+act,rem,str add SECURITY marker to logs (#21749)

* +act,rem,str add SECURITY marker to logs

* Update TlsSpec.scala

akka-actor/src/main/scala/akka/actor/ActorRef.scala

@@ -7,13 +7,15 @@ package akka.actor
 import scala.collection.immutable
 import akka.dispatch._
 import akka.dispatch.sysmsg._
-import java.lang.{ UnsupportedOperationException, IllegalStateException }
+import java.lang.{ IllegalStateException, UnsupportedOperationException }
-import akka.serialization.{ Serialization, JavaSerializer }
+
-import akka.event.EventStream
+import akka.serialization.{ JavaSerializer, Serialization }
+import akka.event.{ EventStream, Logging, LoggingAdapter, MarkerLoggingAdapter }
+
 import scala.annotation.tailrec
 import java.util.concurrent.ConcurrentHashMap
-import akka.event.{ Logging, LoggingAdapter }
 import java.util.concurrent.atomic.AtomicReference
+
 import scala.util.control.NonFatal
 
 object ActorRef {
@@ -606,7 +608,7 @@ private[akka] class VirtualPathContainer(
   override val provider:  ActorRefProvider,
   override val path:      ActorPath,
   override val getParent: InternalActorRef,
-  val log:                LoggingAdapter) extends MinimalActorRef {
+  val log:                MarkerLoggingAdapter) extends MinimalActorRef {
 
   private val children = new ConcurrentHashMap[String, InternalActorRef]
 

akka-actor/src/main/scala/akka/actor/ActorRefProvider.scala

@@ -499,7 +499,7 @@ private[akka] class LocalActorRefProvider private[akka] (
 
   override val rootPath: ActorPath = RootActorPath(Address("akka", _systemName))
 
-  private[akka] val log: LoggingAdapter = Logging(eventStream, getClass.getName + "(" + rootPath.address + ")")
+  private[akka] val log: MarkerLoggingAdapter = Logging.withMarker(eventStream, getClass.getName + "(" + rootPath.address + ")")
 
   override val deadLetters: InternalActorRef =
     _deadLetters.getOrElse((p: ActorPath) ⇒ new DeadLetterActorRef(this, p, eventStream)).apply(rootPath / "deadLetters")

akka-actor/src/main/scala/akka/actor/ActorSystem.scala

@@ -537,7 +537,7 @@ private[akka] class ActorSystemImpl(
           case _ ⇒
             if (settings.JvmExitOnFatalError) {
               try {
-                log.error(cause, "Uncaught error from thread [{}] shutting down JVM since 'akka.jvm-exit-on-fatal-error' is enabled", thread.getName)
+                markerLogging.error(LogMarker.Security, cause, "Uncaught error from thread [{}] shutting down JVM since 'akka.jvm-exit-on-fatal-error' is enabled", thread.getName)
                 import System.err
                 err.print("Uncaught error from thread [")
                 err.print(thread.getName)
@@ -550,7 +550,7 @@ private[akka] class ActorSystemImpl(
                 System.exit(-1)
               }
             } else {
-              log.error(cause, "Uncaught fatal error from thread [{}] shutting down ActorSystem [{}]", thread.getName, name)
+              markerLogging.error(LogMarker.Security, cause, "Uncaught fatal error from thread [{}] shutting down ActorSystem [{}]", thread.getName, name)
               terminate()
             }
         }
@@ -605,7 +605,8 @@ private[akka] class ActorSystemImpl(
     dynamicAccess.createInstanceFor[LoggingFilter](LoggingFilter, arguments).get
   }
 
