LogMarker.Security, "operating in UntrustedMode, dropping inbound PossiblyHarmful message of type [{}] to [{}] from [{}]", messageClassName(msg), recipient, senderOption.getOrElse(originAddress.getOrElse(""))) case msg: SystemMessage ⇒ l.sendSystemMessage(msg) diff --git a/akka-remote/src/main/scala/akka/remote/transport/AkkaProtocolTransport.scala b/akka-remote/src/main/scala/akka/remote/transport/AkkaProtocolTransport.scala index 8a0ac30caa..89c1e58fa5 100644 --- a/akka-remote/src/main/scala/akka/remote/transport/AkkaProtocolTransport.scala +++ b/akka-remote/src/main/scala/akka/remote/transport/AkkaProtocolTransport.scala @@ -4,6 +4,7 @@ package akka.remote.transport import java.util.concurrent.TimeoutException + import akka.actor.SupervisorStrategy.Stop import akka.actor._ import akka.pattern.pipe @@ -16,13 +17,15 @@ import akka.remote.transport.ProtocolStateActor._ import akka.remote.transport.Transport._ import akka.util.ByteString import akka.util.Helpers.Requiring -import akka.{ OnlyCauseStackTrace, AkkaException } +import akka.{ AkkaException, OnlyCauseStackTrace } import com.typesafe.config.Config + import scala.collection.immutable import scala.concurrent.duration._ import scala.concurrent.{ Future, Promise } import scala.util.control.NonFatal -import akka.dispatch.{ UnboundedMessageQueueSemantics, RequiresMessageQueue } +import akka.dispatch.{ RequiresMessageQueue, UnboundedMessageQueueSemantics } +import akka.event.{ LogMarker, Logging } @SerialVersionUID(1L) class AkkaProtocolException(msg: String, cause: Throwable) extends AkkaException(msg, cause) with OnlyCauseStackTrace { @@ -290,6 +293,8 @@ private[transport] class ProtocolStateActor( extends Actor with FSM[AssociationState, ProtocolStateData] with RequiresMessageQueue[UnboundedMessageQueueSemantics] { + private val markerLog = Logging.withMarker(this) + import ProtocolStateActor._ import context.dispatcher @@ -421,7 +426,7 @@ private[transport] class ProtocolStateActor( s"Association attempt with mismatching cookie from [{}]. Expected [{}] but received [{}].", info.origin, localHandshakeInfo.cookie.getOrElse(""), info.cookie.getOrElse("")) else - log.warning(s"Association attempt with mismatching cookie from [{}].", info.origin) + markerLog.warning(LogMarker.Security, s"Association attempt with mismatching cookie from [{}].", info.origin) stop() } diff --git a/akka-remote/src/main/scala/akka/remote/transport/netty/NettySSLSupport.scala b/akka-remote/src/main/scala/akka/remote/transport/netty/NettySSLSupport.scala index d6a478d189..cd32524f59 100644 --- a/akka-remote/src/main/scala/akka/remote/transport/netty/NettySSLSupport.scala +++ b/akka-remote/src/main/scala/akka/remote/transport/netty/NettySSLSupport.scala @@ -5,15 +5,17 @@ package akka.remote.transport.netty import akka.ConfigurationException -import akka.event.LoggingAdapter +import akka.event.{ LogMarker, LoggingAdapter, MarkerLoggingAdapter } import akka.japi.Util._ import akka.remote.RemoteTransportException import akka.remote.security.provider.AkkaProvider import com.typesafe.config.Config -import java.io.{ IOException, FileNotFoundException, FileInputStream } +import java.io.{ FileInputStream, FileNotFoundException, IOException } import java.security._ -import javax.net.ssl.{ KeyManagerFactory, TrustManager, TrustManagerFactory, SSLContext } +import javax.net.ssl.