Bug 63990

Summary: SSL RMI Binding
Product: JMeter - Now in Github Reporter: Tom Lagodzinski <tomasz.lagodzinski>
Component: MainAssignee: JMeter issues mailing list <issues>
Status: NEW ---    
Severity: regression CC: p.mouawad
Priority: P2    
Version: 5.2.1   
Target Milestone: JMETER_5.2   
Hardware: PC   
OS: Linux   

Description Tom Lagodzinski 2019-12-06 18:58:00 UTC 
In AWS when using Elastic IP for public IP mapping, it's not possible to use SSL RMI as setting java.rmi.server.hostname when using SSL RMI, it wants to bind to the provided address. This doesn't happen on non SSL setup, which allows remote jmeter master to manage EC2 based jmeter runners.

Seems to be caused in RMIServerSocketFactoryImpl by the createServerSocket override which also provides localAddress.

Security wise, it seems to not matter, as binding to a local address and reporting a remote one requires non standard manual configuration.

Log from binding when using SSL RMI:
Server failed to start: java.rmi.server.ExportException: Listen failed on port: 1099; nested exception is:
        java.io.IOException: Could not bind /XXX.XXX.XXX.XXX using port 1099
An error occurred: Listen failed on port: 0; nested exception is:
        java.io.IOException: Could not bind to /XXX.XXX.XXX.XXX using port 1099

With -Jserver.rmi.ssl.disable=true it works without a hitch, therefore marking it as regression.
Comment 1 Philippe Mouawad 2019-12-08 15:46:38 UTC 
Can you provide more informations on your setup and how you start each server and test ? 

Do you set this property:

java.rmi.server.hostname
Comment 2 Tom Lagodzinski 2019-12-08 18:48:59 UTC 
Sure,

0. Setup 4 linux jmeter servers in AWS.
1. Using Elastic IP in AWS on EC2, which makes something similar to NAT, so the public IP is not available on host.
2. Using a remote windows machine as master.
3. Set java.rmi.server.hostname to public IP.
4. Configure keystore using provided shell script.
5. Jmeter-server tries to bind to public IP as set in java.rmi.server.hostname due to some weird behaviour from rmi ssl connection factory.


AFAIK if any of the following is not met, it's not possible to reproduce this error:
- Windows master
- Linux runners
- Runners behind NAT
Comment 3 Tom Lagodzinski 2019-12-10 08:36:11 UTC 
Upon further deliberation it seems that to replicate this bug it should only be necessary to use ssl rmi and to set java.rmi.server.hostname to a non local ip.
Comment 4 The ASF infrastructure team 2022-09-24 20:38:18 UTC 
This issue has been migrated to GitHub: https://github.com/apache/jmeter/issues/5207