Fixed SSL handling issues

This update includes:
- fix for SSL being turned off in backend
- fix for SSL issue with domain name check

Author: injectives

driver/src/main/java/org/neo4j/driver/internal/BoltServerAddress.java

@@ -22,14 +22,17 @@
 import java.net.InetSocketAddress;
 import java.net.SocketAddress;
 import java.net.URI;
+import java.util.Arrays;
 import java.util.Collections;
 import java.util.LinkedHashSet;
 import java.util.Objects;
 import java.util.Set;
+import java.util.stream.Stream;
 
 import org.neo4j.driver.net.ServerAddress;
 
 import static java.util.Objects.requireNonNull;
+import static java.util.stream.Collectors.joining;
 
 /**
  * Holds a host and port pair that denotes a Bolt server address.
@@ -39,11 +42,18 @@ public class BoltServerAddress implements ServerAddress
     public static final int DEFAULT_PORT = 7687;
     public static final BoltServerAddress LOCAL_DEFAULT = new BoltServerAddress( "localhost", DEFAULT_PORT );
 
+    private static final String HOST_ADDRESSES_FORMAT = "%s%s:%d";
+    private static final int MAX_HOST_ADDRESSES_IN_STRING_VALUE = 5;
+    private static final String BLANK_HOST_ADDRESSES = "";
+    private static final String HOST_ADDRESS_DELIMITER = ",";
+    private static final String HOST_ADDRESSES_PREFIX = "(";
+    private static final String HOST_ADDRESSES_SUFFIX = ")";
+    private static final String TRIMMED_HOST_ADDRESSES_SUFFIX = ",..." + HOST_ADDRESSES_SUFFIX;
+
     private final String host; // This could either be the same as originalHost or it is an IP address resolved from the original host.
     private final int port;
+    private final Set<InetAddress> resolvedAddresses;
     private final String stringValue;
-    
-    private final Set<BoltServerAddress> resolved;
 
     public BoltServerAddress( String address )
     {
@@ -57,15 +67,16 @@ public BoltServerAddress( URI uri )
 
     public BoltServerAddress( String host, int port )
     {
-        this( host, port, Collections.emptySet() );
+        this( host, port, (InetAddress[]) null );
     }
 
-    public BoltServerAddress( String host, int port, Set<BoltServerAddress> resolved )
+    public BoltServerAddress( String host, int port, InetAddress... resolvedAddressesArr )
     {
         this.host = requireNonNull( host, "host" );
         this.port = requireValidPort( port );
-        this.stringValue = String.format( "%s:%d", host, port );
-        this.resolved = Collections.unmodifiableSet( new LinkedHashSet<>( resolved ) );
+        resolvedAddresses = Collections.unmodifiableSet(
+                resolvedAddressesArr != null ? new LinkedHashSet<>( Arrays.asList( resolvedAddressesArr ) ) : Collections.emptySet() );
+        stringValue = createStringValue();
     }
 
     public static BoltServerAddress from( ServerAddress address )
@@ -86,14 +97,14 @@ public boolean equals( Object o )
         {
             return false;
         }
-        BoltServerAddress that = (BoltServerAddress) o;
-        return port == that.port && host.equals( that.host );
+        BoltServerAddress address = (BoltServerAddress) o;
+        return port == address.port && host.equals( address.host ) && resolvedAddresses.equals( address.resolvedAddresses );
     }
 
     @Override
     public int hashCode()
     {
-        return Objects.hash( host, port );
+        return Objects.hash( host, port, resolvedAddresses );
     }
 
     @Override
@@ -103,15 +114,18 @@ public String toString()
     }
 
     /**
-     * Create a {@link SocketAddress} from this bolt address. This method always attempts to resolve the hostname into
-     * an {@link InetAddress}.
+     * Create a {@link SocketAddress} from this bolt address. If the resolvedAddresses set is not empty, the first element is used as the address. If the set is
+     * empty, the host value is used instead.
      *
      * @return new socket address.
      * @see InetSocketAddress
      */
     public SocketAddress toSocketAddress()
     {
-        return new InetSocketAddress( host, port );
+        return resolvedAddresses.stream()
+                                .findFirst()
+                                .map( address -> new InetSocketAddress( address, port ) )
+                                .orElse( new InetSocketAddress( host, port ) );
     }
 
