broker.go 40 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102110311041105110611071108110911101111111211131114111511161117111811191120112111221123112411251126112711281129113011311132113311341135113611371138113911401141114211431144114511461147114811491150115111521153115411551156115711581159116011611162116311641165116611671168116911701171117211731174117511761177117811791180118111821183118411851186118711881189119011911192119311941195119611971198119912001201120212031204120512061207120812091210121112121213121412151216121712181219122012211222122312241225122612271228122912301231123212331234123512361237123812391240124112421243124412451246124712481249125012511252125312541255125612571258125912601261126212631264126512661267126812691270127112721273127412751276127712781279128012811282128312841285128612871288128912901291129212931294129512961297129812991300130113021303130413051306130713081309131013111312131313141315131613171318131913201321132213231324132513261327132813291330133113321333133413351336133713381339134013411342134313441345134613471348134913501351135213531354135513561357135813591360136113621363136413651366136713681369137013711372137313741375137613771378137913801381138213831384138513861387138813891390139113921393139413951396139713981399140014011402140314041405140614071408140914101411141214131414141514161417141814191420142114221423142414251426142714281429143014311432143314341435143614371438143914401441
  1. package sarama
  2. import (
  3. "crypto/tls"
  4. "encoding/binary"
  5. "fmt"
  6. "io"
  7. "net"
  8. "sort"
  9. "strconv"
  10. "strings"
  11. "sync"
  12. "sync/atomic"
  13. "time"
  14. metrics "github.com/rcrowley/go-metrics"
  15. )
  16. // Broker represents a single Kafka broker connection. All operations on this object are entirely concurrency-safe.
  17. type Broker struct {
  18. conf *Config
  19. rack *string
  20. id int32
  21. addr string
  22. correlationID int32
  23. conn net.Conn
  24. connErr error
  25. lock sync.Mutex
  26. opened int32
  27. responses chan responsePromise
  28. done chan bool
  29. registeredMetrics []string
  30. incomingByteRate metrics.Meter
  31. requestRate metrics.Meter
  32. requestSize metrics.Histogram
  33. requestLatency metrics.Histogram
  34. outgoingByteRate metrics.Meter
  35. responseRate metrics.Meter
  36. responseSize metrics.Histogram
  37. requestsInFlight metrics.Counter
  38. brokerIncomingByteRate metrics.Meter
  39. brokerRequestRate metrics.Meter
  40. brokerRequestSize metrics.Histogram
  41. brokerRequestLatency metrics.Histogram
  42. brokerOutgoingByteRate metrics.Meter
  43. brokerResponseRate metrics.Meter
  44. brokerResponseSize metrics.Histogram
  45. brokerRequestsInFlight metrics.Counter
  46. kerberosAuthenticator GSSAPIKerberosAuth
  47. }
  48. // SASLMechanism specifies the SASL mechanism the client uses to authenticate with the broker
  49. type SASLMechanism string
  50. const (
  51. // SASLTypeOAuth represents the SASL/OAUTHBEARER mechanism (Kafka 2.0.0+)
  52. SASLTypeOAuth = "OAUTHBEARER"
  53. // SASLTypePlaintext represents the SASL/PLAIN mechanism
  54. SASLTypePlaintext = "PLAIN"
  55. // SASLTypeSCRAMSHA256 represents the SCRAM-SHA-256 mechanism.
  56. SASLTypeSCRAMSHA256 = "SCRAM-SHA-256"
  57. // SASLTypeSCRAMSHA512 represents the SCRAM-SHA-512 mechanism.
  58. SASLTypeSCRAMSHA512 = "SCRAM-SHA-512"
  59. SASLTypeGSSAPI = "GSSAPI"
  60. // SASLHandshakeV0 is v0 of the Kafka SASL handshake protocol. Client and
  61. // server negotiate SASL auth using opaque packets.
  62. SASLHandshakeV0 = int16(0)
  63. // SASLHandshakeV1 is v1 of the Kafka SASL handshake protocol. Client and
  64. // server negotiate SASL by wrapping tokens with Kafka protocol headers.
  65. SASLHandshakeV1 = int16(1)
  66. // SASLExtKeyAuth is the reserved extension key name sent as part of the
  67. // SASL/OAUTHBEARER initial client response
  68. SASLExtKeyAuth = "auth"
  69. )
  70. // AccessToken contains an access token used to authenticate a
  71. // SASL/OAUTHBEARER client along with associated metadata.
  72. type AccessToken struct {
  73. // Token is the access token payload.
  74. Token string
  75. // Extensions is a optional map of arbitrary key-value pairs that can be
  76. // sent with the SASL/OAUTHBEARER initial client response. These values are
  77. // ignored by the SASL server if they are unexpected. This feature is only
  78. // supported by Kafka >= 2.1.0.
  79. Extensions map[string]string
  80. }
  81. // AccessTokenProvider is the interface that encapsulates how implementors
  82. // can generate access tokens for Kafka broker authentication.
  83. type AccessTokenProvider interface {
  84. // Token returns an access token. The implementation should ensure token
  85. // reuse so that multiple calls at connect time do not create multiple
  86. // tokens. The implementation should also periodically refresh the token in
  87. // order to guarantee that each call returns an unexpired token. This
  88. // method should not block indefinitely--a timeout error should be returned
  89. // after a short period of inactivity so that the broker connection logic
  90. // can log debugging information and retry.
  91. Token() (*AccessToken, error)
  92. }
  93. // SCRAMClient is a an interface to a SCRAM
  94. // client implementation.
  95. type SCRAMClient interface {
  96. // Begin prepares the client for the SCRAM exchange
  97. // with the server with a user name and a password
  98. Begin(userName, password, authzID string) error
  99. // Step steps client through the SCRAM exchange. It is
  100. // called repeatedly until it errors or `Done` returns true.
  101. Step(challenge string) (response string, err error)
  102. // Done should return true when the SCRAM conversation
  103. // is over.
  104. Done() bool
  105. }
  106. type responsePromise struct {
  107. requestTime time.Time
  108. correlationID int32
  109. headerVersion int16
  110. packets chan []byte
  111. errors chan error
  112. }
  113. // NewBroker creates and returns a Broker targeting the given host:port address.
  114. // This does not attempt to actually connect, you have to call Open() for that.
  115. func NewBroker(addr string) *Broker {
  116. return &Broker{id: -1, addr: addr}
  117. }
  118. // Open tries to connect to the Broker if it is not already connected or connecting, but does not block
  119. // waiting for the connection to complete. This means that any subsequent operations on the broker will
  120. // block waiting for the connection to succeed or fail. To get the effect of a fully synchronous Open call,
  121. // follow it by a call to Connected(). The only errors Open will return directly are ConfigurationError or
  122. // AlreadyConnected. If conf is nil, the result of NewConfig() is used.
