Merge pull request #231 from spotify/revert-227-add-tls_20230816

Revert "Added support for connecting to TLS enabled memcached (new PR)"

folsom-elasticache/src/main/java/com/spotify/folsom/elasticache/ElastiCacheResolver.java

@@ -27,7 +27,6 @@
 import java.net.Socket;
 import java.util.List;
 import java.util.concurrent.atomic.AtomicReference;
-import javax.net.ssl.SSLSocketFactory;
 
 /**
  * Implement support for AWS ElastiCache node auto-discovery <a
@@ -53,7 +52,6 @@ public static class Builder {
     private int configPort = 11211;
     private long ttl = MINUTES.toMillis(1);
     private int timeout = 5000; // ms
-    private boolean useTls = false;
 
     private Builder(final String configHost) {
       this.configHost = configHost;
@@ -97,24 +95,13 @@ public Builder withResolveTimeoutMillis(final int timeout) {
       return this;
     }
 
-    /**
-     * Configure TLS usage for connection. Default: false
-     *
-     * @param useTls whether resolver should use TLS connection
-     * @return The builder
-     */
-    public Builder withTls(final boolean useTls) {
-      this.useTls = useTls;
-      return this;
-    }
-
     /**
      * Build the resolver
      *
      * @return The resolver
      */
     public ElastiCacheResolver build() {
-      final Resolver resolver = new SocketResolver(configHost, configPort, timeout, useTls);
+      final Resolver resolver = new SocketResolver(configHost, configPort, timeout);
 
       return new ElastiCacheResolver(resolver, ttl);
     }
@@ -170,22 +157,20 @@ public interface Resolver {
   }
 
   public static class SocketResolver implements Resolver {
+
     private final String configHost;
     private final int configPort;
     private final int timeout;
-    private final boolean useTls;
     private final ResponseParser parser = new ResponseParser();
 
-    public SocketResolver(
-        final String configHost, final int configPort, final int timeout, final boolean useTls) {
+    public SocketResolver(final String configHost, final int configPort, final int timeout) {
       this.configHost = configHost;
       this.configPort = configPort;
       this.timeout = timeout;
-      this.useTls = useTls;
     }
 
     public Response resolve() {
-      try (final Socket socket = createSocket()) {
+      try (final Socket socket = new Socket()) {
         socket.setSoTimeout(timeout);
         socket.connect(new InetSocketAddress(configHost, configPort), timeout);
 
@@ -196,13 +181,5 @@ public Response resolve() {
         throw new RuntimeException("ElastiCache auto-discovery failed", e);
       }
     }
-
-    private Socket createSocket() throws IOException {
-      if (useTls) {
-        return SSLSocketFactory.getDefault().createSocket();
-      } else {
-        return new Socket();
-      }
-    }
   }
 }

folsom/pom.xml

@@ -37,11 +37,6 @@
       <artifactId>netty-transport</artifactId>
       <version>${netty.version}</version>
     </dependency>
-    <dependency>
-      <groupId>io.netty</groupId>
-      <artifactId>netty-handler</artifactId>
-      <version>${netty.version}</version>
-    </dependency>
     <dependency>
       <groupId>io.netty</groupId>
       <artifactId>netty-codec</artifactId>

folsom/src/main/java/com/spotify/folsom/MemcacheClientBuilder.java

@@ -37,7 +37,6 @@
 import com.spotify.folsom.client.NoopTracer;
 import com.spotify.folsom.client.ascii.DefaultAsciiMemcacheClient;
 import com.spotify.folsom.client.binary.DefaultBinaryMemcacheClient;
-import com.spotify.folsom.client.tls.SSLEngineFactory;
 import com.spotify.folsom.guava.HostAndPort;
 import com.spotify.folsom.ketama.AddressAndClient;
 import com.spotify.folsom.ketama.KetamaMemcacheClient;
@@ -122,8 +121,6 @@ public class MemcacheClientBuilder<V> {
   private final List<UsernamePasswordPair> passwords = new ArrayList<>();
   private boolean skipAuth = false;
 
-  private SSLEngineFactory sslEngineFactory = null;
-
   /**
    * Create a client builder for byte array values.
    *
@@ -559,11 +556,6 @@ MemcacheClientBuilder<V> withoutAuthenticationValidation() {
     return this;
   }
 
