Home Explore Help
Register Sign In
baishaojie
/
database_sync
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: f6861f0127
Branches Tags
database_sync
/
vendor
/
github.com
/
Shopify
/
sarama
/
broker.go

broker.go 46 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269127012711272127312741275127612771278127912801281128212831284128512861287128812891290129112921293129412951296129712981299130013011302130313041305130613071308130913101311131213131314131513161317131813191320132113221323132413251326132713281329133013311332133313341335133613371338133913401341134213431344134513461347134813491350135113521353135413551356135713581359136013611362136313641365136613671368136913701371137213731374137513761377137813791380138113821383138413851386138713881389139013911392139313941395139613971398139914001401140214031404140514061407140814091410141114121413141414151416141714181419142014211422142314241425142614271428142914301431143214331434143514361437143814391440144114421443144414451446144714481449145014511452145314541455145614571458145914601461146214631464146514661467146814691470147114721473147414751476147714781479148014811482148314841485148614871488148914901491149214931494149514961497149814991500150115021503150415051506150715081509151015111512151315141515151615171518151915201521152215231524152515261527152815291530153115321533153415351536153715381539154015411542154315441545154615471548154915501551155215531554155515561557155815591560156115621563156415651566156715681569157015711572157315741575157615771578157915801581158215831584158515861587158815891590159115921593159415951596159715981599160016011602 
  1. package sarama
    2. 

  2. 

  3. import (
    4. 

  4. 	"crypto/tls"
    5. 

  5. 	"encoding/binary"
    6. 

  6. 	"fmt"
    7. 

  7. 	"io"
    8. 

  8. 	"net"
    9. 

  9. 	"sort"
    10. 

  10. 	"strconv"
    11. 

  11. 	"strings"
    12. 

  12. 	"sync"
    13. 

  13. 	"sync/atomic"
    14. 

  14. 	"time"
    15. 

  15. 

  16. 	"github.com/rcrowley/go-metrics"
    17. 

  17. )
    18. 

  18. 

  19. // Broker represents a single Kafka broker connection. All operations on this object are entirely concurrency-safe.
    20. 

  20. type Broker struct {
    21. 

  21. 	conf *Config
    22. 

  22. 	rack *string
    23. 

  23. 

  24. 	id            int32
    25. 

  25. 	addr          string
    26. 

  26. 	correlationID int32
    27. 

  27. 	conn          net.Conn
    28. 

  28. 	connErr       error
    29. 

  29. 	lock          sync.Mutex
    30. 

  30. 	opened        int32
    31. 

  31. 	responses     chan responsePromise
    32. 

  32. 	done          chan bool
    33. 

  33. 

  34. 	registeredMetrics []string
    35. 

  35. 

  36. 	incomingByteRate       metrics.Meter
    37. 

  37. 	requestRate            metrics.Meter
    38. 

  38. 	requestSize            metrics.Histogram
    39. 

  39. 	requestLatency         metrics.Histogram
    40. 

  40. 	outgoingByteRate       metrics.Meter
    41. 

  41. 	responseRate           metrics.Meter
    42. 

  42. 	responseSize           metrics.Histogram
    43. 

  43. 	requestsInFlight       metrics.Counter
    44. 

  44. 	brokerIncomingByteRate metrics.Meter
    45. 

  45. 	brokerRequestRate      metrics.Meter
    46. 

  46. 	brokerRequestSize      metrics.Histogram
    47. 

  47. 	brokerRequestLatency   metrics.Histogram
    48. 

  48. 	brokerOutgoingByteRate metrics.Meter
    49. 

  49. 	brokerResponseRate     metrics.Meter
    50. 

  50. 	brokerResponseSize     metrics.Histogram
    51. 

  51. 	brokerRequestsInFlight metrics.Counter
    52. 

  52. 	brokerThrottleTime     metrics.Histogram
    53. 

  53. 

  54. 	kerberosAuthenticator GSSAPIKerberosAuth
    55. 

  55. }
    56. 

  56. 

  57. // SASLMechanism specifies the SASL mechanism the client uses to authenticate with the broker
    58. 

  58. type SASLMechanism string
    59. 

  59. 

  60. const (
    61. 

  61. 	// SASLTypeOAuth represents the SASL/OAUTHBEARER mechanism (Kafka 2.0.0+)
    62. 

  62. 	SASLTypeOAuth = "OAUTHBEARER"
    63. 

  63. 	// SASLTypePlaintext represents the SASL/PLAIN mechanism
    64. 

  64. 	SASLTypePlaintext = "PLAIN"
    65. 

  65. 	// SASLTypeSCRAMSHA256 represents the SCRAM-SHA-256 mechanism.
    66. 

  66. 	SASLTypeSCRAMSHA256 = "SCRAM-SHA-256"
    67. 

  67. 	// SASLTypeSCRAMSHA512 represents the SCRAM-SHA-512 mechanism.
    68. 

  68. 	SASLTypeSCRAMSHA512 = "SCRAM-SHA-512"
    69. 

  69. 	SASLTypeGSSAPI      = "GSSAPI"
    70. 

  70. 	// SASLHandshakeV0 is v0 of the Kafka SASL handshake protocol. Client and
    71. 

  71. 	// server negotiate SASL auth using opaque packets.
    72. 

  72. 	SASLHandshakeV0 = int16(0)
    73. 

  73. 	// SASLHandshakeV1 is v1 of the Kafka SASL handshake protocol. Client and
    74. 

  74. 	// server negotiate SASL by wrapping tokens with Kafka protocol headers.
    75. 

  75. 	SASLHandshakeV1 = int16(1)
    76. 

  76. 	// SASLExtKeyAuth is the reserved extension key name sent as part of the
    77. 

  77. 	// SASL/OAUTHBEARER initial client response
    78. 

  78. 	SASLExtKeyAuth = "auth"
    79. 

  79. )
    80. 

  80. 

  81. // AccessToken contains an access token used to authenticate a
    82. 

  82. // SASL/OAUTHBEARER client along with associated metadata.
    83. 

  83. type AccessToken struct {
    84. 

  84. 	// Token is the access token payload.
    85. 

  85. 	Token string
    86. 

  86. 	// Extensions is a optional map of arbitrary key-value pairs that can be
    87. 

  87. 	// sent with the SASL/OAUTHBEARER initial client response. These values are
    88. 

  88. 	// ignored by the SASL server if they are unexpected. This feature is only
    89. 

  89. 	// supported by Kafka >= 2.1.0.
    90. 

  90. 	Extensions map[string]string
    91. 

  91. }
    92. 

  92. 

  93. // AccessTokenProvider is the interface that encapsulates how implementors
    94. 

  94. // can generate access tokens for Kafka broker authentication.
    95. 

  95. type AccessTokenProvider interface {
    96. 

  96. 	// Token returns an access token. The implementation should ensure token
    97. 

  97. 	// reuse so that multiple calls at connect time do not create multiple
    98. 

  98. 	// tokens. The implementation should also periodically refresh the token in
    99. 

  99. 	// order to guarantee that each call returns an unexpired token.  This
    100. 

  100. 	// method should not block indefinitely--a timeout error should be returned
    101. 

  101. 	// after a short period of inactivity so that the broker connection logic
    102. 

  102. 	// can log debugging information and retry.
    103. 

  103. 	Token() (*AccessToken, error)
    104. 

  104. }
    105. 

  105. 

  106. // SCRAMClient is a an interface to a SCRAM
    107. 

  107. // client implementation.
    108. 

  108. type SCRAMClient interface {
    109. 

  109. 	// Begin prepares the client for the SCRAM exchange
    110. 

  110. 	// with the server with a user name and a password
    111. 

  111. 	Begin(userName, password, authzID string) error
    112. 

  112. 	// Step steps client through the SCRAM exchange. It is
    113. 

  113. 	// called repeatedly until it errors or `Done` returns true.
    114. 

  114. 	Step(challenge string) (response string, err error)
    115. 

  115. 	// Done should return true when the SCRAM conversation
    116. 

  116. 	// is over.
    117. 

  117. 	Done() bool
    118. 

  118. }
    119. 

  119. 

  120. type responsePromise struct {
    121. 

  121. 	requestTime   time.Time
    122. 

  122. 	correlationID int32
    123. 

  123. 	headerVersion int16
    124. 

  124. 	packets       chan []byte
    125. 

  125. 	errors        chan error
    126. 

  126. }
    127. 

  127. 

  128. // NewBroker creates and returns a Broker targeting the given host:port address.
    129. 

  129. // This does not attempt to actually connect, you have to call Open() for that.
    130. 

  130. func NewBroker(addr string) *Broker {
    131. 

  131. 	return &Broker{id: -1, addr: addr}
    132. 

  132. }
    133. 

  133. 

  134. // Open tries to connect to the Broker if it is not already connected or connecting, but does not block
    135. 

  135. // waiting for the connection to complete. This means that any subsequent operations on the broker will
    136. 

  136. // block waiting for the connection to succeed or fail. To get the effect of a fully synchronous Open call,
    137. 

  137. // follow it by a call to Connected(). The only errors Open will return directly are ConfigurationError or
    138. 

  138. // AlreadyConnected. If conf is nil, the result of NewConfig() is used.
    139. 

  139. func (b *Broker) Open(conf *Config) error {
    140. 

  140. 	if !atomic.CompareAndSwapInt32(&b.opened, 0, 1) {
    141. 

  141. 		return ErrAlreadyConnected
    142. 

  142. 	}
    143. 

  143. 

  144. 	if conf == nil {
    145. 

  145. 		conf = NewConfig()
    146. 

  146. 	}
    147. 

  147. 

  148. 	err := conf.Validate()
    149. 

  149. 	if err != nil {
    150. 

  150. 		return err
    151. 

  151. 	}
    152. 

  152. 

  153. 	usingApiVersionsRequests := conf.Version.IsAtLeast(V2_4_0_0) && conf.ApiVersionsRequest
    154. 

  154. 

  155. 	b.lock.Lock()
    156. 

  156. 

  157. 	go withRecover(func() {
    158. 

  158. 		defer func() {
    159. 

  159. 			b.lock.Unlock()
    160. 

  160. 

  161. 			// Send an ApiVersionsRequest to identify the client (KIP-511).
    162. 

  162. 			// Ideally Sarama would use the response to control protocol versions,
    163. 

  163. 			// but for now just fire-and-forget just to send
    164. 

  164. 			if usingApiVersionsRequests {
    165. 

  165. 				_, err = b.ApiVersions(&ApiVersionsRequest{
    166. 

  166. 					Version:               3,
    167. 

  167. 					ClientSoftwareName:    defaultClientSoftwareName,
    168. 

  168. 					ClientSoftwareVersion: version(),
    169. 

  169. 				})
    170. 

  170. 				if err != nil {
    171. 

  171. 					Logger.Printf("Error while sending ApiVersionsRequest to broker %s: %s\n", b.addr, err)
    172. 

  172. 				}
    173. 

  173. 			}
    174. 

  174. 		}()
    175. 