-  val log: LoggingAdapter = new BusLogging(eventStream, getClass.getName + "(" + name + ")", this.getClass, logFilter)
+  private[this] val markerLogging = new MarkerLoggingAdapter(eventStream, getClass.getName + "(" + name + ")", this.getClass, logFilter)
+  val log: LoggingAdapter = markerLogging
 
   val scheduler: Scheduler = createScheduler()
 

akka-actor/src/main/scala/akka/event/Logging.scala

@@ -1398,6 +1398,8 @@ object LogMarker {
       case None    ⇒ None
     }
 
+  private[akka] final val Security = apply("SECURITY")
+
 }
 
 /**
@@ -1678,3 +1680,49 @@ object NoLogging extends LoggingAdapter {
   final protected override def notifyInfo(message: String): Unit = ()
   final protected override def notifyDebug(message: String): Unit = ()
 }
+/**
+ * NoLogging is a MarkerLoggingAdapter that does absolutely nothing – no logging at all.
+ */
+object NoMarkerLogging extends MarkerLoggingAdapter(null, "source", classOf[String], null) {
+
+  /**
+   * Java API to return the reference to NoLogging
+   * @return The NoLogging instance
+   */
+  def getInstance = this
+
+  final override def isErrorEnabled = false
+  final override def isWarningEnabled = false
+  final override def isInfoEnabled = false
+  final override def isDebugEnabled = false
+
+  final protected override def notifyError(message: String): Unit = ()
+  final protected override def notifyError(cause: Throwable, message: String): Unit = ()
+  final protected override def notifyWarning(message: String): Unit = ()
+  final protected override def notifyInfo(message: String): Unit = ()
+  final protected override def notifyDebug(message: String): Unit = ()
+  final override def error(marker: LogMarker, cause: Throwable, message: String): Unit = ()
+  final override def error(marker: LogMarker, cause: Throwable, template: String, arg1: Any): Unit = ()
+  final override def error(marker: LogMarker, cause: Throwable, template: String, arg1: Any, arg2: Any): Unit = ()
+  final override def error(marker: LogMarker, cause: Throwable, template: String, arg1: Any, arg2: Any, arg3: Any): Unit = ()
+  final override def error(marker: LogMarker, cause: Throwable, template: String, arg1: Any, arg2: Any, arg3: Any, arg4: Any): Unit = ()
+  final override def error(marker: LogMarker, message: String): Unit = ()
+  final override def error(marker: LogMarker, template: String, arg1: Any): Unit = ()
+  final override def error(marker: LogMarker, template: String, arg1: Any, arg2: Any): Unit = ()
+  final override def error(marker: LogMarker, template: String, arg1: Any, arg2: Any, arg3: Any): Unit = ()
+  final override def error(marker: LogMarker, template: String, arg1: Any, arg2: Any, arg3: Any, arg4: Any): Unit = ()
+  final override def warning(marker: LogMarker, message: String): Unit = ()
+  final override def warning(marker: LogMarker, template: String, arg1: Any): Unit = ()
+  final override def warning(marker: LogMarker, template: String, arg1: Any, arg2: Any): Unit = ()
+  final override def warning(marker: LogMarker, template: String, arg1: Any, arg2: Any, arg3: Any): Unit = ()
+  final override def warning(marker: LogMarker, template: String, arg1: Any, arg2: Any, arg3: Any, arg4: Any): Unit = ()
+  final override def info(marker: LogMarker, message: String): Unit = ()
+  final override def info(marker: LogMarker, template: String, arg1: Any, arg2: Any): Unit = ()
+  final override def info(marker: LogMarker, template: String, arg1: Any, arg2: Any, arg3: Any): Unit = ()
+  final override def info(marker: LogMarker, template: String, arg1: Any, arg2: Any, arg3: Any, arg4: Any): Unit = ()
+  final override def debug(marker: LogMarker, message: String): Unit = ()
+  final override def debug(marker: LogMarker, template: String, arg1: Any): Unit = ()
+  final override def debug(marker: LogMarker, template: String, arg1: Any, arg2: Any): Unit = ()
+  final override def debug(marker: LogMarker, template: String, arg1: Any, arg2: Any, arg3: Any): Unit = ()
+  final override def debug(marker: LogMarker, template: String, arg1: Any, arg2: Any, arg3: Any, arg4: Any): Unit = ()
+}

akka-actor/src/main/scala/akka/serialization/Serialization.scala

@@ -6,16 +6,19 @@ package akka.serialization
 
 import com.typesafe.config.Config
 import akka.actor._
-import akka.event.Logging
+import akka.event.{ LogMarker, Logging }
 import java.util.concurrent.ConcurrentHashMap
+
 import scala.collection.mutable.ArrayBuffer
 import java.io.NotSerializableException
-import scala.util.{ Try, DynamicVariable, Failure }
+
+import scala.util.{ DynamicVariable, Failure, Try }
 import scala.collection.immutable
 import scala.util.control.NonFatal
 import scala.util.Success
 import java.nio.ByteBuffer
 import java.util.concurrent.atomic.AtomicReference
+
 import scala.annotation.tailrec
 import java.util.NoSuchElementException
 