  123. func (b *Broker) Open(conf *Config) error {
  124. if !atomic.CompareAndSwapInt32(&b.opened, 0, 1) {
  125. return ErrAlreadyConnected
  126. }
  127. if conf == nil {
  128. conf = NewConfig()
  129. }
  130. err := conf.Validate()
  131. if err != nil {
  132. return err
  133. }
  134. b.lock.Lock()
  135. go withRecover(func() {
  136. defer b.lock.Unlock()
  137. dialer := conf.getDialer()
  138. b.conn, b.connErr = dialer.Dial("tcp", b.addr)
  139. if b.connErr != nil {
  140. Logger.Printf("Failed to connect to broker %s: %s\n", b.addr, b.connErr)
  141. b.conn = nil
  142. atomic.StoreInt32(&b.opened, 0)
  143. return
  144. }
  145. if conf.Net.TLS.Enable {
  146. b.conn = tls.Client(b.conn, validServerNameTLS(b.addr, conf.Net.TLS.Config))
  147. }
  148. b.conn = newBufConn(b.conn)
  149. b.conf = conf
  150. // Create or reuse the global metrics shared between brokers
  151. b.incomingByteRate = metrics.GetOrRegisterMeter("incoming-byte-rate", conf.MetricRegistry)
  152. b.requestRate = metrics.GetOrRegisterMeter("request-rate", conf.MetricRegistry)
  153. b.requestSize = getOrRegisterHistogram("request-size", conf.MetricRegistry)
  154. b.requestLatency = getOrRegisterHistogram("request-latency-in-ms", conf.MetricRegistry)
  155. b.outgoingByteRate = metrics.GetOrRegisterMeter("outgoing-byte-rate", conf.MetricRegistry)
  156. b.responseRate = metrics.GetOrRegisterMeter("response-rate", conf.MetricRegistry)
  157. b.responseSize = getOrRegisterHistogram("response-size", conf.MetricRegistry)
  158. b.requestsInFlight = metrics.GetOrRegisterCounter("requests-in-flight", conf.MetricRegistry)
  159. // Do not gather metrics for seeded broker (only used during bootstrap) because they share
  160. // the same id (-1) and are already exposed through the global metrics above
  161. if b.id >= 0 {
  162. b.registerMetrics()
  163. }
  164. if conf.Net.SASL.Enable {
  165. b.connErr = b.authenticateViaSASL()
  166. if b.connErr != nil {
  167. err = b.conn.Close()
  168. if err == nil {
  169. Logger.Printf("Closed connection to broker %s\n", b.addr)
  170. } else {
  171. Logger.Printf("Error while closing connection to broker %s: %s\n", b.addr, err)
  172. }
  173. b.conn = nil
  174. atomic.StoreInt32(&b.opened, 0)
  175. return
  176. }
  177. }
  178. b.done = make(chan bool)
  179. b.responses = make(chan responsePromise, b.conf.Net.MaxOpenRequests-1)
  180. if b.id >= 0 {
  181. Logger.Printf("Connected to broker at %s (registered as #%d)\n", b.addr, b.id)
  182. } else {
  183. Logger.Printf("Connected to broker at %s (unregistered)\n", b.addr)
  184. }
  185. go withRecover(b.responseReceiver)
  186. })
  187. return nil
  188. }
  189. // Connected returns true if the broker is connected and false otherwise. If the broker is not
  190. // connected but it had tried to connect, the error from that connection attempt is also returned.
  191. func (b *Broker) Connected() (bool, error) {
  192. b.lock.Lock()
  193. defer b.lock.Unlock()
  194. return b.conn != nil, b.connErr
  195. }
  196. //Close closes the broker resources
  197. func (b *Broker) Close() error {
  198. b.lock.Lock()
  199. defer b.lock.Unlock()
  200. if b.conn == nil {
  201. return ErrNotConnected
  202. }
  203. close(b.responses)
  204. <-b.done
  205. err := b.conn.Close()
  206. b.conn = nil
  207. b.connErr = nil
  208. b.done = nil
  209. b.responses = nil
  210. b.unregisterMetrics()
  211. if err == nil {
  212. Logger.Printf("Closed connection to broker %s\n", b.addr)
  213. } else {
  214. Logger.Printf("Error while closing connection to broker %s: %s\n", b.addr, err)
  215. }
  216. atomic.StoreInt32(&b.opened, 0)
  217. return err
  218. }
  219. // ID returns the broker ID retrieved from Kafka's metadata, or -1 if that is not known.
  220. func (b *Broker) ID() int32 {
  221. return b.id
  222. }
  223. // Addr returns the broker address as either retrieved from Kafka's metadata or passed to NewBroker.
  224. func (b *Broker) Addr() string {
  225. return b.addr
  226. }
  227. // Rack returns the broker's rack as retrieved from Kafka's metadata or the
  228. // empty string if it is not known. The returned value corresponds to the
  229. // broker's broker.rack configuration setting. Requires protocol version to be
  230. // at least v0.10.0.0.