  175. 		dialer := conf.getDialer()
    176. 

  176. 		b.conn, b.connErr = dialer.Dial("tcp", b.addr)
    177. 

  177. 		if b.connErr != nil {
    178. 

  178. 			Logger.Printf("Failed to connect to broker %s: %s\n", b.addr, b.connErr)
    179. 

  179. 			b.conn = nil
    180. 

  180. 			atomic.StoreInt32(&b.opened, 0)
    181. 

  181. 			return
    182. 

  182. 		}
    183. 

  183. 		if conf.Net.TLS.Enable {
    184. 

  184. 			b.conn = tls.Client(b.conn, validServerNameTLS(b.addr, conf.Net.TLS.Config))
    185. 

  185. 		}
    186. 

  186. 

  187. 		b.conn = newBufConn(b.conn)
    188. 

  188. 		b.conf = conf
    189. 

  189. 

  190. 		// Create or reuse the global metrics shared between brokers
    191. 

  191. 		b.incomingByteRate = metrics.GetOrRegisterMeter("incoming-byte-rate", conf.MetricRegistry)
    192. 

  192. 		b.requestRate = metrics.GetOrRegisterMeter("request-rate", conf.MetricRegistry)
    193. 

  193. 		b.requestSize = getOrRegisterHistogram("request-size", conf.MetricRegistry)
    194. 

  194. 		b.requestLatency = getOrRegisterHistogram("request-latency-in-ms", conf.MetricRegistry)
    195. 

  195. 		b.outgoingByteRate = metrics.GetOrRegisterMeter("outgoing-byte-rate", conf.MetricRegistry)
    196. 

  196. 		b.responseRate = metrics.GetOrRegisterMeter("response-rate", conf.MetricRegistry)
    197. 

  197. 		b.responseSize = getOrRegisterHistogram("response-size", conf.MetricRegistry)
    198. 

  198. 		b.requestsInFlight = metrics.GetOrRegisterCounter("requests-in-flight", conf.MetricRegistry)
    199. 

  199. 		// Do not gather metrics for seeded broker (only used during bootstrap) because they share
    200. 

  200. 		// the same id (-1) and are already exposed through the global metrics above
    201. 

  201. 		if b.id >= 0 && !metrics.UseNilMetrics {
    202. 

  202. 			b.registerMetrics()
    203. 

  203. 		}
    204. 

  204. 

  205. 		if conf.Net.SASL.Enable {
    206. 

  206. 			b.connErr = b.authenticateViaSASL()
    207. 

  207. 

  208. 			if b.connErr != nil {
    209. 

  209. 				err = b.conn.Close()
    210. 

  210. 				if err == nil {
    211. 

  211. 					DebugLogger.Printf("Closed connection to broker %s\n", b.addr)
    212. 

  212. 				} else {
    213. 

  213. 					Logger.Printf("Error while closing connection to broker %s: %s\n", b.addr, err)
    214. 

  214. 				}
    215. 

  215. 				b.conn = nil
    216. 

  216. 				atomic.StoreInt32(&b.opened, 0)
    217. 

  217. 				return
    218. 

  218. 			}
    219. 

  219. 		}
    220. 

  220. 

  221. 		b.done = make(chan bool)
    222. 

  222. 		b.responses = make(chan responsePromise, b.conf.Net.MaxOpenRequests-1)
    223. 

  223. 

  224. 		if b.id >= 0 {
    225. 

  225. 			DebugLogger.Printf("Connected to broker at %s (registered as #%d)\n", b.addr, b.id)
    226. 

  226. 		} else {
    227. 

  227. 			DebugLogger.Printf("Connected to broker at %s (unregistered)\n", b.addr)
    228. 

  228. 		}
    229. 

  229. 		go withRecover(b.responseReceiver)
    230. 

  230. 	})
    231. 

  231. 

  232. 	return nil
    233. 

  233. }
    234. 

  234. 

  235. // Connected returns true if the broker is connected and false otherwise. If the broker is not
    236. 

  236. // connected but it had tried to connect, the error from that connection attempt is also returned.
    237. 

  237. func (b *Broker) Connected() (bool, error) {
    238. 

  238. 	b.lock.Lock()
    239. 

  239. 	defer b.lock.Unlock()
    240. 

  240. 

  241. 	return b.conn != nil, b.connErr
    242. 

  242. }
    243. 

  243. 

  244. // Close closes the broker resources
    245. 

  245. func (b *Broker) Close() error {
    246. 

  246. 	b.lock.Lock()
    247. 

  247. 	defer b.lock.Unlock()
    248. 

  248. 

  249. 	if b.conn == nil {
    250. 

  250. 		return ErrNotConnected
    251. 

  251. 	}
    252. 

  252. 

  253. 	close(b.responses)
    254. 

  254. 	<-b.done
    255. 

  255. 

  256. 	err := b.conn.Close()
    257. 

  257. 

  258. 	b.conn = nil
    259. 

  259. 	b.connErr = nil
    260. 

  260. 	b.done = nil
    261. 

  261. 	b.responses = nil
    262. 

  262. 

  263. 	b.unregisterMetrics()
    264. 

  264. 

  265. 	if err == nil {
    266. 

  266. 		DebugLogger.Printf("Closed connection to broker %s\n", b.addr)
    267. 

  267. 	} else {
    268. 

  268. 		Logger.Printf("Error while closing connection to broker %s: %s\n", b.addr, err)
    269. 

  269. 	}
    270. 

  270. 

  271. 	atomic.StoreInt32(&b.opened, 0)
    272. 

  272. 

  273. 	return err
    274. 

  274. }
    275. 

  275. 

  276. // ID returns the broker ID retrieved from Kafka's metadata, or -1 if that is not known.
    277. 

  277. func (b *Broker) ID() int32 {
    278. 

  278. 	return b.id
    279. 

  279. }
    280. 

  280. 

  281. // Addr returns the broker address as either retrieved from Kafka's metadata or passed to NewBroker.
    282. 

  282. func (b *Broker) Addr() string {
    283. 

  283. 	return b.addr
    284. 

  284. }
    285. 

  285. 

  286. // Rack returns the broker's rack as retrieved from Kafka's metadata or the
    287. 

  287. // empty string if it is not known.  The returned value corresponds to the
    288. 

  288. // broker's broker.rack configuration setting.  Requires protocol version to be
    289. 

  289. // at least v0.10.0.0.
    290. 

  290. func (b *Broker) Rack() string {
    291. 

  291. 	if b.rack == nil {
    292. 

  292. 		return ""
    293. 

  293. 	}
    294. 

  294. 	return *b.rack
    295. 

  295. }
    296. 

  296. 

  297. // GetMetadata send a metadata request and returns a metadata response or error
    298. 

  298. func (b *Broker) GetMetadata(request *MetadataRequest) (*MetadataResponse, error) {
    299. 

  299. 	response := new(MetadataResponse)
    300. 

  300. 

  301. 	err := b.sendAndReceive(request, response)
    302. 

  302. 	if err != nil {
    303. 

  303. 		return nil, err
    304. 

  304. 	}
    305. 

  305. 

  306. 	return response, nil
    307. 

  307. }
    308. 

  308. 

  309. // GetConsumerMetadata send a consumer metadata request and returns a consumer metadata response or error
    310. 

  310. func (b *Broker) GetConsumerMetadata(request *ConsumerMetadataRequest) (*ConsumerMetadataResponse, error) {
    311. 

  311. 	response := new(ConsumerMetadataResponse)
    312. 

  312. 

  313. 	err := b.sendAndReceive(request, response)
    314. 

  314. 	if err != nil {
    315. 

  315. 		return nil, err
    316. 

  316. 	}
    317. 

  317. 

  318. 	return response, nil
    319. 

  319. }
    320. 

  320. 

  321. // FindCoordinator sends a find coordinate request and returns a response or error
    322. 

  322. func (b *Broker) FindCoordinator(request *FindCoordinatorRequest) (*FindCoordinatorResponse, error) {
    323. 

  323. 	response := new(FindCoordinatorResponse)
    324. 

  324. 

  325. 	err := b.sendAndReceive(request, response)
    326. 

  326. 	if err != nil {
    327. 

  327. 		return nil, err
    328. 

  328. 	}
    329. 

  329. 

  330. 	return response, nil
    331. 

  331. }
    332. 

  332. 

  333. // GetAvailableOffsets return an offset response or error
    334. 

  334. func (b *Broker) GetAvailableOffsets(request *OffsetRequest) (*OffsetResponse, error) {
    335. 

  335. 	response := new(OffsetResponse)
    336. 

  336. 

  337. 	err := b.sendAndReceive(request, response)
    338. 

  338. 	if err != nil {
    339. 

  339. 		return nil, err
    340. 

  340. 	}
    341. 

  341. 

  342. 	return response, nil
    343. 

  343. }
    344. 

  344. 

  345. // Produce returns a produce response or error
    346. 

  346. func (b *Broker) Produce(request *ProduceRequest) (*ProduceResponse, error) {
    347. 

  347. 	var (
    348. 

  348. 		response *ProduceResponse
    349. 

  349. 		err      error
    350. 

  350. 	)
    351. 

  351. 

  352. 	if request.RequiredAcks == NoResponse {
    353. 

  353. 		err = b.sendAndReceive(request, nil)
    354. 

  354. 	} else {
    355. 

  355. 		response = new(ProduceResponse)
    356. 

  356. 		err = b.sendAndReceive(request, response)
    357. 

  357. 		if response.ThrottleTime != time.Duration(0) {
    358. 

  358. 			DebugLogger.Printf(
    359. 

  359. 				"producer/broker/%d ProduceResponse throttled %v\n",
    360. 

  360. 				b.ID(), response.ThrottleTime)
    361. 

  361. 			if b.brokerThrottleTime != nil {
    362. 

  362. 				throttleTimeInMs := int64(response.ThrottleTime / time.Millisecond)
    363. 

  363. 				b.brokerThrottleTime.Update(throttleTimeInMs)
    364. 

  364. 			}
    365. 

  365. 		}
    366. 

  366. 	}
    367. 

  367. 

  368. 	if err != nil {
    369. 

  369. 		return nil, err
    370. 

  370. 	}
    371. 

  371. 

  372. 	return response, nil
    373. 

  373. }
    374. 

  374. 

  375. // Fetch returns a FetchResponse or error
    376. 

  376. func (b *Broker) Fetch(request *FetchRequest) (*FetchResponse, error) {
    377. 

  377. 	response := new(FetchResponse)
    378. 

  378. 

  379. 	err := b.sendAndReceive(request, response)
    380. 

  380. 	if err != nil {
    381. 

  381. 		return nil, err
    382. 

  382. 	}
    383. 

  383. 

  384. 	return response, nil
    385. 

  385. }
    386. 

  386. 

  387. // CommitOffset return an Offset commit response or error
    388. 

  388. func (b *Broker) CommitOffset(request *OffsetCommitRequest) (*OffsetCommitResponse, error) {
    389. 

  389. 	response := new(OffsetCommitResponse)
    390. 

  390. 