@@ -94,7 +97,7 @@ class Serialization(val system: ExtendedActorSystem) extends Extension {
   import Serialization._
 
   val settings = new Settings(system.settings.config)
-  val log = Logging(system, getClass.getName)
+  val log = Logging.withMarker(system, getClass.getName)
   private val manifestCache = new AtomicReference[Map[String, Option[Class[_]]]](Map.empty[String, Option[Class[_]]])
 
   /**
@@ -223,13 +226,13 @@ class Serialization(val system: ExtendedActorSystem) extends Extension {
             throw new NotSerializableException("No configured serialization-bindings for class [%s]" format clazz.getName)
           case possibilities ⇒
             if (!unique(possibilities))
-              log.warning("Multiple serializers found for " + clazz + ", choosing first: " + possibilities)
+              log.warning(LogMarker.Security, "Multiple serializers found for " + clazz + ", choosing first: " + possibilities)
             possibilities(0)._2
         }
         serializerMap.putIfAbsent(clazz, ser) match {
           case null ⇒
             if (shouldWarnAboutJavaSerializer(clazz, ser)) {
-              log.warning("Using the default Java serializer for class [{}] which is not recommended because of " +
+              log.warning(LogMarker.Security, "Using the default Java serializer for class [{}] which is not recommended because of " +
                 "performance implications. Use another serializer or disable this warning using the setting " +
                 "'akka.actor.warn-about-java-serializer-usage'", clazz.getName)
             }

akka-remote/src/main/scala/akka/remote/Endpoint.scala

@@ -8,24 +8,26 @@ import akka.actor.SupervisorStrategy._
 import akka.actor.Terminated
 import akka.actor._
 import akka.dispatch.sysmsg.SystemMessage
-import akka.event.{ Logging, LoggingAdapter }
+import akka.event.{ LogMarker, Logging, LoggingAdapter, MarkerLoggingAdapter }
 import akka.pattern.pipe
-import akka.remote.EndpointManager.{ ResendState, Link, Send }
+import akka.remote.EndpointManager.{ Link, ResendState, Send }
-import akka.remote.EndpointWriter.{ StoppedReading, FlushAndStop }
+import akka.remote.EndpointWriter.{ FlushAndStop, StoppedReading }
 import akka.remote.WireFormats.SerializedMessage
 import akka.remote.transport.AkkaPduCodec.Message
-import akka.remote.transport.AssociationHandle.{ DisassociateInfo, ActorHandleEventListener, Disassociated, InboundPayload }
+import akka.remote.transport.AssociationHandle.{ ActorHandleEventListener, DisassociateInfo, Disassociated, InboundPayload }
 import akka.remote.transport.Transport.InvalidAssociationException
 import akka.remote.transport._
 import akka.serialization.Serialization
 import akka.util.ByteString
-import akka.{ OnlyCauseStackTrace, AkkaException }
+import akka.{ AkkaException, OnlyCauseStackTrace }
 import java.io.NotSerializableException
-import java.util.concurrent.{ TimeUnit, TimeoutException, ConcurrentHashMap }
+import java.util.concurrent.{ ConcurrentHashMap, TimeUnit, TimeoutException }
+
 import scala.annotation.tailrec
-import scala.concurrent.duration.{ Deadline }
+import scala.concurrent.duration.Deadline
 import scala.util.control.NonFatal
 import java.util.concurrent.locks.LockSupport
+
 import scala.concurrent.Future
 import akka.util.OptionVal
 import akka.util.OptionVal
@@ -47,7 +49,7 @@ private[remote] trait InboundMessageDispatcher {
 private[remote] class DefaultMessageDispatcher(
   private val system:   ExtendedActorSystem,
   private val provider: RemoteActorRefProvider,
-  private val log:      LoggingAdapter) extends InboundMessageDispatcher {
+  private val log:      MarkerLoggingAdapter) extends InboundMessageDispatcher {
 