  231. func (b *Broker) Rack() string {
  232. if b.rack == nil {
  233. return ""
  234. }
  235. return *b.rack
  236. }
  237. //GetMetadata send a metadata request and returns a metadata response or error
  238. func (b *Broker) GetMetadata(request *MetadataRequest) (*MetadataResponse, error) {
  239. response := new(MetadataResponse)
  240. err := b.sendAndReceive(request, response)
  241. if err != nil {
  242. return nil, err
  243. }
  244. return response, nil
  245. }
  246. //GetConsumerMetadata send a consumer metadata request and returns a consumer metadata response or error
  247. func (b *Broker) GetConsumerMetadata(request *ConsumerMetadataRequest) (*ConsumerMetadataResponse, error) {
  248. response := new(ConsumerMetadataResponse)
  249. err := b.sendAndReceive(request, response)
  250. if err != nil {
  251. return nil, err
  252. }
  253. return response, nil
  254. }
  255. //FindCoordinator sends a find coordinate request and returns a response or error
  256. func (b *Broker) FindCoordinator(request *FindCoordinatorRequest) (*FindCoordinatorResponse, error) {
  257. response := new(FindCoordinatorResponse)
  258. err := b.sendAndReceive(request, response)
  259. if err != nil {
  260. return nil, err
  261. }
  262. return response, nil
  263. }
  264. //GetAvailableOffsets return an offset response or error
  265. func (b *Broker) GetAvailableOffsets(request *OffsetRequest) (*OffsetResponse, error) {
  266. response := new(OffsetResponse)
  267. err := b.sendAndReceive(request, response)
  268. if err != nil {
  269. return nil, err
  270. }
  271. return response, nil
  272. }
  273. //Produce returns a produce response or error
  274. func (b *Broker) Produce(request *ProduceRequest) (*ProduceResponse, error) {
  275. var (
  276. response *ProduceResponse
  277. err error
  278. )
  279. if request.RequiredAcks == NoResponse {
  280. err = b.sendAndReceive(request, nil)
  281. } else {
  282. response = new(ProduceResponse)
  283. err = b.sendAndReceive(request, response)
  284. }
  285. if err != nil {
  286. return nil, err
  287. }
  288. return response, nil
  289. }
  290. //Fetch returns a FetchResponse or error
  291. func (b *Broker) Fetch(request *FetchRequest) (*FetchResponse, error) {
  292. response := new(FetchResponse)
  293. err := b.sendAndReceive(request, response)
  294. if err != nil {
  295. return nil, err
  296. }
  297. return response, nil
  298. }
  299. //CommitOffset return an Offset commit response or error
  300. func (b *Broker) CommitOffset(request *OffsetCommitRequest) (*OffsetCommitResponse, error) {
  301. response := new(OffsetCommitResponse)
  302. err := b.sendAndReceive(request, response)
  303. if err != nil {
  304. return nil, err
  305. }
  306. return response, nil
  307. }
  308. //FetchOffset returns an offset fetch response or error
  309. func (b *Broker) FetchOffset(request *OffsetFetchRequest) (*OffsetFetchResponse, error) {
  310. response := new(OffsetFetchResponse)
  311. err := b.sendAndReceive(request, response)
  312. if err != nil {
  313. return nil, err
  314. }
  315. return response, nil
  316. }
  317. //JoinGroup returns a join group response or error
  318. func (b *Broker) JoinGroup(request *JoinGroupRequest) (*JoinGroupResponse, error) {
  319. response := new(JoinGroupResponse)
  320. err := b.sendAndReceive(request, response)
  321. if err != nil {
  322. return nil, err
  323. }
  324. return response, nil
  325. }
  326. //SyncGroup returns a sync group response or error
  327. func (b *Broker) SyncGroup(request *SyncGroupRequest) (*SyncGroupResponse, error) {
  328. response := new(SyncGroupResponse)
  329. err := b.sendAndReceive(request, response)
  330. if err != nil {
  331. return nil, err
  332. }
  333. return response, nil
  334. }
  335. //LeaveGroup return a leave group response or error
  336. func (b *Broker) LeaveGroup(request *LeaveGroupRequest) (*LeaveGroupResponse, error) {
  337. response := new(LeaveGroupResponse)
  338. err := b.sendAndReceive(request, response)
  339. if err != nil {
  340. return nil, err
  341. }
  342. return response, nil
  343. }
  344. //Heartbeat returns a heartbeat response or error
  345. func (b *Broker) Heartbeat(request *HeartbeatRequest) (*HeartbeatResponse, error) {
  346. response := new(HeartbeatResponse)
  347. err := b.sendAndReceive(request, response)
  348. if err != nil {
  349. return nil, err
  350. }
  351. return response, nil
  352. }
  353. //ListGroups return a list group response or error
  354. func (b *Broker) ListGroups(request *ListGroupsRequest) (*ListGroupsResponse, error) {
  355. response := new(ListGroupsResponse)
  356. err := b.sendAndReceive(request, response)
  357. if err != nil {
  358. return nil, err
  359. }
  360. return response, nil
  361. }
  362. //DescribeGroups return describe group response or error
  363. func (b *Broker) DescribeGroups(request *DescribeGroupsRequest) (*DescribeGroupsResponse, error) {
  364. response := new(DescribeGroupsResponse)
  365. err := b.sendAndReceive(request, response)
  366. if err != nil {
  367. return nil, err
  368. }
  369. return response, nil
  370. }
  371. //ApiVersions return api version response or error
  372. func (b *Broker) ApiVersions(request *ApiVersionsRequest) (*ApiVersionsResponse, error) {
  373. response := new(ApiVersionsResponse)
  374. err := b.sendAndReceive(request, response)
  375. if err != nil {
  376. return nil, err
  377. }
  378. return response, nil
  379. }
  380. //CreateTopics send a create topic request and returns create topic response
  381. func (b *Broker) CreateTopics(request *CreateTopicsRequest) (*CreateTopicsResponse, error) {
  382. response := new(CreateTopicsResponse)
  383. err := b.sendAndReceive(request, response)
  384. if err != nil {
  385. return nil, err
  386. }
  387. return response, nil
  388. }
  389. //DeleteTopics sends a delete topic request and returns delete topic response
  390. func (b *Broker) DeleteTopics(request *DeleteTopicsRequest) (*DeleteTopicsResponse, error) {
  391. response := new(DeleteTopicsResponse)
  392. err := b.sendAndReceive(request, response)
  393. if err != nil {
  394. return nil, err
  395. }
  396. return response, nil
  397. }
  398. //CreatePartitions sends a create partition request and returns create
  399. //partitions response or error
  400. func (b *Broker) CreatePartitions(request *CreatePartitionsRequest) (*CreatePartitionsResponse, error) {
  401. response := new(CreatePartitionsResponse)
  402. err := b.sendAndReceive(request, response)
  403. if err != nil {
  404. return nil, err
  405. }
  406. return response, nil
  407. }
  408. //AlterPartitionReassignments sends a alter partition reassignments request and
  409. //returns alter partition reassignments response
  410. func (b *Broker) AlterPartitionReassignments(request *AlterPartitionReassignmentsRequest) (*AlterPartitionReassignmentsResponse, error) {
  411. response := new(AlterPartitionReassignmentsResponse)
  412. err := b.sendAndReceive(request, response)
  413. if err != nil {
  414. return nil, err
