net.schmizz.sshj.transport.KeyExchanger.waitForDone超时(KeyExchanger.java:160)

时间:2016-05-26 22:22:48

标签: java sockets sftp sshj

我的夜间工作正在使用net.schmizz.sshj SFTP库。

我怀疑我们SFTP进入的服务器发生了变化。但是,我无法确定具体的变化是什么。我也无法在生产服务器之外重现它。所以我正在寻找根本原因的洞察或如何重现以下错误

net.schmizz.sshj.transport.TransportException: Timeout expired at net.schmizz.sshj.transport.TransportException$1.chain(TransportException.java:33) at net.schmizz.sshj.transport.TransportException$1.chain(TransportException.java:27) at net.schmizz.concurrent.Promise.retrieve(Promise.java:139) at net.schmizz.concurrent.Event.await(Event.java:103) at net.schmizz.sshj.transport.KeyExchanger.waitForDone(KeyExchanger.java:160) at net.schmizz.sshj.transport.KeyExchanger.startKex(KeyExchanger.java:155) at net.schmizz.sshj.transport.TransportImpl.doKex(TransportImpl.java:247) at net.schmizz.sshj.SSHClient.doKex(SSHClient.java:735) at net.schmizz.sshj.SSHClient.onConnect(SSHClient.java:723) at net.schmizz.sshj.SocketClient.connect(SocketClient.java:54) at net.schmizz.sshj.SocketClient.connect(SocketClient.java:80)

据我所知,我们通过java.net.Socket确定连接,然后超时等待密钥交换在此代码中完成

package net.schmizz.sshj.transport;

/** Algorithm negotiation and key exchange. */
final class KeyExchanger
        implements SSHPacketHandler, ErrorNotifiable {

    /**
     * Starts key exchange by sending a {@code SSH_MSG_KEXINIT} packet. Key exchange needs to be done once mandatorily
     * after initializing the {@link Transport} for it to be usable and may be initiated at any later point e.g. if
     * {@link Transport#getConfig() algorithms} have changed and should be renegotiated.
     *
     * @param waitForDone whether should block till key exchange completed
     *
     * @throws TransportException if there is an error during key exchange
     * @see {@link Transport#setTimeoutMs} for setting timeout for kex
     */
    void startKex(boolean waitForDone)
            throws TransportException {
        if (!kexOngoing.getAndSet(true)) {
            done.clear();
            sendKexInit();
        }
        if (waitForDone)
            waitForDone();
    }

    /**
     * Sends SSH_MSG_KEXINIT and sets the {@link #kexInitSent} event.
     *
     * @throws TransportException
     */
    private void sendKexInit()
            throws TransportException {
        log.debug("Sending SSH_MSG_KEXINIT");
        clientProposal = new Proposal(transport.getConfig());
        transport.write(clientProposal.getPacket());
        kexInitSent.set();
    }

void waitForDone()
        throws TransportException {
    done.await(transport.getTimeoutMs(), TimeUnit.MILLISECONDS);
}

1 个答案:

答案 0 :(得分:2)

在发布此问题后进行了大量调试后,我发现问题在于我们在生产环境中没有像在本地测试中那样运行相同的加密库。我通过构建最小的jar来确定这一点,同时仍保留生产中使用的所有SSHJ部分以及我们自己的所有相关代码,然后在命令shell中使用DEBUG级别日志记录运行它,我可以看到所有输出。然后我看到了以下内容,并且我意识到生产服务器日志中的超时异常是在屏蔽了未在生产中记录的根本原因之后发生的第二个异常:NoClassDefFoundError 

Exception in thread "reader" java.lang.NoClassDefFoundError: org/bouncycastle/crypto/ec/CustomNamedCurves
    at net.schmizz.sshj.transport.kex.Curve25519DH.getCurve25519Params(Curve25519DH.java:51)
    at net.schmizz.sshj.transport.kex.Curve25519SHA256.initDH(Curve25519SHA256.java:36)
    at net.schmizz.sshj.transport.kex.AbstractDHG.init(AbstractDHG.java:55)
    at net.schmizz.sshj.transport.KeyExchanger.gotKexInit(KeyExchanger.java:239)
    at net.schmizz.sshj.transport.KeyExchanger.handle(KeyExchanger.java:359)
    at net.schmizz.sshj.transport.TransportImpl.handle(TransportImpl.java:493)
    at net.schmizz.sshj.transport.Decoder.decode(Decoder.java:107)
    at net.schmizz.sshj.transport.Decoder.received(Decoder.java:175)
    at net.schmizz.sshj.transport.Reader.run(Reader.java:60)
Caused by: java.lang.ClassNotFoundException: org.bouncycastle.crypto.ec.CustomNamedCurves
    at java.net.URLClassLoader.findClass(URLClassLoader.java:381)
    at java.lang.ClassLoader.loadClass(ClassLoader.java:424)
    at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:331)
    at java.lang.ClassLoader.loadClass(ClassLoader.java:357)
    ... 9 more

net.schmizz.sshj.transport.TransportException: Timeout expired
    at net.schmizz.sshj.transport.TransportException$1.chain(TransportException.java:33)
    at net.schmizz.sshj.transport.TransportException$1.chain(TransportException.java:27)
    at net.schmizz.concurrent.Promise.retrieve(Promise.java:139)
    at net.schmizz.concurrent.Event.await(Event.java:103)
    at net.schmizz.sshj.transport.KeyExchanger.waitForDone(KeyExchanger.java:160)
    at net.schmizz.sshj.transport.KeyExchanger.startKex(KeyExchanger.java:155)
    at net.schmizz.sshj.transport.TransportImpl.doKex(TransportImpl.java:247)
    at net.schmizz.sshj.SSHClient.doKex(SSHClient.java:735)
    at net.schmizz.sshj.SSHClient.onConnect(SSHClient.java:723)
    at net.schmizz.sshj.SocketClient.connect(SocketClient.java:54)
    at net.schmizz.sshj.SocketClient.connect(SocketClient.java:80)
    at kirby.App.connect(App.java:101)
    at kirby.App.execute(App.java:45)
    at kirby.App.main(App.java:31)
Caused by: java.util.concurrent.TimeoutException: Timeout expired
    ... 12 more

差异归结为classpath。 在生产中我们有

bcpg-jdk15on-150.jar:bcpkix-jdk15on-150.jar:bcprov-jdk15on-150.jar

但需要

bcpkix-jdk15on/1.51/bcpkix-jdk15on-1.51.jar:ecc-25519-java-1.0.1.jar:bcprov-jdk15on/1.51/bcprov-jdk15on-1.51.jar

相关问题
最新问题