   private val remoteDaemon = provider.remoteDaemon
 
@@ -69,7 +71,7 @@ private[remote] class DefaultMessageDispatcher(
     recipient match {
 
       case `remoteDaemon` ⇒
-        if (UntrustedMode) log.debug("dropping daemon message in untrusted mode")
+        if (UntrustedMode) log.debug(LogMarker.Security, "dropping daemon message in untrusted mode")
         else {
           if (LogReceive) log.debug("received daemon message {}", msgLog)
           remoteDaemon ! payload
@@ -82,6 +84,7 @@ private[remote] class DefaultMessageDispatcher(
             if (UntrustedMode && (!TrustedSelectionPaths.contains(sel.elements.mkString("/", "/", "")) ||
               sel.msg.isInstanceOf[PossiblyHarmful] || l != provider.rootGuardian))
               log.debug(
+                LogMarker.Security,
                 "operating in UntrustedMode, dropping inbound actor selection to [{}], " +
                   "allow it by adding the path to 'akka.remote.trusted-selection-paths' configuration",
                 sel.elements.mkString("/", "/", ""))
@@ -89,7 +92,7 @@ private[remote] class DefaultMessageDispatcher(
               // run the receive logic for ActorSelectionMessage here to make sure it is not stuck on busy user actor
               ActorSelection.deliverSelection(l, sender, sel)
           case msg: PossiblyHarmful if UntrustedMode ⇒
-            log.debug("operating in UntrustedMode, dropping inbound PossiblyHarmful message of type [{}]", msg.getClass.getName)
+            log.debug(LogMarker.Security, "operating in UntrustedMode, dropping inbound PossiblyHarmful message of type [{}]", msg.getClass.getName)
           case msg: SystemMessage ⇒ l.sendSystemMessage(msg)
           case msg                ⇒ l.!(msg)(sender)
         }
@@ -532,6 +535,7 @@ private[remote] class EndpointWriter(
   import EndpointWriter._
   import context.dispatcher
 
+  private val markLog = Logging.withMarker(this)
   val extendedSystem: ExtendedActorSystem = context.system.asInstanceOf[ExtendedActorSystem]
   val remoteMetrics = RemoteMetricsExtension(extendedSystem)
   val backoffDispatcher = context.system.dispatchers.lookup("akka.remote.backoff-remote-dispatcher")
@@ -550,7 +554,7 @@ private[remote] class EndpointWriter(
   }
 
   val provider = RARP(extendedSystem).provider
-  val msgDispatch = new DefaultMessageDispatcher(extendedSystem, provider, log)
+  val msgDispatch = new DefaultMessageDispatcher(extendedSystem, provider, markLog)
 
   val inbound = handle.isDefined
   var stopReason: DisassociateInfo = AssociationHandle.Unknown

akka-remote/src/main/scala/akka/remote/RemoteActorRefProvider.scala

@@ -195,7 +195,7 @@ private[akka] class RemoteActorRefProvider(
         local.rootPath / "remote",
         rootGuardian,
         remotingTerminator,
-        log,
+        _log,
         untrustedMode = remoteSettings.UntrustedMode)
       local.registerExtraNames(Map(("remote", d)))
       d
@@ -206,7 +206,7 @@ private[akka] class RemoteActorRefProvider(
     _internals = internals
     remotingTerminator ! internals
 
-    _log = Logging(eventStream, getClass.getName)
+    _log = Logging.withMarker(eventStream, getClass.getName)
 