  391. 	err := b.sendAndReceive(request, response)
    392. 

  392. 	if err != nil {
    393. 

  393. 		return nil, err
    394. 

  394. 	}
    395. 

  395. 

  396. 	return response, nil
    397. 

  397. }
    398. 

  398. 

  399. // FetchOffset returns an offset fetch response or error
    400. 

  400. func (b *Broker) FetchOffset(request *OffsetFetchRequest) (*OffsetFetchResponse, error) {
    401. 

  401. 	response := new(OffsetFetchResponse)
    402. 

  402. 	response.Version = request.Version // needed to handle the two header versions
    403. 

  403. 

  404. 	err := b.sendAndReceive(request, response)
    405. 

  405. 	if err != nil {
    406. 

  406. 		return nil, err
    407. 

  407. 	}
    408. 

  408. 

  409. 	return response, nil
    410. 

  410. }
    411. 

  411. 

  412. // JoinGroup returns a join group response or error
    413. 

  413. func (b *Broker) JoinGroup(request *JoinGroupRequest) (*JoinGroupResponse, error) {
    414. 

  414. 	response := new(JoinGroupResponse)
    415. 

  415. 

  416. 	err := b.sendAndReceive(request, response)
    417. 

  417. 	if err != nil {
    418. 

  418. 		return nil, err
    419. 

  419. 	}
    420. 

  420. 

  421. 	return response, nil
    422. 

  422. }
    423. 

  423. 

  424. // SyncGroup returns a sync group response or error
    425. 

  425. func (b *Broker) SyncGroup(request *SyncGroupRequest) (*SyncGroupResponse, error) {
    426. 

  426. 	response := new(SyncGroupResponse)
    427. 

  427. 

  428. 	err := b.sendAndReceive(request, response)
    429. 

  429. 	if err != nil {
    430. 

  430. 		return nil, err
    431. 

  431. 	}
    432. 

  432. 

  433. 	return response, nil
    434. 

  434. }
    435. 

  435. 

  436. // LeaveGroup return a leave group response or error
    437. 

  437. func (b *Broker) LeaveGroup(request *LeaveGroupRequest) (*LeaveGroupResponse, error) {
    438. 

  438. 	response := new(LeaveGroupResponse)
    439. 

  439. 

  440. 	err := b.sendAndReceive(request, response)
    441. 

  441. 	if err != nil {
    442. 

  442. 		return nil, err
    443. 

  443. 	}
    444. 

  444. 

  445. 	return response, nil
    446. 

  446. }
    447. 

  447. 

  448. // Heartbeat returns a heartbeat response or error
    449. 

  449. func (b *Broker) Heartbeat(request *HeartbeatRequest) (*HeartbeatResponse, error) {
    450. 

  450. 	response := new(HeartbeatResponse)
    451. 

  451. 

  452. 	err := b.sendAndReceive(request, response)
    453. 

  453. 	if err != nil {
    454. 

  454. 		return nil, err
    455. 

  455. 	}
    456. 

  456. 

  457. 	return response, nil
    458. 

  458. }
    459. 

  459. 

  460. // ListGroups return a list group response or error
    461. 

  461. func (b *Broker) ListGroups(request *ListGroupsRequest) (*ListGroupsResponse, error) {
    462. 

  462. 	response := new(ListGroupsResponse)
    463. 

  463. 

  464. 	err := b.sendAndReceive(request, response)
    465. 

  465. 	if err != nil {
    466. 

  466. 		return nil, err
    467. 

  467. 	}
    468. 

  468. 

  469. 	return response, nil
    470. 

  470. }
    471. 

  471. 

  472. // DescribeGroups return describe group response or error
    473. 

  473. func (b *Broker) DescribeGroups(request *DescribeGroupsRequest) (*DescribeGroupsResponse, error) {
    474. 

  474. 	response := new(DescribeGroupsResponse)
    475. 

  475. 

  476. 	err := b.sendAndReceive(request, response)
    477. 

  477. 	if err != nil {
    478. 

  478. 		return nil, err
    479. 

  479. 	}
    480. 

  480. 

  481. 	return response, nil
    482. 

  482. }
    483. 

  483. 

  484. // ApiVersions return api version response or error
    485. 

  485. func (b *Broker) ApiVersions(request *ApiVersionsRequest) (*ApiVersionsResponse, error) {
    486. 

  486. 	response := new(ApiVersionsResponse)
    487. 

  487. 

  488. 	err := b.sendAndReceive(request, response)
    489. 

  489. 	if err != nil {
    490. 

  490. 		return nil, err
    491. 

  491. 	}
    492. 

  492. 

  493. 	return response, nil
    494. 

  494. }
    495. 

  495. 

  496. // CreateTopics send a create topic request and returns create topic response
    497. 

  497. func (b *Broker) CreateTopics(request *CreateTopicsRequest) (*CreateTopicsResponse, error) {
    498. 

  498. 	response := new(CreateTopicsResponse)
    499. 

  499. 

  500. 	err := b.sendAndReceive(request, response)
    501. 

  501. 	if err != nil {
    502. 

  502. 		return nil, err
    503. 

  503. 	}
    504. 

  504. 

  505. 	return response, nil
    506. 

  506. }
    507. 

  507. 

  508. // DeleteTopics sends a delete topic request and returns delete topic response
    509. 

  509. func (b *Broker) DeleteTopics(request *DeleteTopicsRequest) (*DeleteTopicsResponse, error) {
    510. 

  510. 	response := new(DeleteTopicsResponse)
    511. 

  511. 

  512. 	err := b.sendAndReceive(request, response)
    513. 

  513. 	if err != nil {
    514. 

  514. 		return nil, err
    515. 

  515. 	}
    516. 

  516. 

  517. 	return response, nil
    518. 

  518. }
    519. 

  519. 

  520. // CreatePartitions sends a create partition request and returns create
    521. 

  521. // partitions response or error
    522. 

  522. func (b *Broker) CreatePartitions(request *CreatePartitionsRequest) (*CreatePartitionsResponse, error) {
    523. 

  523. 	response := new(CreatePartitionsResponse)
    524. 

  524. 

  525. 	err := b.sendAndReceive(request, response)
    526. 

  526. 	if err != nil {
    527. 

  527. 		return nil, err
    528. 

  528. 	}
    529. 

  529. 

  530. 	return response, nil
    531. 

  531. }
    532. 

  532. 

  533. // AlterPartitionReassignments sends a alter partition reassignments request and
    534. 

  534. // returns alter partition reassignments response
    535. 

  535. func (b *Broker) AlterPartitionReassignments(request *AlterPartitionReassignmentsRequest) (*AlterPartitionReassignmentsResponse, error) {
    536. 

  536. 	response := new(AlterPartitionReassignmentsResponse)
    537. 

  537. 

  538. 	err := b.sendAndReceive(request, response)
    539. 

  539. 	if err != nil {
    540. 

  540. 		return nil, err
    541. 

  541. 	}
    542. 

  542. 

  543. 	return response, nil
    544. 

  544. }
    545. 

  545. 

  546. // ListPartitionReassignments sends a list partition reassignments request and
    547. 

  547. // returns list partition reassignments response
    548. 

  548. func (b *Broker) ListPartitionReassignments(request *ListPartitionReassignmentsRequest) (*ListPartitionReassignmentsResponse, error) {
    549. 

  549. 	response := new(ListPartitionReassignmentsResponse)
    550. 

  550. 

  551. 	err := b.sendAndReceive(request, response)
    552. 

  552. 	if err != nil {
    553. 

  553. 		return nil, err
    554. 

  554. 	}
    555. 

  555. 

  556. 	return response, nil
    557. 

  557. }
    558. 

  558. 

  559. // DeleteRecords send a request to delete records and return delete record
    560. 

  560. // response or error
    561. 

  561. func (b *Broker) DeleteRecords(request *DeleteRecordsRequest) (*DeleteRecordsResponse, error) {
    562. 

  562. 	response := new(DeleteRecordsResponse)
    563. 

  563. 

  564. 	err := b.sendAndReceive(request, response)
    565. 

  565. 	if err != nil {
    566. 

  566. 		return nil, err
    567. 

  567. 	}
    568. 

  568. 

  569. 	return response, nil
    570. 

  570. }
    571. 

  571. 

  572. // DescribeAcls sends a describe acl request and returns a response or error
    573. 

  573. func (b *Broker) DescribeAcls(request *DescribeAclsRequest) (*DescribeAclsResponse, error) {
    574. 

  574. 	response := new(DescribeAclsResponse)
    575. 

  575. 

  576. 	err := b.sendAndReceive(request, response)
    577. 

  577. 	if err != nil {
    578. 

  578. 		return nil, err
    579. 

  579. 	}
    580. 

  580. 

  581. 	return response, nil
    582. 

  582. }
    583. 

  583. 

  584. // CreateAcls sends a create acl request and returns a response or error
    585. 

  585. func (b *Broker) CreateAcls(request *CreateAclsRequest) (*CreateAclsResponse, error) {
    586. 

  586. 	response := new(CreateAclsResponse)
    587. 

  587. 

  588. 	err := b.sendAndReceive(request, response)
    589. 

  589. 	if err != nil {
    590. 

  590. 		return nil, err
    591. 

  591. 	}
    592. 

  592. 

  593. 	return response, nil
    594. 

  594. }
    595. 

  595. 

  596. // DeleteAcls sends a delete acl request and returns a response or error
    597. 

  597. func (b *Broker) DeleteAcls(request *DeleteAclsRequest) (*DeleteAclsResponse, error) {
    598. 

  598. 	response := new(DeleteAclsResponse)
    599. 

  599. 

  600. 	err := b.sendAndReceive(request, response)
    601. 

  601. 	if err != nil {
    602. 

  602. 		return nil, err
    603. 

  603. 	}
    604. 

  604. 

  605. 	return response, nil
    606. 

  606. }
    607. 

  607. 

  608. // InitProducerID sends an init producer request and returns a response or error
    609. 

  609. func (b *Broker) InitProducerID(request *InitProducerIDRequest) (*InitProducerIDResponse, error) {
    610. 

  610. 	response := new(InitProducerIDResponse)
    611. 

  611. 

  612. 	err := b.sendAndReceive(request, response)
    613. 

  613. 	if err != nil {
    614. 

  614. 		return nil, err
    615. 

  615. 	}
    616. 

  616. 

  617. 	return response, nil
    618. 

  618. }
    619. 

  619. 

  620. // AddPartitionsToTxn send a request to add partition to txn and returns
    621. 

  621. // a response or error
    622. 

  622. func (b *Broker) AddPartitionsToTxn(request *AddPartitionsToTxnRequest) (*AddPartitionsToTxnResponse, error) {
    623. 

  623. 	response := new(AddPartitionsToTxnResponse)
    624. 

  624. 

  625. 	err := b.sendAndReceive(request, response)
    626. 

  626. 	if err != nil {
    627. 

  627. 		return nil, err
    628. 

  628. 	}
    629. 

  629. 

  630. 	return response, nil
    631. 

