2020package org .apache .iotdb .rpc ;
2121
2222import org .apache .thrift .TConfiguration ;
23+ import org .apache .thrift .transport .TSocket ;
2324import org .apache .thrift .transport .TTransport ;
2425import org .apache .thrift .transport .TTransportException ;
2526import org .apache .thrift .transport .TTransportFactory ;
2627import org .apache .thrift .transport .layered .TFramedTransport ;
2728
29+ import javax .net .ssl .SSLException ;
2830import javax .net .ssl .SSLHandshakeException ;
2931
3032import java .io .EOFException ;
33+ import java .net .SocketAddress ;
3134import java .net .SocketTimeoutException ;
3235
3336// https://github.com/apache/thrift/blob/master/doc/specs/thrift-rpc.md
@@ -136,6 +139,20 @@ public int read(byte[] buf, int off, int len) throws TTransportException {
136139 && e .getCause ().getCause () instanceof EOFException ) {
137140 throw new TTransportException (TTransportException .END_OF_FILE , e .getCause ());
138141 }
142+ if (e .getCause () instanceof SSLException
143+ && e .getMessage ().contains ("Unsupported or unrecognized SSL message" )) {
144+ SocketAddress remoteAddress = null ;
145+ if (underlying instanceof TSocket ) {
146+ remoteAddress = ((TSocket ) underlying ).getSocket ().getRemoteSocketAddress ();
147+ }
148+ throw new TTransportException (
149+ TTransportException .CORRUPTED_DATA ,
150+ String .format (
151+ "You may be sending non-SSL requests"
152+ + "%s to the SSL-enabled Thrift-RPC port, please confirm that you are "
153+ + "using the right configuration" ,
154+ remoteAddress == null ? "" : " from " + remoteAddress ));
155+ }
139156 throw e ;
140157 }
141158 return readBuffer .read (buf , off , len );
@@ -152,15 +169,20 @@ protected void readFrame() throws TTransportException {
152169 }
153170
154171 if (size > thriftMaxFrameSize ) {
172+ SocketAddress remoteAddress = null ;
173+ if (underlying instanceof TSocket ) {
174+ remoteAddress = ((TSocket ) underlying ).getSocket ().getRemoteSocketAddress ();
175+ }
155176 close ();
156177 if (size == 1195725856L || size == 1347375956L ) {
157178 // if someone sends HTTP GET/POST to this port, the size will be read as the following
158179 throw new TTransportException (
159180 TTransportException .CORRUPTED_DATA ,
160- "Singular frame size ("
161- + size
162- + ") detected, you may be sending HTTP GET/POST requests to the Thrift-RPC port, "
163- + "please confirm that you are using the right port" );
181+ String .format (
182+ "Singular frame size (%d) detected, you may be sending HTTP GET/POST"
183+ + "%s requests to the Thrift-RPC port, "
184+ + "please confirm that you are using the right port" ,
185+ size , remoteAddress == null ? "" : " from " + remoteAddress ));
164186 } else {
165187 throw new TTransportException (
166188 TTransportException .CORRUPTED_DATA ,
@@ -172,13 +194,18 @@ protected void readFrame() throws TTransportException {
172194 if (high24 >= 0x160300 && high24 <= 0x160303 && (i32buf [3 ] & 0xFF ) <= 0x02 ) {
173195 // The typical TLS ClientHello requests start with 0x160300 ~ 0x160303
174196 // The 4th byte is typically in [0x00, 0x01, 0x02].
197+ SocketAddress remoteAddress = null ;
198+ if (underlying instanceof TSocket ) {
199+ remoteAddress = ((TSocket ) underlying ).getSocket ().getRemoteSocketAddress ();
200+ }
175201 close ();
176202 throw new TTransportException (
177203 TTransportException .CORRUPTED_DATA ,
178- "Singular frame size ("
179- + size
180- + ") detected, you may be sending TLS ClientHello requests to the Non-SSL Thrift-RPC"
181- + " port, please confirm that you are using the right configuration" );
204+ String .format (
205+ "Singular frame size (%d) detected, you may be sending TLS ClientHello requests"
206+ + "%s to the Non-SSL Thrift-RPC"
207+ + " port, please confirm that you are using the right configuration" ,
208+ size , remoteAddress == null ? "" : " from " + remoteAddress ));
182209 }
183210
184211 readBuffer .fill (underlying , size );
0 commit comments