{ KeyManagerFactory, SSLContext, TrustManager, TrustManagerFactory } + import org.jboss.netty.handler.ssl.SslHandler + import scala.util.Try /** @@ -48,20 +50,20 @@ private[akka] object NettySSLSupport { /** * Construct a SSLHandler which can be inserted into a Netty server/client pipeline */ - def apply(settings: SSLSettings, log: LoggingAdapter, isClient: Boolean): SslHandler = + def apply(settings: SSLSettings, log: MarkerLoggingAdapter, isClient: Boolean): SslHandler = if (isClient) initializeClientSSL(settings, log) else initializeServerSSL(settings, log) - def initializeCustomSecureRandom(rngName: String, log: LoggingAdapter): SecureRandom = { + def initializeCustomSecureRandom(rngName: String, log: MarkerLoggingAdapter): SecureRandom = { val rng = rngName match { case r @ ("AES128CounterSecureRNG" | "AES256CounterSecureRNG") ⇒ log.debug("SSL random number generator set to: {}", r) SecureRandom.getInstance(r, AkkaProvider) case r @ ("AES128CounterInetRNG" | "AES256CounterInetRNG") ⇒ - log.warning("SSL random number generator {} is deprecated, " + + log.warning(LogMarker.Security, "SSL random number generator {} is deprecated, " + "use AES128CounterSecureRNG or AES256CounterSecureRNG instead", r) SecureRandom.getInstance(r, AkkaProvider) case s @ ("SHA1PRNG" | "NativePRNG") ⇒ - log.debug("SSL random number generator set to: " + s) + log.debug("SSL random number generator set to: {}", s) // SHA1PRNG needs /dev/urandom to be the source on Linux to prevent problems with /dev/random blocking // However, this also makes the seed source insecure as the seed is reused to avoid blocking (not a problem on FreeBSD). SecureRandom.getInstance(s) @@ -71,17 +73,17 @@ private[akka] object NettySSLSupport { new SecureRandom case unknown ⇒ - log.warning("Unknown SSLRandomNumberGenerator [{}] falling back to SecureRandom", unknown) + log.warning(LogMarker.Security, "Unknown SSLRandomNumberGenerator [{}] falling back to SecureRandom", unknown) new SecureRandom } rng.nextInt() // prevent stall on first access rng } - def initializeClientSSL(settings: SSLSettings, log: LoggingAdapter): SslHandler = { + def initializeClientSSL(settings: SSLSettings, log: MarkerLoggingAdapter): SslHandler = { log.debug("Client SSL is enabled, initialising ...") - def constructClientContext(settings: SSLSettings, log: LoggingAdapter, trustStorePath: String, trustStorePassword: String, protocol: String): Option[SSLContext] = + def constructClientContext(settings: SSLSettings, log: MarkerLoggingAdapter, trustStorePath: String, trustStorePassword: String, protocol: String): Option[SSLContext] = try { val rng = initializeCustomSecureRandom(settings.SSLRandomNumberGenerator, log) val trustManagers: Array[TrustManager] = { @@ -114,17 +116,16 @@ private[akka] object NettySSLSupport { case None ⇒ throw new GeneralSecurityException( """Failed to initialize client SSL because SSL context could not be found." + - "Make sure your settings are correct: [trust-store: %s] [trust-store-password: %s] [protocol: %s]""".format( + "Make sure your settings are correct: [trust-store: %s] [protocol: %s]""".format( settings.SSLTrustStore, - settings.SSLTrustStorePassword, settings.SSLProtocol)) } } - def initializeServerSSL(settings: SSLSettings, log: LoggingAdapter): SslHandler = { + def initializeServerSSL(settings: SSLSettings, log: MarkerLoggingAdapter): SslHandler = { log.debug("Server SSL is enabled, initialising ...") - def constructServerContext(settings: SSLSettings, log: LoggingAdapter, keyStorePath: String, keyStorePassword: String, keyPassword: String, protocol: String): Option[SSLContext] = + def constructServerContext(settings: SSLSettings, log: MarkerLoggingAdapter, keyStorePath: String, keyStorePassword: String, keyPassword: String, protocol: String): Option[SSLContext] = try { val rng = initializeCustomSecureRandom(settings.SSLRandomNumberGenerator, log) val factory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm) @@ -162,7 +163,7 @@ private[akka] object NettySSLSupport { new SslHandler(sslEngine) case None ⇒ throw new GeneralSecurityException( """Failed to initialize server SSL because SSL context could not be found. - Make sure your settings are correct: [key-store: %s] [key-store-password: %s] [protocol: %s]""".format( + Make