     // this enables reception of remote requests
     transport.start()

akka-remote/src/main/scala/akka/remote/RemoteDaemon.scala

@@ -4,14 +4,11 @@
 
 package akka.remote
 
-import java.util
-import java.util.Collections
-
 import scala.concurrent.duration._
 import scala.annotation.tailrec
 import scala.util.control.NonFatal
 import akka.actor.{ Actor, ActorPath, ActorPathExtractor, ActorRef, ActorSystemImpl, AddressTerminated, Deploy, InternalActorRef, Nobody, Props, VirtualPathContainer }
-import akka.event.LoggingAdapter
+import akka.event.{ AddressTerminatedTopic, LogMarker, LoggingAdapter, MarkerLoggingAdapter }
 import akka.dispatch.sysmsg.{ DeathWatchNotification, SystemMessage, Watch }
 import akka.actor.ActorRefWithCell
 import akka.actor.ActorRefScope
@@ -23,13 +20,11 @@ import akka.actor.SelectChildPattern
 import akka.actor.Identify
 import akka.actor.ActorIdentity
 import akka.actor.EmptyLocalActorRef
-import akka.event.AddressTerminatedTopic
 import java.util.concurrent.ConcurrentHashMap
-import scala.collection.immutable
 
+import scala.collection.immutable
 import akka.dispatch.sysmsg.Unwatch
 import akka.NotUsed
-import com.typesafe.config.Config
 
 /**
  * INTERNAL API
@@ -54,7 +49,7 @@ private[akka] class RemoteSystemDaemon(
   _path:             ActorPath,
   _parent:           InternalActorRef,
   terminator:        ActorRef,
-  _log:              LoggingAdapter,
+  _log:              MarkerLoggingAdapter,
   val untrustedMode: Boolean)
   extends VirtualPathContainer(system.provider, _path, _parent, _log) {
 
@@ -163,8 +158,9 @@ private[akka] class RemoteSystemDaemon(
             doCreateActor(message, props, deploy, path, supervisor)
           else {
             val ex = new NotWhitelistedClassRemoteDeploymentAttemptException(props.actorClass, remoteDeploymentWhitelist)
-            log.error(ex, "Received command to create remote Actor, but class [{}] is not white-listed! " +
+            log.error(LogMarker.Security, ex,
-              "Target path: [{}]", props.actorClass, path) // TODO add security marker?
+              "Received command to create remote Actor, but class [{}] is not white-listed! " +
+                "Target path: [{}]", props.actorClass, path)
           }
         case DaemonMsgCreate(props, deploy, path, supervisor) ⇒
           doCreateActor(message, props, deploy, path, supervisor)
@@ -211,7 +207,7 @@ private[akka] class RemoteSystemDaemon(
         case _ ⇒ // skip, this child doesn't belong to the terminated address
       }
 
-    case unknown ⇒ log.warning("Unknown message [{}] received by [{}]", unknown, this)
+    case unknown ⇒ log.warning(LogMarker.Security, "Unknown message [{}] received by [{}]", unknown, this)
 
   } catch {
     case NonFatal(e) ⇒ log.error(e, "exception while processing remote command [{}] from [{}]", msg, sender)

akka-remote/src/main/scala/akka/remote/artery/MessageDispatcher.scala

@@ -13,11 +13,10 @@ import akka.actor.LocalRef
 import akka.actor.PossiblyHarmful
 import akka.actor.RepointableRef
 import akka.dispatch.sysmsg.SystemMessage
-import akka.event.Logging
+import akka.event.{ LogMarker, Logging, LoggingReceive }
 import akka.remote.RemoteActorRefProvider
 import akka.remote.RemoteRef
 import akka.util.OptionVal
-import akka.event.LoggingReceive
 
 /**
  * INTERNAL API
@@ -27,7 +26,7 @@ private[remote] class MessageDispatcher(
   provider: RemoteActorRefProvider) {
 
   private val remoteDaemon = provider.remoteDaemon
-  private val log = Logging(system, getClass.getName)
+  private val log = Logging.withMarker(system, getClass.getName)
   private val debugLogEnabled = log.isDebugEnabled
 