  415. }
  416. return response, nil
  417. }
  418. //ListPartitionReassignments sends a list partition reassignments request and
  419. //returns list partition reassignments response
  420. func (b *Broker) ListPartitionReassignments(request *ListPartitionReassignmentsRequest) (*ListPartitionReassignmentsResponse, error) {
  421. response := new(ListPartitionReassignmentsResponse)
  422. err := b.sendAndReceive(request, response)
  423. if err != nil {
  424. return nil, err
  425. }
  426. return response, nil
  427. }
  428. //DeleteRecords send a request to delete records and return delete record
  429. //response or error
  430. func (b *Broker) DeleteRecords(request *DeleteRecordsRequest) (*DeleteRecordsResponse, error) {
  431. response := new(DeleteRecordsResponse)
  432. err := b.sendAndReceive(request, response)
  433. if err != nil {
  434. return nil, err
  435. }
  436. return response, nil
  437. }
  438. //DescribeAcls sends a describe acl request and returns a response or error
  439. func (b *Broker) DescribeAcls(request *DescribeAclsRequest) (*DescribeAclsResponse, error) {
  440. response := new(DescribeAclsResponse)
  441. err := b.sendAndReceive(request, response)
  442. if err != nil {
  443. return nil, err
  444. }
  445. return response, nil
  446. }
  447. //CreateAcls sends a create acl request and returns a response or error
  448. func (b *Broker) CreateAcls(request *CreateAclsRequest) (*CreateAclsResponse, error) {
  449. response := new(CreateAclsResponse)
  450. err := b.sendAndReceive(request, response)
  451. if err != nil {
  452. return nil, err
  453. }
  454. return response, nil
  455. }
  456. //DeleteAcls sends a delete acl request and returns a response or error
  457. func (b *Broker) DeleteAcls(request *DeleteAclsRequest) (*DeleteAclsResponse, error) {
  458. response := new(DeleteAclsResponse)
  459. err := b.sendAndReceive(request, response)
  460. if err != nil {
  461. return nil, err
  462. }
  463. return response, nil
  464. }
  465. //InitProducerID sends an init producer request and returns a response or error
  466. func (b *Broker) InitProducerID(request *InitProducerIDRequest) (*InitProducerIDResponse, error) {
  467. response := new(InitProducerIDResponse)
  468. err := b.sendAndReceive(request, response)
  469. if err != nil {
  470. return nil, err
  471. }
  472. return response, nil
  473. }
  474. //AddPartitionsToTxn send a request to add partition to txn and returns
  475. //a response or error
  476. func (b *Broker) AddPartitionsToTxn(request *AddPartitionsToTxnRequest) (*AddPartitionsToTxnResponse, error) {
  477. response := new(AddPartitionsToTxnResponse)
  478. err := b.sendAndReceive(request, response)
  479. if err != nil {
  480. return nil, err
  481. }
  482. return response, nil
  483. }
  484. //AddOffsetsToTxn sends a request to add offsets to txn and returns a response
  485. //or error
  486. func (b *Broker) AddOffsetsToTxn(request *AddOffsetsToTxnRequest) (*AddOffsetsToTxnResponse, error) {
  487. response := new(AddOffsetsToTxnResponse)
  488. err := b.sendAndReceive(request, response)
  489. if err != nil {
  490. return nil, err
  491. }
  492. return response, nil
  493. }
  494. //EndTxn sends a request to end txn and returns a response or error
  495. func (b *Broker) EndTxn(request *EndTxnRequest) (*EndTxnResponse, error) {
  496. response := new(EndTxnResponse)
  497. err := b.sendAndReceive(request, response)
  498. if err != nil {
  499. return nil, err
  500. }
  501. return response, nil
  502. }
  503. //TxnOffsetCommit sends a request to commit transaction offsets and returns
  504. //a response or error
  505. func (b *Broker) TxnOffsetCommit(request *TxnOffsetCommitRequest) (*TxnOffsetCommitResponse, error) {
  506. response := new(TxnOffsetCommitResponse)
  507. err := b.sendAndReceive(request, response)
  508. if err != nil {
  509. return nil, err
  510. }
  511. return response, nil
  512. }
  513. //DescribeConfigs sends a request to describe config and returns a response or
  514. //error
  515. func (b *Broker) DescribeConfigs(request *DescribeConfigsRequest) (*DescribeConfigsResponse, error) {
  516. response := new(DescribeConfigsResponse)
  517. err := b.sendAndReceive(request, response)
  518. if err != nil {
  519. return nil, err
  520. }
  521. return response, nil
  522. }
  523. //AlterConfigs sends a request to alter config and return a response or error
  524. func (b *Broker) AlterConfigs(request *AlterConfigsRequest) (*AlterConfigsResponse, error) {
  525. response := new(AlterConfigsResponse)
  526. err := b.sendAndReceive(request, response)
  527. if err != nil {
  528. return nil, err
  529. }
  530. return response, nil
  531. }
  532. //DeleteGroups sends a request to delete groups and returns a response or error
  533. func (b *Broker) DeleteGroups(request *DeleteGroupsRequest) (*DeleteGroupsResponse, error) {
  534. response := new(DeleteGroupsResponse)
  535. if err := b.sendAndReceive(request, response); err != nil {
  536. return nil, err
  537. }
  538. return response, nil
  539. }
  540. //DescribeLogDirs sends a request to get the broker's log dir paths and sizes
  541. func (b *Broker) DescribeLogDirs(request *DescribeLogDirsRequest) (*DescribeLogDirsResponse, error) {
  542. response := new(DescribeLogDirsResponse)
  543. err := b.sendAndReceive(request, response)
  544. if err != nil {
  545. return nil, err
  546. }
  547. return response, nil
  548. }
  549. // readFull ensures the conn ReadDeadline has been setup before making a
  550. // call to io.ReadFull
  551. func (b *Broker) readFull(buf []byte) (n int, err error) {
  552. if err := b.conn.SetReadDeadline(time.Now().Add(b.conf.Net.ReadTimeout)); err != nil {
  553. return 0, err
  554. }
  555. return io.ReadFull(b.conn, buf)
  556. }
  557. // write ensures the conn WriteDeadline has been setup before making a
  558. // call to conn.Write
  559. func (b *Broker) write(buf []byte) (n int, err error) {
  560. if err := b.conn.SetWriteDeadline(time.Now().Add(b.conf.Net.WriteTimeout)); err != nil {
  561. return 0, err
  562. }
  563. return b.conn.Write(buf)
  564. }
  565. func (b *Broker) send(rb protocolBody, promiseResponse bool, responseHeaderVersion int16) (*responsePromise, error) {
  566. b.lock.Lock()
  567. defer b.lock.Unlock()
  568. if b.conn == nil {
  569. if b.connErr != nil {
  570. return nil, b.connErr
  571. }
  572. return nil, ErrNotConnected
  573. }
  574. if !b.conf.Version.IsAtLeast(rb.requiredVersion()) {
  575. return nil, ErrUnsupportedVersion
  576. }
  577. req := &request{correlationID: b.correlationID, clientID: b.conf.ClientID, body: rb}
  578. buf, err := encode(req, b.conf.MetricRegistry)
  579. if err != nil {
  580. return nil, err
  581. }
  582. requestTime := time.Now()
  583. // Will be decremented in responseReceiver (except error or request with NoResponse)
  584. b.addRequestInFlightMetrics(1)
  585. bytes, err := b.write(buf)
  586. b.updateOutgoingCommunicationMetrics(bytes)
  587. if err != nil {
  588. b.addRequestInFlightMetrics(-1)
