xds: handle the handlerRemoved callback to skip updateSslContext processing (#10118)

sanjaypujare · ejona86 · commit 6ee41843d5e4 · 2023-05-03T10:35:24.000-07:00
* xds: handle the handlerRemoved callback to skip updateSslContext processing
     In handlerAdded we submit a callback to updateSslContext but before the
     callback is executed the handler could be removed (e.g. bad connection)
     in which case the callback should skip all of the processing.
     Also added a unit test to check there is no exception.
diff --git a/xds/src/main/java/io/grpc/xds/internal/security/SecurityProtocolNegotiators.java b/xds/src/main/java/io/grpc/xds/internal/security/SecurityProtocolNegotiators.java
@@ -209,6 +209,9 @@ protected void handlerAdded0(final ChannelHandlerContext ctx) {
 
             @Override
             public void updateSslContext(SslContext sslContext) {
+              if (ctx.isRemoved()) {
+                return;
+              }
               logger.log(
                   Level.FINEST,
                   "ClientSdsHandler.updateSslContext authority={0}, ctx.name={1}",
diff --git a/xds/src/test/java/io/grpc/xds/internal/security/SecurityProtocolNegotiatorsTest.java b/xds/src/test/java/io/grpc/xds/internal/security/SecurityProtocolNegotiatorsTest.java
@@ -405,6 +405,36 @@ protected void onException(Throwable throwable) {
     CommonCertProviderTestUtils.register0();
   }
 
+  @Test
+  public void clientSdsProtocolNegotiatorNewHandler_handleHandlerRemoved() {
+    FakeClock executor = new FakeClock();
+    CommonCertProviderTestUtils.register(executor);
+    Bootstrapper.BootstrapInfo bootstrapInfoForClient = CommonBootstrapperTestUtils
+        .buildBootstrapInfo("google_cloud_private_spiffe-client", CLIENT_KEY_FILE, CLIENT_PEM_FILE,
+            CA_PEM_FILE, null, null, null, null);
+    UpstreamTlsContext upstreamTlsContext =
+        CommonTlsContextTestsUtil
+            .buildUpstreamTlsContext("google_cloud_private_spiffe-client", true);
+
+    SslContextProviderSupplier sslContextProviderSupplier =
+        new SslContextProviderSupplier(upstreamTlsContext,
+            new TlsContextManagerImpl(bootstrapInfoForClient));
+    SecurityProtocolNegotiators.ClientSdsHandler clientSdsHandler =
+        new SecurityProtocolNegotiators.ClientSdsHandler(grpcHandler, sslContextProviderSupplier);
+
+    pipeline.addLast(clientSdsHandler);
+    channelHandlerCtx = pipeline.context(clientSdsHandler);
+
+    // kick off protocol negotiation.
+    pipeline.fireUserEventTriggered(InternalProtocolNegotiationEvent.getDefault());
+
+    executor.runDueTasks();
+    pipeline.remove(clientSdsHandler);
+    channel.runPendingTasks();
+    channel.checkException();
+    CommonCertProviderTestUtils.register0();
+  }
+
   private static final class FakeGrpcHttp2ConnectionHandler extends GrpcHttp2ConnectionHandler {
 
     FakeGrpcHttp2ConnectionHandler(