   def dispatch(
@@ -47,6 +46,7 @@ private[remote] class MessageDispatcher(
       case `remoteDaemon` ⇒
         if (UntrustedMode) {
           if (debugLogEnabled) log.debug(
+            LogMarker.Security,
             "dropping daemon message [{}] in untrusted mode",
             messageClassName(message))
         } else {
@@ -65,6 +65,7 @@ private[remote] class MessageDispatcher(
             if (UntrustedMode && (!TrustedSelectionPaths.contains(sel.elements.mkString("/", "/", "")) ||
               sel.msg.isInstanceOf[PossiblyHarmful] || l != provider.rootGuardian)) {
               if (debugLogEnabled) log.debug(
+                LogMarker.Security,
                 "operating in UntrustedMode, dropping inbound actor selection to [{}], " +
                   "allow it by adding the path to 'akka.remote.trusted-selection-paths' configuration",
                 sel.elements.mkString("/", "/", ""))
@@ -73,6 +74,7 @@ private[remote] class MessageDispatcher(
               ActorSelection.deliverSelection(l, sender, sel)
           case msg: PossiblyHarmful if UntrustedMode ⇒
             if (debugLogEnabled) log.debug(
+              LogMarker.Security,
               "operating in UntrustedMode, dropping inbound PossiblyHarmful message of type [{}] to [{}] from [{}]",
               messageClassName(msg), recipient, senderOption.getOrElse(originAddress.getOrElse("")))
           case msg: SystemMessage ⇒ l.sendSystemMessage(msg)

akka-remote/src/main/scala/akka/remote/transport/AkkaProtocolTransport.scala

@@ -4,6 +4,7 @@
 package akka.remote.transport
 
 import java.util.concurrent.TimeoutException
+
 import akka.actor.SupervisorStrategy.Stop
 import akka.actor._
 import akka.pattern.pipe
@@ -16,13 +17,15 @@ import akka.remote.transport.ProtocolStateActor._
 import akka.remote.transport.Transport._
 import akka.util.ByteString
 import akka.util.Helpers.Requiring
-import akka.{ OnlyCauseStackTrace, AkkaException }
+import akka.{ AkkaException, OnlyCauseStackTrace }
 import com.typesafe.config.Config
+
 import scala.collection.immutable
 import scala.concurrent.duration._
 import scala.concurrent.{ Future, Promise }
 import scala.util.control.NonFatal
-import akka.dispatch.{ UnboundedMessageQueueSemantics, RequiresMessageQueue }
+import akka.dispatch.{ RequiresMessageQueue, UnboundedMessageQueueSemantics }
+import akka.event.{ LogMarker, Logging }
 
 @SerialVersionUID(1L)
 class AkkaProtocolException(msg: String, cause: Throwable) extends AkkaException(msg, cause) with OnlyCauseStackTrace {
@@ -290,6 +293,8 @@ private[transport] class ProtocolStateActor(
   extends Actor with FSM[AssociationState, ProtocolStateData]
   with RequiresMessageQueue[UnboundedMessageQueueSemantics] {
 
+  private val markerLog = Logging.withMarker(this)
+
   import ProtocolStateActor._
   import context.dispatcher
 
@@ -421,7 +426,7 @@ private[transport] class ProtocolStateActor(
                 s"Association attempt with mismatching cookie from [{}]. Expected [{}] but received [{}].",
                 info.origin, localHandshakeInfo.cookie.getOrElse(""), info.cookie.getOrElse(""))
             else
-              log.warning(s"Association attempt with mismatching cookie from [{}].", info.origin)
+              markerLog.warning(LogMarker.Security, s"Association attempt with mismatching cookie from [{}].", info.origin)
             stop()
           }
 

akka-remote/src/main/scala/akka/remote/transport/netty/NettySSLSupport.scala

@@ -5,15 +5,17 @@
 package akka.remote.transport.netty
 
 import akka.ConfigurationException
-import akka.event.LoggingAdapter
+import akka.event.{ LogMarker, LoggingAdapter, MarkerLoggingAdapter }
 import akka.japi.Util._
 import akka.remote.RemoteTransportException
 import akka.remote.security.provider.AkkaProvider
 import com.typesafe.config.Config
-import java.io.{ IOException, FileNotFoundException, FileInputStream }
+import java.io.{ FileInputStream, FileNotFoundException, IOException }
 import java.security._
-import javax.net.ssl.{ KeyManagerFactory, TrustManager, TrustManagerFactory, SSLContext }
+import javax.net.ssl.{ KeyManagerFactory, SSLContext, TrustManager, TrustManagerFactory }
+
 import org.jboss.netty.handler.ssl.SslHandler
+
 import scala.util.Try
 
