超时 net.schmizz.sshj.transport.KeyExchanger.waitForDone(KeyExchanger.java:160)
timeout at net.schmizz.sshj.transport.KeyExchanger.waitForDone(KeyExchanger.java:160)
我有一份使用 net.schmizz.sshj SFTP 库的夜间工作。
我怀疑我们 SFTP 进入的服务器发生了变化。但是,我无法确定确切的变化是什么。我也不能在生产服务器之外复制它。所以我正在寻找根本原因的洞察力或如何重现以下错误
net.schmizz.sshj.transport.TransportException: Timeout expired
at net.schmizz.sshj.transport.TransportException.chain(TransportException.java:33)
at net.schmizz.sshj.transport.TransportException.chain(TransportException.java:27)
at net.schmizz.concurrent.Promise.retrieve(Promise.java:139)
at net.schmizz.concurrent.Event.await(Event.java:103)
at net.schmizz.sshj.transport.KeyExchanger.waitForDone(KeyExchanger.java:160)
at net.schmizz.sshj.transport.KeyExchanger.startKex(KeyExchanger.java:155)
at net.schmizz.sshj.transport.TransportImpl.doKex(TransportImpl.java:247)
at net.schmizz.sshj.SSHClient.doKex(SSHClient.java:735)
at net.schmizz.sshj.SSHClient.onConnect(SSHClient.java:723)
at net.schmizz.sshj.SocketClient.connect(SocketClient.java:54)
at net.schmizz.sshj.SocketClient.connect(SocketClient.java:80)
据我所知,我们通过 java.net.Socket 正常连接,然后在这段代码中等待密钥交换完成时超时
package net.schmizz.sshj.transport;
/** Algorithm negotiation and key exchange. */
final class KeyExchanger
implements SSHPacketHandler, ErrorNotifiable {
/**
* Starts key exchange by sending a {@code SSH_MSG_KEXINIT} packet. Key exchange needs to be done once mandatorily
* after initializing the {@link Transport} for it to be usable and may be initiated at any later point e.g. if
* {@link Transport#getConfig() algorithms} have changed and should be renegotiated.
*
* @param waitForDone whether should block till key exchange completed
*
* @throws TransportException if there is an error during key exchange
* @see {@link Transport#setTimeoutMs} for setting timeout for kex
*/
void startKex(boolean waitForDone)
throws TransportException {
if (!kexOngoing.getAndSet(true)) {
done.clear();
sendKexInit();
}
if (waitForDone)
waitForDone();
}
/**
* Sends SSH_MSG_KEXINIT and sets the {@link #kexInitSent} event.
*
* @throws TransportException
*/
private void sendKexInit()
throws TransportException {
log.debug("Sending SSH_MSG_KEXINIT");
clientProposal = new Proposal(transport.getConfig());
transport.write(clientProposal.getPacket());
kexInitSent.set();
}
void waitForDone()
throws TransportException {
done.await(transport.getTimeoutMs(), TimeUnit.MILLISECONDS);
}
在发布这个问题后进行了大量调试后,我发现问题在于我们在生产环境中没有与我在本地测试中使用的相同的加密库 运行。我通过构建最小的 jar 来确定这一点,同时仍然保留生产中使用的所有 SSHJ 片段和我们自己的所有相关代码,然后 运行 它在命令 shell 中使用 DEBUG 级别登录我可以看到所有输出。然后我看到以下内容,我意识到我们的生产服务器日志中的超时异常是在生产中未记录的根本原因之后发生的第二个异常:a NoClassDefFoundError
Exception in thread "reader" java.lang.NoClassDefFoundError: org/bouncycastle/crypto/ec/CustomNamedCurves
at net.schmizz.sshj.transport.kex.Curve25519DH.getCurve25519Params(Curve25519DH.java:51)
at net.schmizz.sshj.transport.kex.Curve25519SHA256.initDH(Curve25519SHA256.java:36)
at net.schmizz.sshj.transport.kex.AbstractDHG.init(AbstractDHG.java:55)
at net.schmizz.sshj.transport.KeyExchanger.gotKexInit(KeyExchanger.java:239)
at net.schmizz.sshj.transport.KeyExchanger.handle(KeyExchanger.java:359)
at net.schmizz.sshj.transport.TransportImpl.handle(TransportImpl.java:493)
