aboutsummaryrefslogtreecommitdiffstats
path: root/server/sonar-server-common
diff options
context:
space:
mode:
authorAurelien Poscia <aurelien.poscia@sonarsource.com>2024-01-19 10:08:55 +0100
committersonartech <sonartech@sonarsource.com>2024-01-25 20:02:56 +0000
commit858b1023bba599c5aa44119469d8451301434abb (patch)
treee0a8621447c7b5b8c7ea447a57deb9feab3f5b31 /server/sonar-server-common
parentc7d0bb440b8e6bf4c625463b05ec390f1a7a27ab (diff)
downloadsonarqube-858b1023bba599c5aa44119469d8451301434abb.tar.gz
sonarqube-858b1023bba599c5aa44119469d8451301434abb.zip
SONAR-21290 Use UUIDs v4 for all database identifiers
Diffstat (limited to 'server/sonar-server-common')
-rw-r--r--server/sonar-server-common/src/main/java/org/sonar/server/platform/serverid/MacAddressProvider.java109
-rw-r--r--server/sonar-server-common/src/main/java/org/sonar/server/platform/serverid/ServerIdGenerator.java99
-rw-r--r--server/sonar-server-common/src/test/java/org/sonar/server/platform/serverid/MacAddressProviderTest.java43
-rw-r--r--server/sonar-server-common/src/test/java/org/sonar/server/platform/serverid/ServerIdGeneratorTest.java59
4 files changed, 310 insertions, 0 deletions
diff --git a/server/sonar-server-common/src/main/java/org/sonar/server/platform/serverid/MacAddressProvider.java b/server/sonar-server-common/src/main/java/org/sonar/server/platform/serverid/MacAddressProvider.java
new file mode 100644
index 00000000000..91b5f7d99c1
--- /dev/null
+++ b/server/sonar-server-common/src/main/java/org/sonar/server/platform/serverid/MacAddressProvider.java
@@ -0,0 +1,109 @@
+/*
+ * SonarQube
+ * Copyright (C) 2009-2024 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+package org.sonar.server.platform.serverid;
+
+import com.google.common.annotations.VisibleForTesting;
+import java.net.NetworkInterface;
+import java.net.SocketException;
+import java.security.SecureRandom;
+import java.util.Enumeration;
+import javax.annotation.CheckForNull;
+import javax.annotation.Nullable;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.sonar.core.util.UuidFactoryImpl;
+
+/**
+ * Used by {@link UuidFactoryImpl}. Heavily inspired by https://github.com/elastic/elasticsearch/blob/master/core/src/main/java/org/elasticsearch/common/MacAddressProvider.java
+ */
+class MacAddressProvider {
+
+ private static final Logger LOGGER = LoggerFactory.getLogger(MacAddressProvider.class);
+ public static final int BYTE_SIZE = 6;
+
+ private MacAddressProvider() {
+ // only static stuff
+ }
+
+ public static byte[] getSecureMungedAddress() {
+ byte[] address = null;
+ try {
+ address = getMacAddress();
+ } catch (SocketException se) {
+ LOGGER.warn("Unable to get mac address, will use a dummy address", se);
+ // address will be set below
+ }
+
+ if (!isValidAddress(address)) {
+ LOGGER.warn("Unable to get a valid mac address, will use a dummy address");
+ address = constructDummyMulticastAddress();
+ }
+
+ byte[] mungedBytes = new byte[BYTE_SIZE];
+ new SecureRandom().nextBytes(mungedBytes);
+ for (int i = 0; i < BYTE_SIZE; ++i) {
+ mungedBytes[i] ^= address[i];
+ }
+
+ return mungedBytes;
+ }
+
+ private static boolean isValidAddress(@Nullable byte[] address) {
+ if (address == null || address.length != BYTE_SIZE) {
+ return false;
+ }
+ for (byte b : address) {
+ if (b != 0x00) {
+ // If any of the bytes are non zero assume a good address
+ return true;
+ }
+ }
+ return false;
+ }
+
+ @CheckForNull
+ private static byte[] getMacAddress() throws SocketException {
+ Enumeration<NetworkInterface> en = NetworkInterface.getNetworkInterfaces();
+ if (en != null) {
+ while (en.hasMoreElements()) {
+ NetworkInterface nint = en.nextElement();
+ if (!nint.isLoopback()) {
+ // Pick the first valid non loopback address we find
+ byte[] address = nint.getHardwareAddress();
+ if (isValidAddress(address)) {
+ return address;
+ }
+ }
+ }
+ }
+ // Could not find a mac address
+ return null;
+ }
+
+ @VisibleForTesting
+ static byte[] constructDummyMulticastAddress() {
+ byte[] dummy = new byte[BYTE_SIZE];
+ new SecureRandom().nextBytes(dummy);
+ // Set the broadcast bit to indicate this is not a _real_ mac address
+ dummy[0] |= (byte) 0x01;
+ return dummy;
+ }
+
+}
diff --git a/server/sonar-server-common/src/main/java/org/sonar/server/platform/serverid/ServerIdGenerator.java b/server/sonar-server-common/src/main/java/org/sonar/server/platform/serverid/ServerIdGenerator.java
new file mode 100644
index 00000000000..a25738b3392
--- /dev/null
+++ b/server/sonar-server-common/src/main/java/org/sonar/server/platform/serverid/ServerIdGenerator.java
@@ -0,0 +1,99 @@
+/*
+ * SonarQube
+ * Copyright (C) 2009-2024 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+package org.sonar.server.platform.serverid;
+
+import java.security.SecureRandom;
+import java.util.concurrent.atomic.AtomicInteger;
+import java.util.function.Supplier;
+import org.apache.commons.codec.binary.Base64;
+
+public final class ServerIdGenerator {
+