 /**
@@ -48,20 +50,20 @@ private[akka] object NettySSLSupport {
   /**
    * Construct a SSLHandler which can be inserted into a Netty server/client pipeline
    */
-  def apply(settings: SSLSettings, log: LoggingAdapter, isClient: Boolean): SslHandler =
+  def apply(settings: SSLSettings, log: MarkerLoggingAdapter, isClient: Boolean): SslHandler =
     if (isClient) initializeClientSSL(settings, log) else initializeServerSSL(settings, log)
 
-  def initializeCustomSecureRandom(rngName: String, log: LoggingAdapter): SecureRandom = {
+  def initializeCustomSecureRandom(rngName: String, log: MarkerLoggingAdapter): SecureRandom = {
     val rng = rngName match {
       case r @ ("AES128CounterSecureRNG" | "AES256CounterSecureRNG") ⇒
         log.debug("SSL random number generator set to: {}", r)
         SecureRandom.getInstance(r, AkkaProvider)
       case r @ ("AES128CounterInetRNG" | "AES256CounterInetRNG") ⇒
-        log.warning("SSL random number generator {} is deprecated, " +
+        log.warning(LogMarker.Security, "SSL random number generator {} is deprecated, " +
           "use AES128CounterSecureRNG or AES256CounterSecureRNG instead", r)
         SecureRandom.getInstance(r, AkkaProvider)
       case s @ ("SHA1PRNG" | "NativePRNG") ⇒
-        log.debug("SSL random number generator set to: " + s)
+        log.debug("SSL random number generator set to: {}", s)
         // SHA1PRNG needs /dev/urandom to be the source on Linux to prevent problems with /dev/random blocking
         // However, this also makes the seed source insecure as the seed is reused to avoid blocking (not a problem on FreeBSD).
         SecureRandom.getInstance(s)
@@ -71,17 +73,17 @@ private[akka] object NettySSLSupport {
         new SecureRandom
 
       case unknown ⇒
-        log.warning("Unknown SSLRandomNumberGenerator [{}] falling back to SecureRandom", unknown)
+        log.warning(LogMarker.Security, "Unknown SSLRandomNumberGenerator [{}] falling back to SecureRandom", unknown)
         new SecureRandom
     }
     rng.nextInt() // prevent stall on first access
     rng
   }
 
-  def initializeClientSSL(settings: SSLSettings, log: LoggingAdapter): SslHandler = {
+  def initializeClientSSL(settings: SSLSettings, log: MarkerLoggingAdapter): SslHandler = {
     log.debug("Client SSL is enabled, initialising ...")
 
-    def constructClientContext(settings: SSLSettings, log: LoggingAdapter, trustStorePath: String, trustStorePassword: String, protocol: String): Option[SSLContext] =
+    def constructClientContext(settings: SSLSettings, log: MarkerLoggingAdapter, trustStorePath: String, trustStorePassword: String, protocol: String): Option[SSLContext] =
       try {
         val rng = initializeCustomSecureRandom(settings.SSLRandomNumberGenerator, log)
         val trustManagers: Array[TrustManager] = {
@@ -114,17 +116,16 @@ private[akka] object NettySSLSupport {
       case None ⇒
         throw new GeneralSecurityException(
           """Failed to initialize client SSL because SSL context could not be found." +
-              "Make sure your settings are correct: [trust-store: %s] [trust-store-password: %s] [protocol: %s]""".format(
+                "Make sure your settings are correct: [trust-store: %s] [protocol: %s]""".format(
             settings.SSLTrustStore,
-            settings.SSLTrustStorePassword,
             settings.SSLProtocol))
     }
   }
 
-  def initializeServerSSL(settings: SSLSettings, log: LoggingAdapter): SslHandler = {
+  def initializeServerSSL(settings: SSLSettings, log: MarkerLoggingAdapter): SslHandler = {
     log.debug("Server SSL is enabled, initialising ...")
 