  589. return nil, err
  590. }
  591. b.correlationID++
  592. if !promiseResponse {
  593. // Record request latency without the response
  594. b.updateRequestLatencyAndInFlightMetrics(time.Since(requestTime))
  595. return nil, nil
  596. }
  597. promise := responsePromise{requestTime, req.correlationID, responseHeaderVersion, make(chan []byte), make(chan error)}
  598. b.responses <- promise
  599. return &promise, nil
  600. }
  601. func (b *Broker) sendAndReceive(req protocolBody, res protocolBody) error {
  602. responseHeaderVersion := int16(-1)
  603. if res != nil {
  604. responseHeaderVersion = res.headerVersion()
  605. }
  606. promise, err := b.send(req, res != nil, responseHeaderVersion)
  607. if err != nil {
  608. return err
  609. }
  610. if promise == nil {
  611. return nil
  612. }
  613. select {
  614. case buf := <-promise.packets:
  615. return versionedDecode(buf, res, req.version())
  616. case err = <-promise.errors:
  617. return err
  618. }
  619. }
  620. func (b *Broker) decode(pd packetDecoder, version int16) (err error) {
  621. b.id, err = pd.getInt32()
  622. if err != nil {
  623. return err
  624. }
  625. host, err := pd.getString()
  626. if err != nil {
  627. return err
  628. }
  629. port, err := pd.getInt32()
  630. if err != nil {
  631. return err
  632. }
  633. if version >= 1 {
  634. b.rack, err = pd.getNullableString()
  635. if err != nil {
  636. return err
  637. }
  638. }
  639. b.addr = net.JoinHostPort(host, fmt.Sprint(port))
  640. if _, _, err := net.SplitHostPort(b.addr); err != nil {
  641. return err
  642. }
  643. return nil
  644. }
  645. func (b *Broker) encode(pe packetEncoder, version int16) (err error) {
  646. host, portstr, err := net.SplitHostPort(b.addr)
  647. if err != nil {
  648. return err
  649. }
  650. port, err := strconv.Atoi(portstr)
  651. if err != nil {
  652. return err
  653. }
  654. pe.putInt32(b.id)
  655. err = pe.putString(host)
  656. if err != nil {
  657. return err
  658. }
  659. pe.putInt32(int32(port))
  660. if version >= 1 {
  661. err = pe.putNullableString(b.rack)
  662. if err != nil {
  663. return err
  664. }
  665. }
  666. return nil
  667. }
  668. func (b *Broker) responseReceiver() {
  669. var dead error
  670. for response := range b.responses {
  671. if dead != nil {
  672. // This was previously incremented in send() and
  673. // we are not calling updateIncomingCommunicationMetrics()
  674. b.addRequestInFlightMetrics(-1)
  675. response.errors <- dead
  676. continue
  677. }
  678. var headerLength = getHeaderLength(response.headerVersion)
  679. header := make([]byte, headerLength)
  680. bytesReadHeader, err := b.readFull(header)
  681. requestLatency := time.Since(response.requestTime)
  682. if err != nil {
  683. b.updateIncomingCommunicationMetrics(bytesReadHeader, requestLatency)
  684. dead = err
  685. response.errors <- err
  686. continue
  687. }
  688. decodedHeader := responseHeader{}
  689. err = versionedDecode(header, &decodedHeader, response.headerVersion)
  690. if err != nil {
  691. b.updateIncomingCommunicationMetrics(bytesReadHeader, requestLatency)
  692. dead = err
  693. response.errors <- err
  694. continue
  695. }
  696. if decodedHeader.correlationID != response.correlationID {
  697. b.updateIncomingCommunicationMetrics(bytesReadHeader, requestLatency)
  698. // TODO if decoded ID < cur ID, discard until we catch up
  699. // TODO if decoded ID > cur ID, save it so when cur ID catches up we have a response
  700. dead = PacketDecodingError{fmt.Sprintf("correlation ID didn't match, wanted %d, got %d", response.correlationID, decodedHeader.correlationID)}
  701. response.errors <- dead
  702. continue
  703. }
  704. buf := make([]byte, decodedHeader.length-int32(headerLength)+4)
  705. bytesReadBody, err := b.readFull(buf)
  706. b.updateIncomingCommunicationMetrics(bytesReadHeader+bytesReadBody, requestLatency)
  707. if err != nil {
  708. dead = err
  709. response.errors <- err
  710. continue
  711. }
  712. response.packets <- buf
  713. }
  714. close(b.done)
  715. }
  716. func getHeaderLength(headerVersion int16) int8 {
  717. if headerVersion < 1 {
  718. return 8
  719. } else {
  720. // header contains additional tagged field length (0), we don't support actual tags yet.
  721. return 9
  722. }
  723. }
  724. func (b *Broker) authenticateViaSASL() error {
  725. switch b.conf.Net.SASL.Mechanism {
  726. case SASLTypeOAuth:
  727. return b.sendAndReceiveSASLOAuth(b.conf.Net.SASL.TokenProvider)
  728. case SASLTypeSCRAMSHA256, SASLTypeSCRAMSHA512:
  729. return b.sendAndReceiveSASLSCRAMv1()
  730. case SASLTypeGSSAPI:
  731. return b.sendAndReceiveKerberos()
  732. default:
  733. return b.sendAndReceiveSASLPlainAuth()
  734. }
  735. }
  736. func (b *Broker) sendAndReceiveKerberos() error {
  737. b.kerberosAuthenticator.Config = &b.conf.Net.SASL.GSSAPI
  738. if b.kerberosAuthenticator.NewKerberosClientFunc == nil {
  739. b.kerberosAuthenticator.NewKerberosClientFunc = NewKerberosClient
  740. }
  741. return b.kerberosAuthenticator.Authorize(b)
  742. }
  743. func (b *Broker) sendAndReceiveSASLHandshake(saslType SASLMechanism, version int16) error {
  744. rb := &SaslHandshakeRequest{Mechanism: string(saslType), Version: version}
  745. req := &request{correlationID: b.correlationID, clientID: b.conf.ClientID, body: rb}
  746. buf, err := encode(req, b.conf.MetricRegistry)
  747. if err != nil {
  748. return err
  749. }
  750. requestTime := time.Now()
  751. // Will be decremented in updateIncomingCommunicationMetrics (except error)
  752. b.addRequestInFlightMetrics(1)
  753. bytes, err := b.write(buf)
  754. b.updateOutgoingCommunicationMetrics(bytes)
  755. if err != nil {
  756. b.addRequestInFlightMetrics(-1)
  757. Logger.Printf("Failed to send SASL handshake %s: %s\n", b.addr, err.Error())
  758. return err
  759. }
  760. b.correlationID++
  761. header := make([]byte, 8) // response header
  762. _, err = b.readFull(header)
  763. if err != nil {
  764. b.addRequestInFlightMetrics(-1)
  765. Logger.Printf("Failed to read SASL handshake header : %s\n", err.Error())
  766. return err
  767. }
  768. length := binary.BigEndian.Uint32(header[:4])
  769. payload := make([]byte, length-4)
  770. n, err := b.readFull(payload)
  771. if err != nil {
  772. b.addRequestInFlightMetrics(-1)
  773. Logger.Printf("Failed to read SASL handshake payload : %s\n", err.Error())
  774. return err
  775. }
  776. b.updateIncomingCommunicationMetrics(n+8, time.Since(requestTime))
  777. res := &SaslHandshakeResponse{}
  778. err = versionedDecode(payload, res, 0)
  779. if err != nil {
  780. Logger.Printf("Failed to parse SASL handshake : %s\n", err.Error())
  781. return err
  782. }
  783. if res.Err != ErrNoError {
  784. Logger.Printf("Invalid SASL Mechanism : %s\n", res.Err.Error())
  785. return res.Err
  786. }
  787. Logger.Print("Successful SASL handshake. Available mechanisms: ", res.EnabledMechanisms)
  788. return nil
  789. }
  790. // Kafka 0.10.x supported SASL PLAIN/Kerberos via KAFKA-3149 (KIP-43).