+ private final FullNewIdGenerator fullNewIdGenerator = new FullNewIdGenerator();
+
+ public String generate() {
+ return Base64.encodeBase64URLSafeString(fullNewIdGenerator.get());
+ }
+
+ private static class IdGeneratorBase {
+ // We only use bottom 3 bytes for the sequence number. Paranoia: init with random int so that if JVM/OS/machine goes down, clock slips
+ // backwards, and JVM comes back up, we are less likely to be on the same sequenceNumber at the same time:
+ private final AtomicInteger sequenceNumber = new AtomicInteger(new SecureRandom().nextInt());
+ private final byte[] secureMungedAddress = MacAddressProvider.getSecureMungedAddress();
+ // Used to ensure clock moves forward
+ private long lastTimestamp = 0L;
+
+ void initBase(byte[] buffer, int sequenceId) {
+ long timestamp = System.currentTimeMillis();
+
+ synchronized (this) {
+ // Don't let timestamp go backwards, at least "on our watch" (while this JVM is running). We are still vulnerable if we are
+ // shut down, clock goes backwards, and we restart... for this we randomize the sequenceNumber on init to decrease chance of
+ // collision:
+ timestamp = Math.max(lastTimestamp, timestamp);
+
+ if (sequenceId == 0) {
+ // Always force the clock to increment whenever sequence number is 0, in case we have a long time-slip backwards:
+ timestamp++;
+ }
+
+ lastTimestamp = timestamp;
+ }
+
+ // Only use lower 6 bytes of the timestamp (this will suffice beyond the year 10000):
+ putLong(buffer, timestamp, 0, 6);
+
+ // MAC address adds 6 bytes:
+ System.arraycopy(secureMungedAddress, 0, buffer, 6, secureMungedAddress.length);
+ }
+
+ protected byte[] generate(byte[] buffer, int increment) {
+ // Sequence number adds 3 bytes
+ putLong(buffer, increment, 12, 3);
+
+ return buffer;
+ }
+
+ int getSequenceId() {
+ return sequenceNumber.incrementAndGet() & 0xffffff;
+ }
+
+ /**
+ * Puts the lower numberOfLongBytes from l into the array, starting index pos.
+ */
+ private static void putLong(byte[] array, long l, int pos, int numberOfLongBytes) {
+ for (int i = 0; i < numberOfLongBytes; ++i) {
+ array[pos + numberOfLongBytes - i - 1] = (byte) (l >>> (i * 8));
+ }
+ }
+ }
+
+ private static final class FullNewIdGenerator extends IdGeneratorBase implements Supplier<byte[]> {
+
+ @Override
+ public byte[] get() {
+ byte[] buffer = new byte[15];
+ int sequenceId = getSequenceId();
+ initBase(buffer, sequenceId);
+ return super.generate(buffer, sequenceId);
+ }
+ }
+
+}
diff --git a/server/sonar-server-common/src/test/java/org/sonar/server/platform/serverid/MacAddressProviderTest.java b/server/sonar-server-common/src/test/java/org/sonar/server/platform/serverid/MacAddressProviderTest.java
new file mode 100644
index 00000000000..6babb49a4cb
--- /dev/null
+++ b/server/sonar-server-common/src/test/java/org/sonar/server/platform/serverid/MacAddressProviderTest.java
@@ -0,0 +1,43 @@
+/*
+ * SonarQube
+ * Copyright (C) 2009-2024 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+package org.sonar.server.platform.serverid;
+
+import org.junit.Test;
+
+import static org.assertj.core.api.Assertions.assertThat;
+
+public class MacAddressProviderTest {
+
+ @Test
+ public void getSecureMungedAddress() {
+ byte[] address = MacAddressProvider.getSecureMungedAddress();
+ assertThat(address)
+ .isNotEmpty()
+ .hasSize(6);
+ }
+
+ @Test
+ public void constructDummyMulticastAddress() {
+ byte[] address = MacAddressProvider.constructDummyMulticastAddress();
+ assertThat(address)
+ .isNotEmpty()
+ .hasSize(6);
+ }
+}
diff --git a/server/sonar-server-common/src/test/java/org/sonar/server/platform/serverid/ServerIdGeneratorTest.java b/server/sonar-server-common/src/test/java/org/sonar/server/platform/serverid/ServerIdGeneratorTest.java
new file mode 100644
index 00000000000..dcb13c12b60
--- /dev/null
+++ b/server/sonar-server-common/src/test/java/org/sonar/server/platform/serverid/ServerIdGeneratorTest.java
@@ -0,0 +1,59 @@
+/*
+ * SonarQube
+ * Copyright (C) 2009-2024 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+package org.sonar.server.platform.serverid;
+
+import java.util.ArrayList;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Set;
+import org.junit.Test;
+
+import static org.assertj.core.api.Assertions.assertThat;
+
+public class ServerIdGeneratorTest {
+ private final ServerIdGenerator underTest = new ServerIdGenerator();
+
+ @Test
+ public void generate_concurrent_test() throws InterruptedException {
+ int rounds = 500;
+ List<String> ids1 = new ArrayList<>(rounds);
+ List<String> ids2 = new ArrayList<>(rounds);
+ Thread t1 = new Thread(() -> {
+ for (int i = 0; i < rounds; i++) {
+ ids1.add(underTest.generate());
+ }
+ });
+ Thread t2 = new Thread(() -> {
+ for (int i = 0; i < rounds; i++) {
+ ids2.add(underTest.generate());
+ }
+ });
+ t1.start();
+ t2.start();
+ t1.join();
+ t2.join();
+
+ Set<String> ids = new HashSet<>(rounds * 2);
+ ids.addAll(ids1);
+ ids.addAll(ids2);
+ assertThat(ids).hasSize(rounds * 2);
+ }
+
+}