  631. }
    632. 

  632. 

  633. // AddOffsetsToTxn sends a request to add offsets to txn and returns a response
    634. 

  634. // or error
    635. 

  635. func (b *Broker) AddOffsetsToTxn(request *AddOffsetsToTxnRequest) (*AddOffsetsToTxnResponse, error) {
    636. 

  636. 	response := new(AddOffsetsToTxnResponse)
    637. 

  637. 

  638. 	err := b.sendAndReceive(request, response)
    639. 

  639. 	if err != nil {
    640. 

  640. 		return nil, err
    641. 

  641. 	}
    642. 

  642. 

  643. 	return response, nil
    644. 

  644. }
    645. 

  645. 

  646. // EndTxn sends a request to end txn and returns a response or error
    647. 

  647. func (b *Broker) EndTxn(request *EndTxnRequest) (*EndTxnResponse, error) {
    648. 

  648. 	response := new(EndTxnResponse)
    649. 

  649. 

  650. 	err := b.sendAndReceive(request, response)
    651. 

  651. 	if err != nil {
    652. 

  652. 		return nil, err
    653. 

  653. 	}
    654. 

  654. 

  655. 	return response, nil
    656. 

  656. }
    657. 

  657. 

  658. // TxnOffsetCommit sends a request to commit transaction offsets and returns
    659. 

  659. // a response or error
    660. 

  660. func (b *Broker) TxnOffsetCommit(request *TxnOffsetCommitRequest) (*TxnOffsetCommitResponse, error) {
    661. 

  661. 	response := new(TxnOffsetCommitResponse)
    662. 

  662. 

  663. 	err := b.sendAndReceive(request, response)
    664. 

  664. 	if err != nil {
    665. 

  665. 		return nil, err
    666. 

  666. 	}
    667. 

  667. 

  668. 	return response, nil
    669. 

  669. }
    670. 

  670. 

  671. // DescribeConfigs sends a request to describe config and returns a response or
    672. 

  672. // error
    673. 

  673. func (b *Broker) DescribeConfigs(request *DescribeConfigsRequest) (*DescribeConfigsResponse, error) {
    674. 

  674. 	response := new(DescribeConfigsResponse)
    675. 

  675. 

  676. 	err := b.sendAndReceive(request, response)
    677. 

  677. 	if err != nil {
    678. 

  678. 		return nil, err
    679. 

  679. 	}
    680. 

  680. 

  681. 	return response, nil
    682. 

  682. }
    683. 

  683. 

  684. // AlterConfigs sends a request to alter config and return a response or error
    685. 

  685. func (b *Broker) AlterConfigs(request *AlterConfigsRequest) (*AlterConfigsResponse, error) {
    686. 

  686. 	response := new(AlterConfigsResponse)
    687. 

  687. 

  688. 	err := b.sendAndReceive(request, response)
    689. 

  689. 	if err != nil {
    690. 

  690. 		return nil, err
    691. 

  691. 	}
    692. 

  692. 

  693. 	return response, nil
    694. 

  694. }
    695. 

  695. 

  696. // IncrementalAlterConfigs sends a request to incremental alter config and return a response or error
    697. 

  697. func (b *Broker) IncrementalAlterConfigs(request *IncrementalAlterConfigsRequest) (*IncrementalAlterConfigsResponse, error) {
    698. 

  698. 	response := new(IncrementalAlterConfigsResponse)
    699. 

  699. 

  700. 	err := b.sendAndReceive(request, response)
    701. 

  701. 	if err != nil {
    702. 

  702. 		return nil, err
    703. 

  703. 	}
    704. 

  704. 

  705. 	return response, nil
    706. 

  706. }
    707. 

  707. 

  708. // DeleteGroups sends a request to delete groups and returns a response or error
    709. 

  709. func (b *Broker) DeleteGroups(request *DeleteGroupsRequest) (*DeleteGroupsResponse, error) {
    710. 

  710. 	response := new(DeleteGroupsResponse)
    711. 

  711. 

  712. 	if err := b.sendAndReceive(request, response); err != nil {
    713. 

  713. 		return nil, err
    714. 

  714. 	}
    715. 

  715. 

  716. 	return response, nil
    717. 

  717. }
    718. 

  718. 

  719. // DeleteOffsets sends a request to delete group offsets and returns a response or error
    720. 

  720. func (b *Broker) DeleteOffsets(request *DeleteOffsetsRequest) (*DeleteOffsetsResponse, error) {
    721. 

  721. 	response := new(DeleteOffsetsResponse)
    722. 

  722. 

  723. 	if err := b.sendAndReceive(request, response); err != nil {
    724. 

  724. 		return nil, err
    725. 

  725. 	}
    726. 

  726. 

  727. 	return response, nil
    728. 

  728. }
    729. 

  729. 

  730. // DescribeLogDirs sends a request to get the broker's log dir paths and sizes
    731. 

  731. func (b *Broker) DescribeLogDirs(request *DescribeLogDirsRequest) (*DescribeLogDirsResponse, error) {
    732. 

  732. 	response := new(DescribeLogDirsResponse)
    733. 

  733. 

  734. 	err := b.sendAndReceive(request, response)
    735. 

  735. 	if err != nil {
    736. 

  736. 		return nil, err
    737. 

  737. 	}
    738. 

  738. 

  739. 	return response, nil
    740. 

  740. }
    741. 

  741. 

  742. // DescribeUserScramCredentials sends a request to get SCRAM users
    743. 

  743. func (b *Broker) DescribeUserScramCredentials(req *DescribeUserScramCredentialsRequest) (*DescribeUserScramCredentialsResponse, error) {
    744. 

  744. 	res := new(DescribeUserScramCredentialsResponse)
    745. 

  745. 

  746. 	err := b.sendAndReceive(req, res)
    747. 

  747. 	if err != nil {
    748. 

  748. 		return nil, err
    749. 

  749. 	}
    750. 

  750. 

  751. 	return res, err
    752. 

  752. }
    753. 

  753. 

  754. func (b *Broker) AlterUserScramCredentials(req *AlterUserScramCredentialsRequest) (*AlterUserScramCredentialsResponse, error) {
    755. 

  755. 	res := new(AlterUserScramCredentialsResponse)
    756. 

  756. 

  757. 	err := b.sendAndReceive(req, res)
    758. 

  758. 	if err != nil {
    759. 

  759. 		return nil, err
    760. 

  760. 	}
    761. 

  761. 

  762. 	return res, nil
    763. 

  763. }
    764. 

  764. 

  765. // DescribeClientQuotas sends a request to get the broker's quotas
    766. 

  766. func (b *Broker) DescribeClientQuotas(request *DescribeClientQuotasRequest) (*DescribeClientQuotasResponse, error) {
    767. 

  767. 	response := new(DescribeClientQuotasResponse)
    768. 

  768. 

  769. 	err := b.sendAndReceive(request, response)
    770. 

  770. 	if err != nil {
    771. 

  771. 		return nil, err
    772. 

  772. 	}
    773. 

  773. 

  774. 	return response, nil
    775. 

  775. }
    776. 

  776. 

  777. // AlterClientQuotas sends a request to alter the broker's quotas
    778. 

  778. func (b *Broker) AlterClientQuotas(request *AlterClientQuotasRequest) (*AlterClientQuotasResponse, error) {
    779. 

  779. 	response := new(AlterClientQuotasResponse)
    780. 

  780. 

  781. 	err := b.sendAndReceive(request, response)
    782. 

  782. 	if err != nil {
    783. 

  783. 		return nil, err
    784. 

  784. 	}
    785. 

  785. 

  786. 	return response, nil
    787. 

  787. }
    788. 

  788. 

  789. // readFull ensures the conn ReadDeadline has been setup before making a
    790. 

  790. // call to io.ReadFull
    791. 

  791. func (b *Broker) readFull(buf []byte) (n int, err error) {
    792. 

  792. 	if err := b.conn.SetReadDeadline(time.Now().Add(b.conf.Net.ReadTimeout)); err != nil {
    793. 

  793. 		return 0, err
    794. 

  794. 	}
    795. 

  795. 

  796. 	return io.ReadFull(b.conn, buf)
    797. 

  797. }
    798. 

  798. 

  799. // write  ensures the conn WriteDeadline has been setup before making a
    800. 

  800. // call to conn.Write
    801. 

  801. func (b *Broker) write(buf []byte) (n int, err error) {
    802. 

  802. 	if err := b.conn.SetWriteDeadline(time.Now().Add(b.conf.Net.WriteTimeout)); err != nil {
    803. 

  803. 		return 0, err
    804. 

  804. 	}
    805. 

  805. 

  806. 	return b.conn.Write(buf)
    807. 

  807. }
    808. 

  808. 

  809. func (b *Broker) send(rb protocolBody, promiseResponse bool, responseHeaderVersion int16) (*responsePromise, error) {
    810. 

  810. 	b.lock.Lock()
    811. 

  811. 	defer b.lock.Unlock()
    812. 

  812. 

  813. 	if b.conn == nil {
    814. 

  814. 		if b.connErr != nil {
    815. 

  815. 			return nil, b.connErr
    816. 

  816. 		}
    817. 

  817. 		return nil, ErrNotConnected
    818. 

  818. 	}
    819. 

  819. 

  820. 	if !b.conf.Version.IsAtLeast(rb.requiredVersion()) {
    821. 

  821. 		return nil, ErrUnsupportedVersion
    822. 

  822. 	}
    823. 

  823. 

  824. 	req := &request{correlationID: b.correlationID, clientID: b.conf.ClientID, body: rb}
    825. 

  825. 	buf, err := encode(req, b.conf.MetricRegistry)
    826. 

  826. 	if err != nil {
    827. 

  827. 		return nil, err
    828. 

  828. 	}
    829. 

  829. 

  830. 	requestTime := time.Now()
    831. 

  831. 	// Will be decremented in responseReceiver (except error or request with NoResponse)
    832. 

  832. 	b.addRequestInFlightMetrics(1)
    833. 

  833. 	bytes, err := b.write(buf)
    834. 

  834. 	b.updateOutgoingCommunicationMetrics(bytes)
    835. 

  835. 	if err != nil {
    836. 

  836. 		b.addRequestInFlightMetrics(-1)
    837. 

  837. 		return nil, err
    838. 

  838. 	}
    839. 

  839. 	b.correlationID++
    840. 

  840. 

  841. 	if !promiseResponse {
    842. 

  842. 		// Record request latency without the response
    843. 

  843. 		b.updateRequestLatencyAndInFlightMetrics(time.Since(requestTime))
    844. 

  844. 		return nil, nil
    845. 

  845. 	}
    846. 

  846. 

  847. 	promise := responsePromise{requestTime, req.correlationID, responseHeaderVersion, make(chan []byte), make(chan error)}
    848. 

  848. 	b.responses <- promise
    849. 

  849. 

  850. 	return &promise, nil
    851. 

  851. }
    852. 

  852. 

  853. func (b *Broker) sendAndReceive(req protocolBody, res protocolBody) error {
    854. 