  791. // Kafka 1.x.x onward added a SaslAuthenticate request/response message which
  792. // wraps the SASL flow in the Kafka protocol, which allows for returning
  793. // meaningful errors on authentication failure.
  794. //
  795. // In SASL Plain, Kafka expects the auth header to be in the following format
  796. // Message format (from https://tools.ietf.org/html/rfc4616):
  797. //
  798. // message = [authzid] UTF8NUL authcid UTF8NUL passwd
  799. // authcid = 1*SAFE ; MUST accept up to 255 octets
  800. // authzid = 1*SAFE ; MUST accept up to 255 octets
  801. // passwd = 1*SAFE ; MUST accept up to 255 octets
  802. // UTF8NUL = %x00 ; UTF-8 encoded NUL character
  803. //
  804. // SAFE = UTF1 / UTF2 / UTF3 / UTF4
  805. // ;; any UTF-8 encoded Unicode character except NUL
  806. //
  807. // With SASL v0 handshake and auth then:
  808. // When credentials are valid, Kafka returns a 4 byte array of null characters.
  809. // When credentials are invalid, Kafka closes the connection.
  810. //
  811. // With SASL v1 handshake and auth then:
  812. // When credentials are invalid, Kafka replies with a SaslAuthenticate response
  813. // containing an error code and message detailing the authentication failure.
  814. func (b *Broker) sendAndReceiveSASLPlainAuth() error {
  815. // default to V0 to allow for backward compatibility when SASL is enabled
  816. // but not the handshake
  817. if b.conf.Net.SASL.Handshake {
  818. handshakeErr := b.sendAndReceiveSASLHandshake(SASLTypePlaintext, b.conf.Net.SASL.Version)
  819. if handshakeErr != nil {
  820. Logger.Printf("Error while performing SASL handshake %s\n", b.addr)
  821. return handshakeErr
  822. }
  823. }
  824. if b.conf.Net.SASL.Version == SASLHandshakeV1 {
  825. return b.sendAndReceiveV1SASLPlainAuth()
  826. }
  827. return b.sendAndReceiveV0SASLPlainAuth()
  828. }
  829. // sendAndReceiveV0SASLPlainAuth flows the v0 sasl auth NOT wrapped in the kafka protocol
  830. func (b *Broker) sendAndReceiveV0SASLPlainAuth() error {
  831. length := len(b.conf.Net.SASL.AuthIdentity) + 1 + len(b.conf.Net.SASL.User) + 1 + len(b.conf.Net.SASL.Password)
  832. authBytes := make([]byte, length+4) //4 byte length header + auth data
  833. binary.BigEndian.PutUint32(authBytes, uint32(length))
  834. copy(authBytes[4:], []byte(b.conf.Net.SASL.AuthIdentity+"\x00"+b.conf.Net.SASL.User+"\x00"+b.conf.Net.SASL.Password))
  835. requestTime := time.Now()
  836. // Will be decremented in updateIncomingCommunicationMetrics (except error)
  837. b.addRequestInFlightMetrics(1)
  838. bytesWritten, err := b.write(authBytes)
  839. b.updateOutgoingCommunicationMetrics(bytesWritten)
  840. if err != nil {
  841. b.addRequestInFlightMetrics(-1)
  842. Logger.Printf("Failed to write SASL auth header to broker %s: %s\n", b.addr, err.Error())
  843. return err
  844. }
  845. header := make([]byte, 4)
  846. n, err := b.readFull(header)
  847. b.updateIncomingCommunicationMetrics(n, time.Since(requestTime))
  848. // If the credentials are valid, we would get a 4 byte response filled with null characters.
  849. // Otherwise, the broker closes the connection and we get an EOF
  850. if err != nil {
  851. Logger.Printf("Failed to read response while authenticating with SASL to broker %s: %s\n", b.addr, err.Error())
  852. return err
  853. }
  854. Logger.Printf("SASL authentication successful with broker %s:%v - %v\n", b.addr, n, header)
  855. return nil
  856. }
  857. // sendAndReceiveV1SASLPlainAuth flows the v1 sasl authentication using the kafka protocol
  858. func (b *Broker) sendAndReceiveV1SASLPlainAuth() error {
  859. correlationID := b.correlationID
  860. requestTime := time.Now()
  861. // Will be decremented in updateIncomingCommunicationMetrics (except error)
  862. b.addRequestInFlightMetrics(1)
  863. bytesWritten, err := b.sendSASLPlainAuthClientResponse(correlationID)
  864. b.updateOutgoingCommunicationMetrics(bytesWritten)
  865. if err != nil {
  866. b.addRequestInFlightMetrics(-1)
  867. Logger.Printf("Failed to write SASL auth header to broker %s: %s\n", b.addr, err.Error())
  868. return err
  869. }
  870. b.correlationID++
  871. bytesRead, err := b.receiveSASLServerResponse(&SaslAuthenticateResponse{}, correlationID)
  872. b.updateIncomingCommunicationMetrics(bytesRead, time.Since(requestTime))
  873. // With v1 sasl we get an error message set in the response we can return
  874. if err != nil {
  875. Logger.Printf("Error returned from broker during SASL flow %s: %s\n", b.addr, err.Error())
  876. return err
  877. }
  878. return nil
  879. }
  880. // sendAndReceiveSASLOAuth performs the authentication flow as described by KIP-255
  881. // https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=75968876
  882. func (b *Broker) sendAndReceiveSASLOAuth(provider AccessTokenProvider) error {
  883. if err := b.sendAndReceiveSASLHandshake(SASLTypeOAuth, SASLHandshakeV1); err != nil {
  884. return err
  885. }
  886. token, err := provider.Token()
  887. if err != nil {
  888. return err
  889. }
  890. message, err := buildClientFirstMessage(token)
  891. if err != nil {
  892. return err
  893. }
  894. challenged, err := b.sendClientMessage(message)
  895. if err != nil {
  896. return err
  897. }
  898. if challenged {
  899. // Abort the token exchange. The broker returns the failure code.