sure your settings are correct: [key-store: %s] [key-store-password: %s] [protocol: %s]""".format( settings.SSLKeyStore, settings.SSLKeyStorePassword, settings.SSLProtocol)) diff --git a/akka-remote/src/main/scala/akka/remote/transport/netty/NettyTransport.scala b/akka-remote/src/main/scala/akka/remote/transport/netty/NettyTransport.scala index 4985efee79..4fb24891f0 100644 --- a/akka-remote/src/main/scala/akka/remote/transport/netty/NettyTransport.scala +++ b/akka-remote/src/main/scala/akka/remote/transport/netty/NettyTransport.scala @@ -280,7 +280,7 @@ class NettyTransport(val settings: NettyTransportSettings, val system: ExtendedA @volatile private var boundTo: Address = _ @volatile private var serverChannel: Channel = _ - private val log = Logging(system, this.getClass) + private val log = Logging.withMarker(system, this.getClass) /** * INTERNAL API diff --git a/akka-remote/src/test/scala/akka/remote/Ticket1978CommunicationSpec.scala b/akka-remote/src/test/scala/akka/remote/Ticket1978CommunicationSpec.scala index 46179a33ea..1dd6306c40 100644 --- a/akka-remote/src/test/scala/akka/remote/Ticket1978CommunicationSpec.scala +++ b/akka-remote/src/test/scala/akka/remote/Ticket1978CommunicationSpec.scala @@ -6,17 +6,21 @@ package akka.remote import akka.testkit._ import akka.actor._ import com.typesafe.config._ + import scala.concurrent.Future import scala.reflect.classTag import akka.pattern.ask -import java.security.{ NoSuchAlgorithmException } +import java.security.NoSuchAlgorithmException + import akka.util.Timeout + import scala.concurrent.Await import scala.concurrent.duration._ -import akka.event.{ NoLogging } -import akka.remote.transport.netty.{ SSLSettings, NettySSLSupport } +import akka.event.{ NoLogging, NoMarkerLogging } +import akka.remote.transport.netty.{ NettySSLSupport, SSLSettings } import Configuration.{ CipherConfig, getCipherConfig } import org.uncommons.maths.random.RandomDotOrgSeedGenerator + import scala.util.control.NonFatal object Configuration { @@ -63,13 +67,13 @@ object Configuration { val fullConfig = config.withFallback(AkkaSpec.testConf).withFallback(ConfigFactory.load).getConfig("akka.remote.netty.ssl.security") val settings = new SSLSettings(fullConfig) - val rng = NettySSLSupport.initializeCustomSecureRandom(settings.SSLRandomNumberGenerator, NoLogging) + val rng = NettySSLSupport.initializeCustomSecureRandom(settings.SSLRandomNumberGenerator, NoMarkerLogging) rng.nextInt() // Has to work val sRng = settings.SSLRandomNumberGenerator rng.getAlgorithm == sRng || (throw new NoSuchAlgorithmException(sRng)) - val engine = NettySSLSupport.initializeClientSSL(settings, NoLogging).getEngine + val engine = NettySSLSupport.initializeClientSSL(settings, NoMarkerLogging).getEngine val gotAllSupported = enabled.toSet diff engine.getSupportedCipherSuites.toSet val gotAllEnabled = enabled.toSet diff engine.getEnabledCipherSuites.toSet gotAllSupported.isEmpty || (throw new IllegalArgumentException("Cipher Suite not supported: " + gotAllSupported)) diff --git a/akka-typed/src/main/scala/akka/typed/internal/ActorRefImpl.scala b/akka-typed/src/main/scala/akka/typed/internal/ActorRefImpl.scala index e0130118a9..1a6fea3844 100644 --- a/akka-typed/src/main/scala/akka/typed/internal/ActorRefImpl.scala +++ b/akka-typed/src/main/scala/akka/typed/internal/ActorRefImpl.scala @@ -196,7 +196,7 @@ private[typed] object FutureRef { // On Scala 2.12, the field's name is exactly "_target" (and it's private), earlier Scala versions compile the val to a public field that's name mangled to "akka$typed$internal$FutureRef$$_target" val targetField = fields.find(_.getName.endsWith("_target")) assert(targetField.nonEmpty, s"Could not find _target field in FutureRef class among fields $fields.") - + unsafe.objectFieldOffset(targetField.get) } }