  854. 	responseHeaderVersion := int16(-1)
    855. 

  855. 	if res != nil {
    856. 

  856. 		responseHeaderVersion = res.headerVersion()
    857. 

  857. 	}
    858. 

  858. 

  859. 	promise, err := b.send(req, res != nil, responseHeaderVersion)
    860. 

  860. 	if err != nil {
    861. 

  861. 		return err
    862. 

  862. 	}
    863. 

  863. 

  864. 	if promise == nil {
    865. 

  865. 		return nil
    866. 

  866. 	}
    867. 

  867. 

  868. 	select {
    869. 

  869. 	case buf := <-promise.packets:
    870. 

  870. 		return versionedDecode(buf, res, req.version())
    871. 

  871. 	case err = <-promise.errors:
    872. 

  872. 		return err
    873. 

  873. 	}
    874. 

  874. }
    875. 

  875. 

  876. func (b *Broker) decode(pd packetDecoder, version int16) (err error) {
    877. 

  877. 	b.id, err = pd.getInt32()
    878. 

  878. 	if err != nil {
    879. 

  879. 		return err
    880. 

  880. 	}
    881. 

  881. 

  882. 	host, err := pd.getString()
    883. 

  883. 	if err != nil {
    884. 

  884. 		return err
    885. 

  885. 	}
    886. 

  886. 

  887. 	port, err := pd.getInt32()
    888. 

  888. 	if err != nil {
    889. 

  889. 		return err
    890. 

  890. 	}
    891. 

  891. 

  892. 	if version >= 1 {
    893. 

  893. 		b.rack, err = pd.getNullableString()
    894. 

  894. 		if err != nil {
    895. 

  895. 			return err
    896. 

  896. 		}
    897. 

  897. 	}
    898. 

  898. 

  899. 	b.addr = net.JoinHostPort(host, fmt.Sprint(port))
    900. 

  900. 	if _, _, err := net.SplitHostPort(b.addr); err != nil {
    901. 

  901. 		return err
    902. 

  902. 	}
    903. 

  903. 

  904. 	return nil
    905. 

  905. }
    906. 

  906. 

  907. func (b *Broker) encode(pe packetEncoder, version int16) (err error) {
    908. 

  908. 	host, portstr, err := net.SplitHostPort(b.addr)
    909. 

  909. 	if err != nil {
    910. 

  910. 		return err
    911. 

  911. 	}
    912. 

  912. 

  913. 	port, err := strconv.ParseInt(portstr, 10, 32)
    914. 

  914. 	if err != nil {
    915. 

  915. 		return err
    916. 

  916. 	}
    917. 

  917. 

  918. 	pe.putInt32(b.id)
    919. 

  919. 

  920. 	err = pe.putString(host)
    921. 

  921. 	if err != nil {
    922. 

  922. 		return err
    923. 

  923. 	}
    924. 

  924. 

  925. 	pe.putInt32(int32(port))
    926. 

  926. 

  927. 	if version >= 1 {
    928. 

  928. 		err = pe.putNullableString(b.rack)
    929. 

  929. 		if err != nil {
    930. 

  930. 			return err
    931. 

  931. 		}
    932. 

  932. 	}
    933. 

  933. 

  934. 	return nil
    935. 

  935. }
    936. 

  936. 

  937. func (b *Broker) responseReceiver() {
    938. 

  938. 	var dead error
    939. 

  939. 

  940. 	for response := range b.responses {
    941. 

  941. 		if dead != nil {
    942. 

  942. 			// This was previously incremented in send() and
    943. 

  943. 			// we are not calling updateIncomingCommunicationMetrics()
    944. 

  944. 			b.addRequestInFlightMetrics(-1)
    945. 

  945. 			response.errors <- dead
    946. 

  946. 			continue
    947. 

  947. 		}
    948. 

  948. 

  949. 		headerLength := getHeaderLength(response.headerVersion)
    950. 

  950. 		header := make([]byte, headerLength)
    951. 

  951. 

  952. 		bytesReadHeader, err := b.readFull(header)
    953. 

  953. 		requestLatency := time.Since(response.requestTime)
    954. 

  954. 		if err != nil {
    955. 

  955. 			b.updateIncomingCommunicationMetrics(bytesReadHeader, requestLatency)
    956. 

  956. 			dead = err
    957. 

  957. 			response.errors <- err
    958. 

  958. 			continue
    959. 

  959. 		}
    960. 

  960. 

  961. 		decodedHeader := responseHeader{}
    962. 

  962. 		err = versionedDecode(header, &decodedHeader, response.headerVersion)
    963. 

  963. 		if err != nil {
    964. 

  964. 			b.updateIncomingCommunicationMetrics(bytesReadHeader, requestLatency)
    965. 

  965. 			dead = err
    966. 

  966. 			response.errors <- err
    967. 

  967. 			continue
    968. 

  968. 		}
    969. 

  969. 		if decodedHeader.correlationID != response.correlationID {
    970. 

  970. 			b.updateIncomingCommunicationMetrics(bytesReadHeader, requestLatency)
    971. 

  971. 			// TODO if decoded ID < cur ID, discard until we catch up
    972. 

  972. 			// TODO if decoded ID > cur ID, save it so when cur ID catches up we have a response
    973. 

  973. 			dead = PacketDecodingError{fmt.Sprintf("correlation ID didn't match, wanted %d, got %d", response.correlationID, decodedHeader.correlationID)}
    974. 

  974. 			response.errors <- dead
    975. 

  975. 			continue
    976. 

  976. 		}
    977. 

  977. 

  978. 		buf := make([]byte, decodedHeader.length-int32(headerLength)+4)
    979. 

  979. 		bytesReadBody, err := b.readFull(buf)
    980. 

  980. 		b.updateIncomingCommunicationMetrics(bytesReadHeader+bytesReadBody, requestLatency)
    981. 

  981. 		if err != nil {
    982. 

  982. 			dead = err
    983. 

  983. 			response.errors <- err
    984. 

  984. 			continue
    985. 

  985. 		}
    986. 

  986. 

  987. 		response.packets <- buf
    988. 

  988. 	}
    989. 

  989. 	close(b.done)
    990. 

  990. }
    991. 

  991. 

  992. func getHeaderLength(headerVersion int16) int8 {
    993. 

  993. 	if headerVersion < 1 {
    994. 

  994. 		return 8
    995. 

  995. 	} else {
    996. 

  996. 		// header contains additional tagged field length (0), we don't support actual tags yet.
    997. 

  997. 		return 9
    998. 

  998. 	}
    999. 

  999. }
    1000. 

  1000. 

  1001. func (b *Broker) authenticateViaSASL() error {
    1002. 

  1002. 	switch b.conf.Net.SASL.Mechanism {
    1003. 

  1003. 	case SASLTypeOAuth:
    1004. 

  1004. 		return b.sendAndReceiveSASLOAuth(b.conf.Net.SASL.TokenProvider)
    1005. 

  1005. 	case SASLTypeSCRAMSHA256, SASLTypeSCRAMSHA512:
    1006. 

  1006. 		return b.sendAndReceiveSASLSCRAM()
    1007. 

  1007. 	case SASLTypeGSSAPI:
    1008. 

  1008. 		return b.sendAndReceiveKerberos()
    1009. 

  1009. 	default:
    1010. 

  1010. 		return b.sendAndReceiveSASLPlainAuth()
    1011. 

  1011. 	}
    1012. 

  1012. }
    1013. 

  1013. 

  1014. func (b *Broker) sendAndReceiveKerberos() error {
    1015. 

  1015. 	b.kerberosAuthenticator.Config = &b.conf.Net.SASL.GSSAPI
    1016. 

  1016. 	if b.kerberosAuthenticator.NewKerberosClientFunc == nil {
    1017. 

  1017. 		b.kerberosAuthenticator.NewKerberosClientFunc = NewKerberosClient
    1018. 

  1018. 	}
    1019. 

  1019. 	return b.kerberosAuthenticator.Authorize(b)
    1020. 

  1020. }
    1021. 

  1021. 

  1022. func (b *Broker) sendAndReceiveSASLHandshake(saslType SASLMechanism, version int16) error {
    1023. 

  1023. 	rb := &SaslHandshakeRequest{Mechanism: string(saslType), Version: version}
    1024. 

  1024. 

  1025. 	req := &request{correlationID: b.correlationID, clientID: b.conf.ClientID, body: rb}
    1026. 

  1026. 	buf, err := encode(req, b.conf.MetricRegistry)
    1027. 

  1027. 	if err != nil {
    1028. 

  1028. 		return err
    1029. 

  1029. 	}
    1030. 

  1030. 

  1031. 	requestTime := time.Now()
    1032. 

  1032. 	// Will be decremented in updateIncomingCommunicationMetrics (except error)
    1033. 

  1033. 	b.addRequestInFlightMetrics(1)
    1034. 

  1034. 	bytes, err := b.write(buf)
    1035. 

  1035. 	b.updateOutgoingCommunicationMetrics(bytes)
    1036. 

  1036. 	if err != nil {
    1037. 

  1037. 		b.addRequestInFlightMetrics(-1)
    1038. 

  1038. 		Logger.Printf("Failed to send SASL handshake %s: %s\n", b.addr, err.Error())
    1039. 

  1039. 		return err
    1040. 

  1040. 	}
    1041. 

  1041. 	b.correlationID++
    1042. 

  1042. 

  1043. 	header := make([]byte, 8) // response header
    1044. 

  1044. 	_, err = b.readFull(header)
    1045. 

  1045. 	if err != nil {
    1046. 

  1046. 		b.addRequestInFlightMetrics(-1)
    1047. 

  1047. 		Logger.Printf("Failed to read SASL handshake header : %s\n", err.Error())
    1048. 

  1048. 		return err
    1049. 

  1049. 	}
    1050. 

  1050. 

  1051. 	length := binary.BigEndian.Uint32(header[:4])
    1052. 

  1052. 	payload := make([]byte, length-4)
    1053. 

  1053. 	n, err := b.readFull(payload)
    1054. 

  1054. 	if err != nil {
    1055. 

  1055. 		b.addRequestInFlightMetrics(-1)
    1056. 

  1056. 		Logger.Printf("Failed to read SASL handshake payload : %s\n", err.Error())
    1057. 

  1057. 		return err
    1058. 

  1058. 	}
    1059. 

  1059. 

  1060. 	b.updateIncomingCommunicationMetrics(n+8, time.Since(requestTime))
    1061. 

  1061. 	res := &SaslHandshakeResponse{}
    1062. 

  1062. 

  1063. 	err = versionedDecode(payload, res, 0)
    1064. 

  1064. 	if err != nil {
    1065. 

  1065. 		Logger.Printf("Failed to parse SASL handshake : %s\n", err.Error())
    1066. 

  1066. 		return err
    1067. 

  1067. 	}
    1068. 

  1068. 

  1069. 	if res.Err != ErrNoError {
    1070. 

  1070. 		Logger.Printf("Invalid SASL Mechanism : %s\n", res.Err.Error())
    1071. 

  1071. 		return res.Err
    1072. 