  900. _, err = b.sendClientMessage([]byte(`\x01`))
  901. }
  902. return err
  903. }
  904. // sendClientMessage sends a SASL/OAUTHBEARER client message and returns true
  905. // if the broker responds with a challenge, in which case the token is
  906. // rejected.
  907. func (b *Broker) sendClientMessage(message []byte) (bool, error) {
  908. requestTime := time.Now()
  909. // Will be decremented in updateIncomingCommunicationMetrics (except error)
  910. b.addRequestInFlightMetrics(1)
  911. correlationID := b.correlationID
  912. bytesWritten, err := b.sendSASLOAuthBearerClientMessage(message, correlationID)
  913. b.updateOutgoingCommunicationMetrics(bytesWritten)
  914. if err != nil {
  915. b.addRequestInFlightMetrics(-1)
  916. return false, err
  917. }
  918. b.correlationID++
  919. res := &SaslAuthenticateResponse{}
  920. bytesRead, err := b.receiveSASLServerResponse(res, correlationID)
  921. requestLatency := time.Since(requestTime)
  922. b.updateIncomingCommunicationMetrics(bytesRead, requestLatency)
  923. isChallenge := len(res.SaslAuthBytes) > 0
  924. if isChallenge && err != nil {
  925. Logger.Printf("Broker rejected authentication token: %s", res.SaslAuthBytes)
  926. }
  927. return isChallenge, err
  928. }
  929. func (b *Broker) sendAndReceiveSASLSCRAMv1() error {
  930. if err := b.sendAndReceiveSASLHandshake(b.conf.Net.SASL.Mechanism, SASLHandshakeV1); err != nil {
  931. return err
  932. }
  933. scramClient := b.conf.Net.SASL.SCRAMClientGeneratorFunc()
  934. if err := scramClient.Begin(b.conf.Net.SASL.User, b.conf.Net.SASL.Password, b.conf.Net.SASL.SCRAMAuthzID); err != nil {
  935. return fmt.Errorf("failed to start SCRAM exchange with the server: %s", err.Error())
  936. }
  937. msg, err := scramClient.Step("")
  938. if err != nil {
  939. return fmt.Errorf("failed to advance the SCRAM exchange: %s", err.Error())
  940. }
  941. for !scramClient.Done() {
  942. requestTime := time.Now()
  943. // Will be decremented in updateIncomingCommunicationMetrics (except error)
  944. b.addRequestInFlightMetrics(1)
  945. correlationID := b.correlationID
  946. bytesWritten, err := b.sendSaslAuthenticateRequest(correlationID, []byte(msg))
  947. b.updateOutgoingCommunicationMetrics(bytesWritten)
  948. if err != nil {
  949. b.addRequestInFlightMetrics(-1)
  950. Logger.Printf("Failed to write SASL auth header to broker %s: %s\n", b.addr, err.Error())
  951. return err
  952. }
  953. b.correlationID++
  954. challenge, err := b.receiveSaslAuthenticateResponse(correlationID)
  955. if err != nil {
  956. b.addRequestInFlightMetrics(-1)
  957. Logger.Printf("Failed to read response while authenticating with SASL to broker %s: %s\n", b.addr, err.Error())
  958. return err
  959. }
  960. b.updateIncomingCommunicationMetrics(len(challenge), time.Since(requestTime))
  961. msg, err = scramClient.Step(string(challenge))
  962. if err != nil {
  963. Logger.Println("SASL authentication failed", err)
  964. return err
  965. }
  966. }
  967. Logger.Println("SASL authentication succeeded")
  968. return nil
  969. }
  970. func (b *Broker) sendSaslAuthenticateRequest(correlationID int32, msg []byte) (int, error) {
  971. rb := &SaslAuthenticateRequest{msg}
  972. req := &request{correlationID: correlationID, clientID: b.conf.ClientID, body: rb}
  973. buf, err := encode(req, b.conf.MetricRegistry)
  974. if err != nil {
  975. return 0, err
  976. }
  977. return b.write(buf)
  978. }
  979. func (b *Broker) receiveSaslAuthenticateResponse(correlationID int32) ([]byte, error) {
  980. buf := make([]byte, responseLengthSize+correlationIDSize)
  981. _, err := b.readFull(buf)
  982. if err != nil {
  983. return nil, err
  984. }
  985. header := responseHeader{}
  986. err = versionedDecode(buf, &header, 0)
  987. if err != nil {
  988. return nil, err
  989. }
  990. if header.correlationID != correlationID {
  991. return nil, fmt.Errorf("correlation ID didn't match, wanted %d, got %d", b.correlationID, header.correlationID)
  992. }
  993. buf = make([]byte, header.length-correlationIDSize)
  994. _, err = b.readFull(buf)
  995. if err != nil {
  996. return nil, err
  997. }
  998. res := &SaslAuthenticateResponse{}
  999. if err := versionedDecode(buf, res, 0); err != nil {
  1000. return nil, err
  1001. }
  1002. if res.Err != ErrNoError {
  1003. return nil, res.Err
  1004. }
  1005. return res.SaslAuthBytes, nil
  1006. }
  1007. // Build SASL/OAUTHBEARER initial client response as described by RFC-7628
  1008. // https://tools.ietf.org/html/rfc7628
  1009. func buildClientFirstMessage(token *AccessToken) ([]byte, error) {
  1010. var ext string
  1011. if token.Extensions != nil && len(token.Extensions) > 0 {
  1012. if _, ok := token.Extensions[SASLExtKeyAuth]; ok {
  1013. return []byte{}, fmt.Errorf("the extension `%s` is invalid", SASLExtKeyAuth)
  1014. }
  1015. ext = "\x01" + mapToString(token.Extensions, "=", "\x01")
  1016. }
  1017. resp := []byte(fmt.Sprintf("n,,\x01auth=Bearer %s%s\x01\x01", token.Token, ext))
  1018. return resp, nil
  1019. }
  1020. // mapToString returns a list of key-value pairs ordered by key.
  1021. // keyValSep separates the key from the value. elemSep separates each pair.