at net.schmizz.sshj.transport.Decoder.decode(Decoder.java:107)
at net.schmizz.sshj.transport.Decoder.received(Decoder.java:175)
at net.schmizz.sshj.transport.Reader.run(Reader.java:60)
Caused by: java.lang.ClassNotFoundException: org.bouncycastle.crypto.ec.CustomNamedCurves
at java.net.URLClassLoader.findClass(URLClassLoader.java:381)
at java.lang.ClassLoader.loadClass(ClassLoader.java:424)
at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:331)
at java.lang.ClassLoader.loadClass(ClassLoader.java:357)
... 9 more
net.schmizz.sshj.transport.TransportException: Timeout expired
at net.schmizz.sshj.transport.TransportException.chain(TransportException.java:33)
at net.schmizz.sshj.transport.TransportException.chain(TransportException.java:27)
at net.schmizz.concurrent.Promise.retrieve(Promise.java:139)
at net.schmizz.concurrent.Event.await(Event.java:103)
at net.schmizz.sshj.transport.KeyExchanger.waitForDone(KeyExchanger.java:160)
at net.schmizz.sshj.transport.KeyExchanger.startKex(KeyExchanger.java:155)
at net.schmizz.sshj.transport.TransportImpl.doKex(TransportImpl.java:247)
at net.schmizz.sshj.SSHClient.doKex(SSHClient.java:735)
at net.schmizz.sshj.SSHClient.onConnect(SSHClient.java:723)
at net.schmizz.sshj.SocketClient.connect(SocketClient.java:54)
at net.schmizz.sshj.SocketClient.connect(SocketClient.java:80)
at kirby.App.connect(App.java:101)
at kirby.App.execute(App.java:45)
at kirby.App.main(App.java:31)
Caused by: java.util.concurrent.TimeoutException: Timeout expired
... 12 more
区别在于类路径。
在生产中我们有
bcpg-jdk15on-150.jar:bcpkix-jdk15on-150.jar:bcprov-jdk15on-150.jar
但需要
bcpkix-jdk15on/1.51/bcpkix-jdk15on-1.51.jar:ecc-25519-java-1.0.1.jar:bcprov-jdk15on/1.51/bcprov-jdk15on-1.51.jar
我有一份使用 net.schmizz.sshj SFTP 库的夜间工作。
我怀疑我们 SFTP 进入的服务器发生了变化。但是,我无法确定确切的变化是什么。我也不能在生产服务器之外复制它。所以我正在寻找根本原因的洞察力或如何重现以下错误
net.schmizz.sshj.transport.TransportException: Timeout expired
at net.schmizz.sshj.transport.TransportException.chain(TransportException.java:33)
at net.schmizz.sshj.transport.TransportException.chain(TransportException.java:27)
at net.schmizz.concurrent.Promise.retrieve(Promise.java:139)
at net.schmizz.concurrent.Event.await(Event.java:103)
at net.schmizz.sshj.transport.KeyExchanger.waitForDone(KeyExchanger.java:160)
at net.schmizz.sshj.transport.KeyExchanger.startKex(KeyExchanger.java:155)
at net.schmizz.sshj.transport.TransportImpl.doKex(TransportImpl.java:247)
at net.schmizz.sshj.SSHClient.doKex(SSHClient.java:735)
at net.schmizz.sshj.SSHClient.onConnect(SSHClient.java:723)
at net.schmizz.sshj.SocketClient.connect(SocketClient.java:54)
at net.schmizz.sshj.SocketClient.connect(SocketClient.java:80)
据我所知,我们通过 java.net.Socket 正常连接,然后在这段代码中等待密钥交换完成时超时
package net.schmizz.sshj.transport;
/** Algorithm negotiation and key exchange. */
final class KeyExchanger
implements SSHPacketHandler, ErrorNotifiable {
/**
* Starts key exchange by sending a {@code SSH_MSG_KEXINIT} packet. Key exchange needs to be done once mandatorily
* after initializing the {@link Transport} for it to be usable and may be initiated at any later point e.g. if
* {@link Transport#getConfig() algorithms} have changed and should be renegotiated.