  1072. 	}
    1073. 

  1073. 

  1074. 	DebugLogger.Print("Successful SASL handshake. Available mechanisms: ", res.EnabledMechanisms)
    1075. 

  1075. 	return nil
    1076. 

  1076. }
    1077. 

  1077. 

  1078. // Kafka 0.10.x supported SASL PLAIN/Kerberos via KAFKA-3149 (KIP-43).
    1079. 

  1079. // Kafka 1.x.x onward added a SaslAuthenticate request/response message which
    1080. 

  1080. // wraps the SASL flow in the Kafka protocol, which allows for returning
    1081. 

  1081. // meaningful errors on authentication failure.
    1082. 

  1082. //
    1083. 

  1083. // In SASL Plain, Kafka expects the auth header to be in the following format
    1084. 

  1084. // Message format (from https://tools.ietf.org/html/rfc4616):
    1085. 

  1085. //
    1086. 

  1086. //   message   = [authzid] UTF8NUL authcid UTF8NUL passwd
    1087. 

  1087. //   authcid   = 1*SAFE ; MUST accept up to 255 octets
    1088. 

  1088. //   authzid   = 1*SAFE ; MUST accept up to 255 octets
    1089. 

  1089. //   passwd    = 1*SAFE ; MUST accept up to 255 octets
    1090. 

  1090. //   UTF8NUL   = %x00 ; UTF-8 encoded NUL character
    1091. 

  1091. //
    1092. 

  1092. //   SAFE      = UTF1 / UTF2 / UTF3 / UTF4
    1093. 

  1093. //                  ;; any UTF-8 encoded Unicode character except NUL
    1094. 

  1094. //
    1095. 

  1095. // With SASL v0 handshake and auth then:
    1096. 

  1096. // When credentials are valid, Kafka returns a 4 byte array of null characters.
    1097. 

  1097. // When credentials are invalid, Kafka closes the connection.
    1098. 

  1098. //
    1099. 

  1099. // With SASL v1 handshake and auth then:
    1100. 

  1100. // When credentials are invalid, Kafka replies with a SaslAuthenticate response
    1101. 

  1101. // containing an error code and message detailing the authentication failure.
    1102. 

  1102. func (b *Broker) sendAndReceiveSASLPlainAuth() error {
    1103. 

  1103. 	// default to V0 to allow for backward compatibility when SASL is enabled
    1104. 

  1104. 	// but not the handshake
    1105. 

  1105. 	if b.conf.Net.SASL.Handshake {
    1106. 

  1106. 		handshakeErr := b.sendAndReceiveSASLHandshake(SASLTypePlaintext, b.conf.Net.SASL.Version)
    1107. 

  1107. 		if handshakeErr != nil {
    1108. 

  1108. 			Logger.Printf("Error while performing SASL handshake %s\n", b.addr)
    1109. 

  1109. 			return handshakeErr
    1110. 

  1110. 		}
    1111. 

  1111. 	}
    1112. 

  1112. 

  1113. 	if b.conf.Net.SASL.Version == SASLHandshakeV1 {
    1114. 

  1114. 		return b.sendAndReceiveV1SASLPlainAuth()
    1115. 

  1115. 	}
    1116. 

  1116. 	return b.sendAndReceiveV0SASLPlainAuth()
    1117. 

  1117. }
    1118. 

  1118. 

  1119. // sendAndReceiveV0SASLPlainAuth flows the v0 sasl auth NOT wrapped in the kafka protocol
    1120. 

  1120. func (b *Broker) sendAndReceiveV0SASLPlainAuth() error {
    1121. 

  1121. 	length := len(b.conf.Net.SASL.AuthIdentity) + 1 + len(b.conf.Net.SASL.User) + 1 + len(b.conf.Net.SASL.Password)
    1122. 

  1122. 	authBytes := make([]byte, length+4) // 4 byte length header + auth data
    1123. 

  1123. 	binary.BigEndian.PutUint32(authBytes, uint32(length))
    1124. 

  1124. 	copy(authBytes[4:], b.conf.Net.SASL.AuthIdentity+"\x00"+b.conf.Net.SASL.User+"\x00"+b.conf.Net.SASL.Password)
    1125. 

  1125. 

  1126. 	requestTime := time.Now()
    1127. 

  1127. 	// Will be decremented in updateIncomingCommunicationMetrics (except error)
    1128. 

  1128. 	b.addRequestInFlightMetrics(1)
    1129. 

  1129. 	bytesWritten, err := b.write(authBytes)
    1130. 

  1130. 	b.updateOutgoingCommunicationMetrics(bytesWritten)
    1131. 

  1131. 	if err != nil {
    1132. 

  1132. 		b.addRequestInFlightMetrics(-1)
    1133. 

  1133. 		Logger.Printf("Failed to write SASL auth header to broker %s: %s\n", b.addr, err.Error())
    1134. 

  1134. 		return err
    1135. 

  1135. 	}
    1136. 

  1136. 

  1137. 	header := make([]byte, 4)
    1138. 

  1138. 	n, err := b.readFull(header)
    1139. 

  1139. 	b.updateIncomingCommunicationMetrics(n, time.Since(requestTime))
    1140. 

  1140. 	// If the credentials are valid, we would get a 4 byte response filled with null characters.
    1141. 

  1141. 	// Otherwise, the broker closes the connection and we get an EOF
    1142. 

  1142. 	if err != nil {
    1143. 

  1143. 		Logger.Printf("Failed to read response while authenticating with SASL to broker %s: %s\n", b.addr, err.Error())
    1144. 

  1144. 		return err
    1145. 

  1145. 	}
    1146. 

  1146. 

  1147. 	DebugLogger.Printf("SASL authentication successful with broker %s:%v - %v\n", b.addr, n, header)
    1148. 

  1148. 	return nil
    1149. 

  1149. }
    1150. 

  1150. 

  1151. // sendAndReceiveV1SASLPlainAuth flows the v1 sasl authentication using the kafka protocol
    1152. 

  1152. func (b *Broker) sendAndReceiveV1SASLPlainAuth() error {
    1153. 

  1153. 	correlationID := b.correlationID
    1154. 

  1154. 

  1155. 	requestTime := time.Now()
    1156. 

  1156. 

  1157. 	// Will be decremented in updateIncomingCommunicationMetrics (except error)
    1158. 

  1158. 	b.addRequestInFlightMetrics(1)
    1159. 

  1159. 	bytesWritten, err := b.sendSASLPlainAuthClientResponse(correlationID)
    1160. 

  1160. 	b.updateOutgoingCommunicationMetrics(bytesWritten)
    1161. 

  1161. 

  1162. 	if err != nil {
    1163. 

  1163. 		b.addRequestInFlightMetrics(-1)
    1164. 

  1164. 		Logger.Printf("Failed to write SASL auth header to broker %s: %s\n", b.addr, err.Error())
    1165. 

  1165. 		return err
    1166. 

  1166. 	}
    1167. 

  1167. 

  1168. 	b.correlationID++
    1169. 

  1169. 

  1170. 	bytesRead, err := b.receiveSASLServerResponse(&SaslAuthenticateResponse{}, correlationID)
    1171. 

  1171. 	b.updateIncomingCommunicationMetrics(bytesRead, time.Since(requestTime))
    1172. 

  1172. 

  1173. 	// With v1 sasl we get an error message set in the response we can return
    1174. 

  1174. 	if err != nil {
    1175. 

  1175. 		Logger.Printf("Error returned from broker during SASL flow %s: %s\n", b.addr, err.Error())
    1176. 

  1176. 		return err
    1177. 

  1177. 	}
    1178. 

  1178. 

  1179. 	return nil
    1180. 

  1180. }
    1181. 

  1181. 

  1182. // sendAndReceiveSASLOAuth performs the authentication flow as described by KIP-255
    1183. 

  1183. // https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=75968876
    1184. 

  1184. func (b *Broker) sendAndReceiveSASLOAuth(provider AccessTokenProvider) error {
    1185. 

  1185. 	if err := b.sendAndReceiveSASLHandshake(SASLTypeOAuth, SASLHandshakeV1); err != nil {
    1186. 

  1186. 		return err
    1187. 

  1187. 	}
    1188. 

  1188. 

  1189. 	token, err := provider.Token()
    1190. 

  1190. 	if err != nil {
    1191. 

  1191. 		return err
    1192. 

  1192. 	}
    1193. 

  1193. 

  1194. 	message, err := buildClientFirstMessage(token)
    1195. 

  1195. 	if err != nil {
    1196. 

  1196. 		return err
    1197. 

  1197. 	}
    1198. 

  1198. 

  1199. 	challenged, err := b.sendClientMessage(message)
    1200. 

  1200. 	if err != nil {
    1201. 

  1201. 		return err
    1202. 

  1202. 	}
    1203. 

  1203. 

  1204. 	if challenged {
    1205. 

  1205. 		// Abort the token exchange. The broker returns the failure code.
    1206. 

  1206. 		_, err = b.sendClientMessage([]byte(`\x01`))
    1207. 

  1207. 	}
    1208. 

  1208. 

  1209. 	return err
    1210. 

  1210. }
    1211. 

  1211. 

  1212. // sendClientMessage sends a SASL/OAUTHBEARER client message and returns true
    1213. 

  1213. // if the broker responds with a challenge, in which case the token is
    1214. 

  1214. // rejected.
    1215. 

  1215. func (b *Broker) sendClientMessage(message []byte) (bool, error) {
    1216. 

  1216. 	requestTime := time.Now()
    1217. 

  1217. 	// Will be decremented in updateIncomingCommunicationMetrics (except error)
    1218. 

  1218. 	b.addRequestInFlightMetrics(1)
    1219. 

  1219. 	correlationID := b.correlationID
    1220. 

  1220. 

  1221. 	bytesWritten, err := b.sendSASLOAuthBearerClientMessage(message, correlationID)
    1222. 

  1222. 	b.updateOutgoingCommunicationMetrics(bytesWritten)
    1223. 

  1223. 	if err != nil {
    1224. 

  1224. 		b.addRequestInFlightMetrics(-1)
    1225. 

  1225. 		return false, err
    1226. 

  1226. 	}
    1227. 

  1227. 

  1228. 	b.correlationID++
    1229. 

  1229. 

  1230. 	res := &SaslAuthenticateResponse{}
    1231. 

  1231. 	bytesRead, err := b.receiveSASLServerResponse(res, correlationID)
    1232. 

  1232. 

  1233. 	requestLatency := time.Since(requestTime)
    1234. 

  1234. 	b.updateIncomingCommunicationMetrics(bytesRead, requestLatency)
    1235. 

  1235. 

  1236. 	isChallenge := len(res.SaslAuthBytes) > 0
    1237. 

  1237. 

  1238. 	if isChallenge && err != nil {
    1239. 

  1239. 		Logger.Printf("Broker rejected authentication token: %s", res.SaslAuthBytes)
    1240. 

  1240. 	}
    1241. 

  1241. 