  1022. func mapToString(extensions map[string]string, keyValSep string, elemSep string) string {
  1023. buf := make([]string, 0, len(extensions))
  1024. for k, v := range extensions {
  1025. buf = append(buf, k+keyValSep+v)
  1026. }
  1027. sort.Strings(buf)
  1028. return strings.Join(buf, elemSep)
  1029. }
  1030. func (b *Broker) sendSASLPlainAuthClientResponse(correlationID int32) (int, error) {
  1031. authBytes := []byte(b.conf.Net.SASL.AuthIdentity + "\x00" + b.conf.Net.SASL.User + "\x00" + b.conf.Net.SASL.Password)
  1032. rb := &SaslAuthenticateRequest{authBytes}
  1033. req := &request{correlationID: correlationID, clientID: b.conf.ClientID, body: rb}
  1034. buf, err := encode(req, b.conf.MetricRegistry)
  1035. if err != nil {
  1036. return 0, err
  1037. }
  1038. return b.write(buf)
  1039. }
  1040. func (b *Broker) sendSASLOAuthBearerClientMessage(initialResp []byte, correlationID int32) (int, error) {
  1041. rb := &SaslAuthenticateRequest{initialResp}
  1042. req := &request{correlationID: correlationID, clientID: b.conf.ClientID, body: rb}
  1043. buf, err := encode(req, b.conf.MetricRegistry)
  1044. if err != nil {
  1045. return 0, err
  1046. }
  1047. return b.write(buf)
  1048. }
  1049. func (b *Broker) receiveSASLServerResponse(res *SaslAuthenticateResponse, correlationID int32) (int, error) {
  1050. buf := make([]byte, responseLengthSize+correlationIDSize)
  1051. bytesRead, err := b.readFull(buf)
  1052. if err != nil {
  1053. return bytesRead, err
  1054. }
  1055. header := responseHeader{}
  1056. err = versionedDecode(buf, &header, 0)
  1057. if err != nil {
  1058. return bytesRead, err
  1059. }
  1060. if header.correlationID != correlationID {
  1061. return bytesRead, fmt.Errorf("correlation ID didn't match, wanted %d, got %d", b.correlationID, header.correlationID)
  1062. }
  1063. buf = make([]byte, header.length-correlationIDSize)
  1064. c, err := b.readFull(buf)
  1065. bytesRead += c
  1066. if err != nil {
  1067. return bytesRead, err
  1068. }
  1069. if err := versionedDecode(buf, res, 0); err != nil {
  1070. return bytesRead, err
  1071. }
  1072. if res.Err != ErrNoError {
  1073. return bytesRead, res.Err
  1074. }
  1075. return bytesRead, nil
  1076. }
  1077. func (b *Broker) updateIncomingCommunicationMetrics(bytes int, requestLatency time.Duration) {
  1078. b.updateRequestLatencyAndInFlightMetrics(requestLatency)
  1079. b.responseRate.Mark(1)
  1080. if b.brokerResponseRate != nil {
  1081. b.brokerResponseRate.Mark(1)
  1082. }
  1083. responseSize := int64(bytes)
  1084. b.incomingByteRate.Mark(responseSize)
  1085. if b.brokerIncomingByteRate != nil {
  1086. b.brokerIncomingByteRate.Mark(responseSize)
  1087. }
  1088. b.responseSize.Update(responseSize)
  1089. if b.brokerResponseSize != nil {
  1090. b.brokerResponseSize.Update(responseSize)
  1091. }
  1092. }
  1093. func (b *Broker) updateRequestLatencyAndInFlightMetrics(requestLatency time.Duration) {
  1094. requestLatencyInMs := int64(requestLatency / time.Millisecond)
  1095. b.requestLatency.Update(requestLatencyInMs)
  1096. if b.brokerRequestLatency != nil {
  1097. b.brokerRequestLatency.Update(requestLatencyInMs)
  1098. }
  1099. b.addRequestInFlightMetrics(-1)
  1100. }
  1101. func (b *Broker) addRequestInFlightMetrics(i int64) {
  1102. b.requestsInFlight.Inc(i)
  1103. if b.brokerRequestsInFlight != nil {
  1104. b.brokerRequestsInFlight.Inc(i)
  1105. }
  1106. }
  1107. func (b *Broker) updateOutgoingCommunicationMetrics(bytes int) {
  1108. b.requestRate.Mark(1)
  1109. if b.brokerRequestRate != nil {
  1110. b.brokerRequestRate.Mark(1)
  1111. }
  1112. requestSize := int64(bytes)
  1113. b.outgoingByteRate.Mark(requestSize)
  1114. if b.brokerOutgoingByteRate != nil {
  1115. b.brokerOutgoingByteRate.Mark(requestSize)
  1116. }
  1117. b.requestSize.Update(requestSize)
  1118. if b.brokerRequestSize != nil {
  1119. b.brokerRequestSize.Update(requestSize)
  1120. }
  1121. }
  1122. func (b *Broker) registerMetrics() {
  1123. b.brokerIncomingByteRate = b.registerMeter("incoming-byte-rate")
  1124. b.brokerRequestRate = b.registerMeter("request-rate")
  1125. b.brokerRequestSize = b.registerHistogram("request-size")
  1126. b.brokerRequestLatency = b.registerHistogram("request-latency-in-ms")
  1127. b.brokerOutgoingByteRate = b.registerMeter("outgoing-byte-rate")
  1128. b.brokerResponseRate = b.registerMeter("response-rate")
  1129. b.brokerResponseSize = b.registerHistogram("response-size")
  1130. b.brokerRequestsInFlight = b.registerCounter("requests-in-flight")
  1131. }
  1132. func (b *Broker) unregisterMetrics() {
  1133. for _, name := range b.registeredMetrics {
  1134. b.conf.MetricRegistry.Unregister(name)
  1135. }
  1136. b.registeredMetrics = nil
  1137. }
  1138. func (b *Broker) registerMeter(name string) metrics.Meter {
  1139. nameForBroker := getMetricNameForBroker(name, b)
  1140. b.registeredMetrics = append(b.registeredMetrics, nameForBroker)
  1141. return metrics.GetOrRegisterMeter(nameForBroker, b.conf.MetricRegistry)
  1142. }
  1143. func (b *Broker) registerHistogram(name string) metrics.Histogram {
  1144. nameForBroker := getMetricNameForBroker(name, b)
  1145. b.registeredMetrics = append(b.registeredMetrics, nameForBroker)
  1146. return getOrRegisterHistogram(nameForBroker, b.conf.MetricRegistry)
  1147. }
  1148. func (b *Broker) registerCounter(name string) metrics.Counter {
  1149. nameForBroker := getMetricNameForBroker(name, b)
  1150. b.registeredMetrics = append(b.registeredMetrics, nameForBroker)
  1151. return metrics.GetOrRegisterCounter(nameForBroker, b.conf.MetricRegistry)
  1152. }
  1153. func validServerNameTLS(addr string, cfg *tls.Config) *tls.Config {
  1154. if cfg == nil {
  1155. cfg = &tls.Config{}
  1156. }
  1157. if cfg.ServerName != "" {
  1158. return cfg
  1159. }
  1160. c := cfg.Clone()
  1161. sn, _, err := net.SplitHostPort(addr)
  1162. if err != nil {
  1163. Logger.Println(fmt.Errorf("failed to get ServerName from addr %w", err))
  1164. }
  1165. c.ServerName = sn
  1166. return c
  1167. }