-    def constructServerContext(settings: SSLSettings, log: LoggingAdapter, keyStorePath: String, keyStorePassword: String, keyPassword: String, protocol: String): Option[SSLContext] =
+    def constructServerContext(settings: SSLSettings, log: MarkerLoggingAdapter, keyStorePath: String, keyStorePassword: String, keyPassword: String, protocol: String): Option[SSLContext] =
       try {
         val rng = initializeCustomSecureRandom(settings.SSLRandomNumberGenerator, log)
         val factory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm)
@@ -162,7 +163,7 @@ private[akka] object NettySSLSupport {
         new SslHandler(sslEngine)
       case None ⇒ throw new GeneralSecurityException(
         """Failed to initialize server SSL because SSL context could not be found.
-           Make sure your settings are correct: [key-store: %s] [key-store-password: %s] [protocol: %s]""".format(
+             Make sure your settings are correct: [key-store: %s] [key-store-password: %s] [protocol: %s]""".format(
           settings.SSLKeyStore,
           settings.SSLKeyStorePassword,
           settings.SSLProtocol))

akka-remote/src/main/scala/akka/remote/transport/netty/NettyTransport.scala

@@ -280,7 +280,7 @@ class NettyTransport(val settings: NettyTransportSettings, val system: ExtendedA
   @volatile private var boundTo: Address = _
   @volatile private var serverChannel: Channel = _
 
-  private val log = Logging(system, this.getClass)
+  private val log = Logging.withMarker(system, this.getClass)
 
   /**
    * INTERNAL API

akka-remote/src/test/scala/akka/remote/Ticket1978CommunicationSpec.scala

@@ -6,17 +6,21 @@ package akka.remote
 import akka.testkit._
 import akka.actor._
 import com.typesafe.config._
+
 import scala.concurrent.Future
 import scala.reflect.classTag
 import akka.pattern.ask
-import java.security.{ NoSuchAlgorithmException }
+import java.security.NoSuchAlgorithmException
+
 import akka.util.Timeout
+
 import scala.concurrent.Await
 import scala.concurrent.duration._
-import akka.event.{ NoLogging }
+import akka.event.{ NoLogging, NoMarkerLogging }
-import akka.remote.transport.netty.{ SSLSettings, NettySSLSupport }
+import akka.remote.transport.netty.{ NettySSLSupport, SSLSettings }
 import Configuration.{ CipherConfig, getCipherConfig }
 import org.uncommons.maths.random.RandomDotOrgSeedGenerator
+
 import scala.util.control.NonFatal
 
 object Configuration {
@@ -63,13 +67,13 @@ object Configuration {
       val fullConfig = config.withFallback(AkkaSpec.testConf).withFallback(ConfigFactory.load).getConfig("akka.remote.netty.ssl.security")
       val settings = new SSLSettings(fullConfig)
 
-      val rng = NettySSLSupport.initializeCustomSecureRandom(settings.SSLRandomNumberGenerator, NoLogging)
+      val rng = NettySSLSupport.initializeCustomSecureRandom(settings.SSLRandomNumberGenerator, NoMarkerLogging)
 
       rng.nextInt() // Has to work
       val sRng = settings.SSLRandomNumberGenerator
       rng.getAlgorithm == sRng || (throw new NoSuchAlgorithmException(sRng))
 
-      val engine = NettySSLSupport.initializeClientSSL(settings, NoLogging).getEngine
+      val engine = NettySSLSupport.initializeClientSSL(settings, NoMarkerLogging).getEngine
       val gotAllSupported = enabled.toSet diff engine.getSupportedCipherSuites.toSet
       val gotAllEnabled = enabled.toSet diff engine.getEnabledCipherSuites.toSet
       gotAllSupported.isEmpty || (throw new IllegalArgumentException("Cipher Suite not supported: " + gotAllSupported))

akka-typed/src/main/scala/akka/typed/internal/ActorRefImpl.scala

@@ -196,7 +196,7 @@ private[typed] object FutureRef {
     // On Scala 2.12, the field's name is exactly "_target" (and it's private), earlier Scala versions compile the val to a public field that's name mangled to "akka$typed$internal$FutureRef$$_target"
     val targetField = fields.find(_.getName.endsWith("_target"))
     assert(targetField.nonEmpty, s"Could not find _target field in FutureRef class among fields $fields.")
-    
+
     unsafe.objectFieldOffset(targetField.get)
   }
 }