  1242. 	return isChallenge, err
    1243. 

  1243. }
    1244. 

  1244. 

  1245. func (b *Broker) sendAndReceiveSASLSCRAM() error {
    1246. 

  1246. 	if b.conf.Net.SASL.Version == SASLHandshakeV0 {
    1247. 

  1247. 		return b.sendAndReceiveSASLSCRAMv0()
    1248. 

  1248. 	}
    1249. 

  1249. 	return b.sendAndReceiveSASLSCRAMv1()
    1250. 

  1250. }
    1251. 

  1251. 

  1252. func (b *Broker) sendAndReceiveSASLSCRAMv0() error {
    1253. 

  1253. 	if err := b.sendAndReceiveSASLHandshake(b.conf.Net.SASL.Mechanism, SASLHandshakeV0); err != nil {
    1254. 

  1254. 		return err
    1255. 

  1255. 	}
    1256. 

  1256. 

  1257. 	scramClient := b.conf.Net.SASL.SCRAMClientGeneratorFunc()
    1258. 

  1258. 	if err := scramClient.Begin(b.conf.Net.SASL.User, b.conf.Net.SASL.Password, b.conf.Net.SASL.SCRAMAuthzID); err != nil {
    1259. 

  1259. 		return fmt.Errorf("failed to start SCRAM exchange with the server: %s", err.Error())
    1260. 

  1260. 	}
    1261. 

  1261. 

  1262. 	msg, err := scramClient.Step("")
    1263. 

  1263. 	if err != nil {
    1264. 

  1264. 		return fmt.Errorf("failed to advance the SCRAM exchange: %s", err.Error())
    1265. 

  1265. 	}
    1266. 

  1266. 

  1267. 	for !scramClient.Done() {
    1268. 

  1268. 		requestTime := time.Now()
    1269. 

  1269. 		// Will be decremented in updateIncomingCommunicationMetrics (except error)
    1270. 

  1270. 		b.addRequestInFlightMetrics(1)
    1271. 

  1271. 		length := len(msg)
    1272. 

  1272. 		authBytes := make([]byte, length+4) //4 byte length header + auth data
    1273. 

  1273. 		binary.BigEndian.PutUint32(authBytes, uint32(length))
    1274. 

  1274. 		copy(authBytes[4:], []byte(msg))
    1275. 

  1275. 		_, err := b.write(authBytes)
    1276. 

  1276. 		b.updateOutgoingCommunicationMetrics(length + 4)
    1277. 

  1277. 		if err != nil {
    1278. 

  1278. 			b.addRequestInFlightMetrics(-1)
    1279. 

  1279. 			Logger.Printf("Failed to write SASL auth header to broker %s: %s\n", b.addr, err.Error())
    1280. 

  1280. 			return err
    1281. 

  1281. 		}
    1282. 

  1282. 		b.correlationID++
    1283. 

  1283. 		header := make([]byte, 4)
    1284. 

  1284. 		_, err = b.readFull(header)
    1285. 

  1285. 		if err != nil {
    1286. 

  1286. 			b.addRequestInFlightMetrics(-1)
    1287. 

  1287. 			Logger.Printf("Failed to read response header while authenticating with SASL to broker %s: %s\n", b.addr, err.Error())
    1288. 

  1288. 			return err
    1289. 

  1289. 		}
    1290. 

  1290. 		payload := make([]byte, int32(binary.BigEndian.Uint32(header)))
    1291. 

  1291. 		n, err := b.readFull(payload)
    1292. 

  1292. 		if err != nil {
    1293. 

  1293. 			b.addRequestInFlightMetrics(-1)
    1294. 

  1294. 			Logger.Printf("Failed to read response payload while authenticating with SASL to broker %s: %s\n", b.addr, err.Error())
    1295. 

  1295. 			return err
    1296. 

  1296. 		}
    1297. 

  1297. 		b.updateIncomingCommunicationMetrics(n+4, time.Since(requestTime))
    1298. 

  1298. 		msg, err = scramClient.Step(string(payload))
    1299. 

  1299. 		if err != nil {
    1300. 

  1300. 			Logger.Println("SASL authentication failed", err)
    1301. 

  1301. 			return err
    1302. 

  1302. 		}
    1303. 

  1303. 	}
    1304. 

  1304. 

  1305. 	DebugLogger.Println("SASL authentication succeeded")
    1306. 

  1306. 	return nil
    1307. 

  1307. }
    1308. 

  1308. 

  1309. func (b *Broker) sendAndReceiveSASLSCRAMv1() error {
    1310. 

  1310. 	if err := b.sendAndReceiveSASLHandshake(b.conf.Net.SASL.Mechanism, SASLHandshakeV1); err != nil {
    1311. 

  1311. 		return err
    1312. 

  1312. 	}
    1313. 

  1313. 

  1314. 	scramClient := b.conf.Net.SASL.SCRAMClientGeneratorFunc()
    1315. 

  1315. 	if err := scramClient.Begin(b.conf.Net.SASL.User, b.conf.Net.SASL.Password, b.conf.Net.SASL.SCRAMAuthzID); err != nil {
    1316. 

  1316. 		return fmt.Errorf("failed to start SCRAM exchange with the server: %s", err.Error())
    1317. 

  1317. 	}
    1318. 

  1318. 

  1319. 	msg, err := scramClient.Step("")
    1320. 

  1320. 	if err != nil {
    1321. 

  1321. 		return fmt.Errorf("failed to advance the SCRAM exchange: %s", err.Error())
    1322. 

  1322. 	}
    1323. 

  1323. 

  1324. 	for !scramClient.Done() {
    1325. 

  1325. 		requestTime := time.Now()
    1326. 

  1326. 		// Will be decremented in updateIncomingCommunicationMetrics (except error)
    1327. 

  1327. 		b.addRequestInFlightMetrics(1)
    1328. 

  1328. 		correlationID := b.correlationID
    1329. 

  1329. 		bytesWritten, err := b.sendSaslAuthenticateRequest(correlationID, []byte(msg))
    1330. 

  1330. 		b.updateOutgoingCommunicationMetrics(bytesWritten)
    1331. 

  1331. 		if err != nil {
    1332. 

  1332. 			b.addRequestInFlightMetrics(-1)
    1333. 

  1333. 			Logger.Printf("Failed to write SASL auth header to broker %s: %s\n", b.addr, err.Error())
    1334. 

  1334. 			return err
    1335. 

  1335. 		}
    1336. 

  1336. 

  1337. 		b.correlationID++
    1338. 

  1338. 		challenge, err := b.receiveSaslAuthenticateResponse(correlationID)
    1339. 

  1339. 		if err != nil {
    1340. 

  1340. 			b.addRequestInFlightMetrics(-1)
    1341. 

  1341. 			Logger.Printf("Failed to read response while authenticating with SASL to broker %s: %s\n", b.addr, err.Error())
    1342. 

  1342. 			return err
    1343. 

  1343. 		}
    1344. 

  1344. 

  1345. 		b.updateIncomingCommunicationMetrics(len(challenge), time.Since(requestTime))
    1346. 

  1346. 		msg, err = scramClient.Step(string(challenge))
    1347. 

  1347. 		if err != nil {
    1348. 

  1348. 			Logger.Println("SASL authentication failed", err)
    1349. 

  1349. 			return err
    1350. 

  1350. 		}
    1351. 

  1351. 	}
    1352. 

  1352. 

  1353. 	DebugLogger.Println("SASL authentication succeeded")
    1354. 

  1354. 	return nil
    1355. 

  1355. }
    1356. 

  1356. 

  1357. func (b *Broker) sendSaslAuthenticateRequest(correlationID int32, msg []byte) (int, error) {
    1358. 

  1358. 	rb := &SaslAuthenticateRequest{msg}
    1359. 

  1359. 	req := &request{correlationID: correlationID, clientID: b.conf.ClientID, body: rb}
    1360. 

  1360. 	buf, err := encode(req, b.conf.MetricRegistry)
    1361. 

  1361. 	if err != nil {
    1362. 

  1362. 		return 0, err
    1363. 

  1363. 	}
    1364. 

  1364. 

  1365. 	return b.write(buf)
    1366. 

  1366. }
    1367. 

  1367. 

  1368. func (b *Broker) receiveSaslAuthenticateResponse(correlationID int32) ([]byte, error) {
    1369. 

  1369. 	buf := make([]byte, responseLengthSize+correlationIDSize)
    1370. 

  1370. 	_, err := b.readFull(buf)
    1371. 

  1371. 	if err != nil {
    1372. 

  1372. 		return nil, err
    1373. 

  1373. 	}
    1374. 

  1374. 

  1375. 	header := responseHeader{}
    1376. 

  1376. 	err = versionedDecode(buf, &header, 0)
    1377. 

  1377. 	if err != nil {
    1378. 

  1378. 		return nil, err
    1379. 

  1379. 	}
    1380. 

  1380. 

  1381. 	if header.correlationID != correlationID {
    1382. 

  1382. 		return nil, fmt.Errorf("correlation ID didn't match, wanted %d, got %d", b.correlationID, header.correlationID)
    1383. 

  1383. 	}
    1384. 

  1384. 

  1385. 	buf = make([]byte, header.length-correlationIDSize)
    1386. 

  1386. 	_, err = b.readFull(buf)
    1387. 

  1387. 	if err != nil {
    1388. 

  1388. 		return nil, err
    1389. 

  1389. 	}
    1390. 

  1390. 

  1391. 	res := &SaslAuthenticateResponse{}
    1392. 

  1392. 	if err := versionedDecode(buf, res, 0); err != nil {
    1393. 

  1393. 		return nil, err
    1394. 

  1394. 	}
    1395. 

  1395. 	if res.Err != ErrNoError {
    1396. 

  1396. 		return nil, res.Err
    1397. 

  1397. 	}
    1398. 

  1398. 	return res.SaslAuthBytes, nil
    1399. 

  1399. }
    1400. 

  1400. 

  1401. // Build SASL/OAUTHBEARER initial client response as described by RFC-7628
    1402. 

  1402. // https://tools.ietf.org/html/rfc7628
    1403. 

  1403. func buildClientFirstMessage(token *AccessToken) ([]byte, error) {
    1404. 

  1404. 	var ext string
    1405. 

  1405. 

  1406. 	if token.Extensions != nil && len(token.Extensions) > 0 {
    1407. 

  1407. 		if _, ok := token.Extensions[SASLExtKeyAuth]; ok {
    1408. 

  1408. 			return []byte{}, fmt.Errorf("the extension `%s` is invalid", SASLExtKeyAuth)
    1409. 

  1409. 		}
    1410. 

  1410. 		ext = "\x01" + mapToString(token.Extensions, "=", "\x01")
    1411. 

  1411. 	}
    1412. 

  1412. 

  1413. 	resp := []byte(fmt.Sprintf("n,,\x01auth=Bearer %s%s\x01\x01", token.Token, ext))
    1414. 

  1414. 

  1415. 	return resp, nil
    1416. 

  1416. }
    1417. 

  1417. 