-  public MemcacheClientBuilder<V> withSSLEngineFactory(final SSLEngineFactory sslEngineFactory) {
-    this.sslEngineFactory = sslEngineFactory;
-    return this;
-  }
-
   /**
    * Create a client that uses the binary memcache protocol.
    *
@@ -716,7 +708,6 @@ private RawMemcacheClient createReconnectingClient(
         metrics,
         maxSetLength,
         eventLoopGroup,
-        channelClass,
-        sslEngineFactory);
+        channelClass);
   }
 }

folsom/src/main/java/com/spotify/folsom/client/DefaultRawMemcacheClient.java

@@ -30,7 +30,6 @@
 import com.spotify.folsom.RawMemcacheClient;
 import com.spotify.folsom.client.ascii.AsciiMemcacheDecoder;
 import com.spotify.folsom.client.binary.BinaryMemcacheDecoder;
-import com.spotify.folsom.client.tls.SSLEngineFactory;
 import com.spotify.folsom.guava.HostAndPort;
 import com.spotify.folsom.ketama.AddressAndClient;
 import com.spotify.futures.CompletableFutures;
@@ -44,7 +43,6 @@
 import io.netty.channel.ChannelInboundHandler;
 import io.netty.channel.ChannelInitializer;
 import io.netty.channel.ChannelOption;
-import io.netty.channel.ChannelPipeline;
 import io.netty.channel.ChannelPromise;
 import io.netty.channel.DefaultChannelPromise;
 import io.netty.channel.EventLoopGroup;
@@ -54,7 +52,6 @@
 import io.netty.channel.nio.NioEventLoopGroup;
 import io.netty.channel.socket.nio.NioSocketChannel;
 import io.netty.handler.codec.DecoderException;
-import io.netty.handler.ssl.SslHandler;
 import io.netty.util.concurrent.DefaultThreadFactory;
 import java.io.IOException;
 import java.net.ConnectException;
@@ -69,7 +66,6 @@
 import java.util.concurrent.atomic.AtomicInteger;
 import java.util.concurrent.atomic.AtomicReference;
 import java.util.stream.Stream;
-import javax.net.ssl.SSLEngine;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -116,8 +112,7 @@ public static CompletionStage<RawMemcacheClient> connect(
       final Metrics metrics,
       final int maxSetLength,
       final EventLoopGroup eventLoopGroup,
-      final Class<? extends Channel> channelClass,
-      final SSLEngineFactory sslEngineFactory) {
+      final Class<? extends Channel> channelClass) {
 
     final ChannelInboundHandler decoder;
     if (binary) {
@@ -129,21 +124,14 @@ public static CompletionStage<RawMemcacheClient> connect(
     final ChannelHandler initializer =
         new ChannelInitializer<Channel>() {
           @Override
-          protected void initChannel(final Channel ch) {
-            final ChannelPipeline channelPipeline = ch.pipeline();
-            channelPipeline.addLast(new TcpTuningHandler());
-
-            if (sslEngineFactory != null) {
-              final SSLEngine sslEngine =
-                  sslEngineFactory.createSSLEngine(address.getHostText(), address.getPort());
-              SslHandler sslHandler = new SslHandler(sslEngine);
-              // Disable SSL data aggregation
-              // it doesn't play well with memcached protocol and causes connection hangs
-              sslHandler.setWrapDataSize(0);
-              channelPipeline.addLast(sslHandler);
-            }
-
-            channelPipeline.addLast(decoder, new MemcacheEncoder());
+          protected void initChannel(final Channel ch) throws Exception {
+            ch.pipeline()
+                .addLast(
+                    new TcpTuningHandler(),
+                    decoder,
+
+                    // Downstream
+                    new MemcacheEncoder());
           }
         };
 
@@ -470,10 +458,6 @@ private void setDisconnected(String message) {
       // Use the pending counter as a way of marking disconnected for performance reasons
       // Once we are disconnected we will not really decrease this value any more anyway.
       pendingCounter.set(pendingCounterLimit);
-      SslHandler sslHandler = channel.pipeline().get(SslHandler.class);
-      if (sslHandler != null) {
-        sslHandler.closeOutbound();
-      }
       channel.close();
       GLOBAL_CONNECTION_COUNT.decrementAndGet();
       metrics.unregisterOutstandingRequestsGauge(pendingRequestGauge);

folsom/src/main/java/com/spotify/folsom/reconnect/ReconnectingClient.java

@@ -26,7 +26,6 @@
 import com.spotify.folsom.client.DefaultRawMemcacheClient;
 import com.spotify.folsom.client.NotConnectedClient;
 import com.spotify.folsom.client.Request;
-import com.spotify.folsom.client.tls.SSLEngineFactory;
 import com.spotify.folsom.guava.HostAndPort;
 import com.spotify.folsom.ketama.AddressAndClient;
 import io.netty.channel.Channel;
@@ -75,8 +74,7 @@ public ReconnectingClient(
       final Metrics metrics,
       final int maxSetLength,
       final EventLoopGroup eventLoopGroup,
-      final Class<? extends Channel> channelClass,
-      final SSLEngineFactory sslEngineFactory) {
+      final Class<? extends Channel> channelClass) {
     this(
         backoffFunction,
         scheduledExecutorService,
@@ -92,8 +90,7 @@ public ReconnectingClient(
                 metrics,
                 maxSetLength,
                 eventLoopGroup,
-                channelClass,
-                sslEngineFactory),
+                channelClass),
         authenticator,
         address);
   }