*
* @param waitForDone whether should block till key exchange completed
*
* @throws TransportException if there is an error during key exchange
* @see {@link Transport#setTimeoutMs} for setting timeout for kex
*/
void startKex(boolean waitForDone)
throws TransportException {
if (!kexOngoing.getAndSet(true)) {
done.clear();
sendKexInit();
}
if (waitForDone)
waitForDone();
}
/**
* Sends SSH_MSG_KEXINIT and sets the {@link #kexInitSent} event.
*
* @throws TransportException
*/
private void sendKexInit()
throws TransportException {
log.debug("Sending SSH_MSG_KEXINIT");
clientProposal = new Proposal(transport.getConfig());
transport.write(clientProposal.getPacket());
kexInitSent.set();
}
void waitForDone()
throws TransportException {
done.await(transport.getTimeoutMs(), TimeUnit.MILLISECONDS);
}
在发布这个问题后进行了大量调试后,我发现问题在于我们在生产环境中没有与我在本地测试中使用的相同的加密库 运行。我通过构建最小的 jar 来确定这一点,同时仍然保留生产中使用的所有 SSHJ 片段和我们自己的所有相关代码,然后 运行 它在命令 shell 中使用 DEBUG 级别登录我可以看到所有输出。然后我看到以下内容,我意识到我们的生产服务器日志中的超时异常是在生产中未记录的根本原因之后发生的第二个异常:a NoClassDefFoundError
Exception in thread "reader" java.lang.NoClassDefFoundError: org/bouncycastle/crypto/ec/CustomNamedCurves
at net.schmizz.sshj.transport.kex.Curve25519DH.getCurve25519Params(Curve25519DH.java:51)
at net.schmizz.sshj.transport.kex.Curve25519SHA256.initDH(Curve25519SHA256.java:36)
at net.schmizz.sshj.transport.kex.AbstractDHG.init(AbstractDHG.java:55)
at net.schmizz.sshj.transport.KeyExchanger.gotKexInit(KeyExchanger.java:239)
at net.schmizz.sshj.transport.KeyExchanger.handle(KeyExchanger.java:359)
at net.schmizz.sshj.transport.TransportImpl.handle(TransportImpl.java:493)
at net.schmizz.sshj.transport.Decoder.decode(Decoder.java:107)
at net.schmizz.sshj.transport.Decoder.received(Decoder.java:175)
at net.schmizz.sshj.transport.Reader.run(Reader.java:60)
Caused by: java.lang.ClassNotFoundException: org.bouncycastle.crypto.ec.CustomNamedCurves
at java.net.URLClassLoader.findClass(URLClassLoader.java:381)
at java.lang.ClassLoader.loadClass(ClassLoader.java:424)
at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:331)
at java.lang.ClassLoader.loadClass(ClassLoader.java:357)
... 9 more
net.schmizz.sshj.transport.TransportException: Timeout expired
at net.schmizz.sshj.transport.TransportException.chain(TransportException.java:33)
at net.schmizz.sshj.transport.TransportException.chain(TransportException.java:27)
at net.schmizz.concurrent.Promise.retrieve(Promise.java:139)
at net.schmizz.concurrent.Event.await(Event.java:103)
at net.schmizz.sshj.transport.KeyExchanger.waitForDone(KeyExchanger.java:160)
at net.schmizz.sshj.transport.KeyExchanger.startKex(KeyExchanger.java:155)
at net.schmizz.sshj.transport.TransportImpl.doKex(TransportImpl.java:247)
at net.schmizz.sshj.SSHClient.doKex(SSHClient.java:735)
at net.schmizz.sshj.SSHClient.onConnect(SSHClient.java:723)
at net.schmizz.sshj.SocketClient.connect(SocketClient.java:54)
at net.schmizz.sshj.SocketClient.connect(SocketClient.java:80)
at kirby.App.connect(App.java:101)
at kirby.App.execute(App.java:45)
at kirby.App.main(App.java:31)
Caused by: java.util.concurrent.TimeoutException: Timeout expired
... 12 more
区别在于类路径。 在生产中我们有
bcpg-jdk15on-150.jar:bcpkix-jdk15on-150.jar:bcprov-jdk15on-150.jar
但需要
bcpkix-jdk15on/1.51/bcpkix-jdk15on-1.51.jar:ecc-25519-java-1.0.1.jar:bcprov-jdk15on/1.51/bcprov-jdk15on-1.51.jar