  1418. // mapToString returns a list of key-value pairs ordered by key.
    1419. 

  1419. // keyValSep separates the key from the value. elemSep separates each pair.
    1420. 

  1420. func mapToString(extensions map[string]string, keyValSep string, elemSep string) string {
    1421. 

  1421. 	buf := make([]string, 0, len(extensions))
    1422. 

  1422. 

  1423. 	for k, v := range extensions {
    1424. 

  1424. 		buf = append(buf, k+keyValSep+v)
    1425. 

  1425. 	}
    1426. 

  1426. 

  1427. 	sort.Strings(buf)
    1428. 

  1428. 

  1429. 	return strings.Join(buf, elemSep)
    1430. 

  1430. }
    1431. 

  1431. 

  1432. func (b *Broker) sendSASLPlainAuthClientResponse(correlationID int32) (int, error) {
    1433. 

  1433. 	authBytes := []byte(b.conf.Net.SASL.AuthIdentity + "\x00" + b.conf.Net.SASL.User + "\x00" + b.conf.Net.SASL.Password)
    1434. 

  1434. 	rb := &SaslAuthenticateRequest{authBytes}
    1435. 

  1435. 	req := &request{correlationID: correlationID, clientID: b.conf.ClientID, body: rb}
    1436. 

  1436. 	buf, err := encode(req, b.conf.MetricRegistry)
    1437. 

  1437. 	if err != nil {
    1438. 

  1438. 		return 0, err
    1439. 

  1439. 	}
    1440. 

  1440. 

  1441. 	return b.write(buf)
    1442. 

  1442. }
    1443. 

  1443. 

  1444. func (b *Broker) sendSASLOAuthBearerClientMessage(initialResp []byte, correlationID int32) (int, error) {
    1445. 

  1445. 	rb := &SaslAuthenticateRequest{initialResp}
    1446. 

  1446. 

  1447. 	req := &request{correlationID: correlationID, clientID: b.conf.ClientID, body: rb}
    1448. 

  1448. 

  1449. 	buf, err := encode(req, b.conf.MetricRegistry)
    1450. 

  1450. 	if err != nil {
    1451. 

  1451. 		return 0, err
    1452. 

  1452. 	}
    1453. 

  1453. 

  1454. 	return b.write(buf)
    1455. 

  1455. }
    1456. 

  1456. 

  1457. func (b *Broker) receiveSASLServerResponse(res *SaslAuthenticateResponse, correlationID int32) (int, error) {
    1458. 

  1458. 	buf := make([]byte, responseLengthSize+correlationIDSize)
    1459. 

  1459. 	bytesRead, err := b.readFull(buf)
    1460. 

  1460. 	if err != nil {
    1461. 

  1461. 		return bytesRead, err
    1462. 

  1462. 	}
    1463. 

  1463. 

  1464. 	header := responseHeader{}
    1465. 

  1465. 	err = versionedDecode(buf, &header, 0)
    1466. 

  1466. 	if err != nil {
    1467. 

  1467. 		return bytesRead, err
    1468. 

  1468. 	}
    1469. 

  1469. 

  1470. 	if header.correlationID != correlationID {
    1471. 

  1471. 		return bytesRead, fmt.Errorf("correlation ID didn't match, wanted %d, got %d", b.correlationID, header.correlationID)
    1472. 

  1472. 	}
    1473. 

  1473. 

  1474. 	buf = make([]byte, header.length-correlationIDSize)
    1475. 

  1475. 	c, err := b.readFull(buf)
    1476. 

  1476. 	bytesRead += c
    1477. 

  1477. 	if err != nil {
    1478. 

  1478. 		return bytesRead, err
    1479. 

  1479. 	}
    1480. 

  1480. 

  1481. 	if err := versionedDecode(buf, res, 0); err != nil {
    1482. 

  1482. 		return bytesRead, err
    1483. 

  1483. 	}
    1484. 

  1484. 

  1485. 	if res.Err != ErrNoError {
    1486. 

  1486. 		return bytesRead, res.Err
    1487. 

  1487. 	}
    1488. 

  1488. 

  1489. 	return bytesRead, nil
    1490. 

  1490. }
    1491. 

  1491. 

  1492. func (b *Broker) updateIncomingCommunicationMetrics(bytes int, requestLatency time.Duration) {
    1493. 

  1493. 	b.updateRequestLatencyAndInFlightMetrics(requestLatency)
    1494. 

  1494. 	b.responseRate.Mark(1)
    1495. 

  1495. 

  1496. 	if b.brokerResponseRate != nil {
    1497. 

  1497. 		b.brokerResponseRate.Mark(1)
    1498. 

  1498. 	}
    1499. 

  1499. 

  1500. 	responseSize := int64(bytes)
    1501. 

  1501. 	b.incomingByteRate.Mark(responseSize)
    1502. 

  1502. 	if b.brokerIncomingByteRate != nil {
    1503. 

  1503. 		b.brokerIncomingByteRate.Mark(responseSize)
    1504. 

  1504. 	}
    1505. 

  1505. 

  1506. 	b.responseSize.Update(responseSize)
    1507. 

  1507. 	if b.brokerResponseSize != nil {
    1508. 

  1508. 		b.brokerResponseSize.Update(responseSize)
    1509. 

  1509. 	}
    1510. 

  1510. }
    1511. 

  1511. 

  1512. func (b *Broker) updateRequestLatencyAndInFlightMetrics(requestLatency time.Duration) {
    1513. 

  1513. 	requestLatencyInMs := int64(requestLatency / time.Millisecond)
    1514. 

  1514. 	b.requestLatency.Update(requestLatencyInMs)
    1515. 

  1515. 

  1516. 	if b.brokerRequestLatency != nil {
    1517. 

  1517. 		b.brokerRequestLatency.Update(requestLatencyInMs)
    1518. 

  1518. 	}
    1519. 

  1519. 

  1520. 	b.addRequestInFlightMetrics(-1)
    1521. 

  1521. }
    1522. 

  1522. 

  1523. func (b *Broker) addRequestInFlightMetrics(i int64) {
    1524. 

  1524. 	b.requestsInFlight.Inc(i)
    1525. 

  1525. 	if b.brokerRequestsInFlight != nil {
    1526. 

  1526. 		b.brokerRequestsInFlight.Inc(i)
    1527. 

  1527. 	}
    1528. 

  1528. }
    1529. 

  1529. 

  1530. func (b *Broker) updateOutgoingCommunicationMetrics(bytes int) {
    1531. 

  1531. 	b.requestRate.Mark(1)
    1532. 

  1532. 	if b.brokerRequestRate != nil {
    1533. 

  1533. 		b.brokerRequestRate.Mark(1)
    1534. 

  1534. 	}
    1535. 

  1535. 

  1536. 	requestSize := int64(bytes)
    1537. 

  1537. 	b.outgoingByteRate.Mark(requestSize)
    1538. 

  1538. 	if b.brokerOutgoingByteRate != nil {
    1539. 

  1539. 		b.brokerOutgoingByteRate.Mark(requestSize)
    1540. 

  1540. 	}
    1541. 

  1541. 

  1542. 	b.requestSize.Update(requestSize)
    1543. 

  1543. 	if b.brokerRequestSize != nil {
    1544. 

  1544. 		b.brokerRequestSize.Update(requestSize)
    1545. 

  1545. 	}
    1546. 

  1546. }
    1547. 

  1547. 

  1548. func (b *Broker) registerMetrics() {
    1549. 

  1549. 	b.brokerIncomingByteRate = b.registerMeter("incoming-byte-rate")
    1550. 

  1550. 	b.brokerRequestRate = b.registerMeter("request-rate")
    1551. 

  1551. 	b.brokerRequestSize = b.registerHistogram("request-size")
    1552. 

  1552. 	b.brokerRequestLatency = b.registerHistogram("request-latency-in-ms")
    1553. 

  1553. 	b.brokerOutgoingByteRate = b.registerMeter("outgoing-byte-rate")
    1554. 

  1554. 	b.brokerResponseRate = b.registerMeter("response-rate")
    1555. 

  1555. 	b.brokerResponseSize = b.registerHistogram("response-size")
    1556. 

  1556. 	b.brokerRequestsInFlight = b.registerCounter("requests-in-flight")
    1557. 

  1557. 	b.brokerThrottleTime = b.registerHistogram("throttle-time-in-ms")
    1558. 

  1558. }
    1559. 

  1559. 

  1560. func (b *Broker) unregisterMetrics() {
    1561. 

  1561. 	for _, name := range b.registeredMetrics {
    1562. 

  1562. 		b.conf.MetricRegistry.Unregister(name)
    1563. 

  1563. 	}
    1564. 

  1564. 	b.registeredMetrics = nil
    1565. 

  1565. }
    1566. 

  1566. 

  1567. func (b *Broker) registerMeter(name string) metrics.Meter {
    1568. 

  1568. 	nameForBroker := getMetricNameForBroker(name, b)
    1569. 

  1569. 	b.registeredMetrics = append(b.registeredMetrics, nameForBroker)
    1570. 

  1570. 	return metrics.GetOrRegisterMeter(nameForBroker, b.conf.MetricRegistry)
    1571. 

  1571. }
    1572. 

  1572. 

  1573. func (b *Broker) registerHistogram(name string) metrics.Histogram {
    1574. 

  1574. 	nameForBroker := getMetricNameForBroker(name, b)
    1575. 

  1575. 	b.registeredMetrics = append(b.registeredMetrics, nameForBroker)
    1576. 

  1576. 	return getOrRegisterHistogram(nameForBroker, b.conf.MetricRegistry)
    1577. 

  1577. }
    1578. 

  1578. 

  1579. func (b *Broker) registerCounter(name string) metrics.Counter {
    1580. 

  1580. 	nameForBroker := getMetricNameForBroker(name, b)
    1581. 

  1581. 	b.registeredMetrics = append(b.registeredMetrics, nameForBroker)
    1582. 

  1582. 	return metrics.GetOrRegisterCounter(nameForBroker, b.conf.MetricRegistry)
    1583. 

  1583. }
    1584. 

  1584. 

  1585. func validServerNameTLS(addr string, cfg *tls.Config) *tls.Config {
    1586. 

  1586. 	if cfg == nil {
    1587. 

  1587. 		cfg = &tls.Config{
    1588. 

  1588. 			MinVersion: tls.VersionTLS12,
    1589. 

  1589. 		}
    1590. 

  1590. 	}
    1591. 

  1591. 	if cfg.ServerName != "" {
    1592. 

  1592. 		return cfg
    1593. 

  1593. 	}
    1594. 

  1594. 

  1595. 	c := cfg.Clone()
    1596. 

  1596. 	sn, _, err := net.SplitHostPort(addr)
    1597. 

  1597. 	if err != nil {
    1598. 

  1598. 		Logger.Println(fmt.Errorf("failed to get ServerName from addr %w", err))
    1599. 

  1599. 	}
    1600. 

  1600. 	c.ServerName = sn
    1601. 

  1601. 	return c
    1602. 

  1602. }
    1603.