     @Override
@@ -126,9 +140,31 @@ public int port()
         return port;
     }
 
-    public Set<BoltServerAddress> resolved()
+    /**
+     * Create a stream of unicast addresses. If the resolvedAddresses set is not empty, each returned address contains precisely one resolved IP address. If the
+     * set is empty, a single address is returned using the host and port values, which is a unicast address within the context of this address.
+     *
+     * @return stream of unicast addresses.
+     */
+    public Stream<BoltServerAddress> toUnicast()
+    {
+        return resolvedAddresses.isEmpty()
+               ? Stream.of( new BoltServerAddress( host, port ) )
+               : resolvedAddresses.stream().map( address -> new BoltServerAddress( host, port, address ) );
+    }
+
+    private String createStringValue()
     {
-        return this.resolved;
+        String hostAddresses = resolvedAddresses.isEmpty()
+                               ? BLANK_HOST_ADDRESSES
+                               : resolvedAddresses.stream()
+                                                  .limit( MAX_HOST_ADDRESSES_IN_STRING_VALUE )
+                                                  .map( InetAddress::getHostAddress )
+                                                  .collect( joining( HOST_ADDRESS_DELIMITER, HOST_ADDRESSES_PREFIX,
+                                                                     resolvedAddresses.size() > MAX_HOST_ADDRESSES_IN_STRING_VALUE
+                                                                     ? TRIMMED_HOST_ADDRESSES_SUFFIX
+                                                                     : HOST_ADDRESSES_SUFFIX ) );
+        return String.format( HOST_ADDRESSES_FORMAT, host, hostAddresses, port );
     }
 
     private static String hostFrom( URI uri )

driver/src/main/java/org/neo4j/driver/internal/cluster/RediscoveryImpl.java

@@ -21,18 +21,15 @@
 import io.netty.util.concurrent.EventExecutorGroup;
 
 import java.net.UnknownHostException;
-import java.util.Arrays;
 import java.util.Collection;
 import java.util.HashSet;
-import java.util.LinkedHashSet;
 import java.util.LinkedList;
 import java.util.List;
 import java.util.Set;
 import java.util.concurrent.CompletableFuture;
 import java.util.concurrent.CompletionException;
 import java.util.concurrent.CompletionStage;
 import java.util.concurrent.TimeUnit;
-import java.util.stream.Collectors;
 
 import org.neo4j.driver.Bookmark;
 import org.neo4j.driver.Logger;
@@ -308,7 +305,7 @@ public List<BoltServerAddress> resolve() throws UnknownHostException
         {
             try
             {
-                resolvedAddresses.addAll( resolveAllByDomainName( BoltServerAddress.from( serverAddress ) ) );
+                resolveAllByDomainName( serverAddress ).toUnicast().forEach( resolvedAddresses::add );
             }
             catch ( UnknownHostException e )
             {
@@ -345,9 +342,9 @@ private BoltServerAddress resolveByDomainNameOrThrowCompletionException( BoltSer
     {
         try
         {
-            Set<BoltServerAddress> resolvedAddresses = resolveAllByDomainName( address );
-            routingTable.replaceRouterIfPresent( address, new BoltServerAddress( address.host(), address.port(), resolvedAddresses ) );
-            return resolvedAddresses.stream().findFirst().orElseThrow(
+            BoltServerAddress resolvedAddress = resolveAllByDomainName( address );
+            routingTable.replaceRouterIfPresent( address, resolvedAddress );
+            return resolvedAddress.toUnicast().findFirst().orElseThrow(
                     () -> new IllegalStateException( "Domain name resolution returned empty result set and has not thrown an exception" ) );
         }
         catch ( Throwable e )
@@ -356,10 +353,8 @@ private BoltServerAddress resolveByDomainNameOrThrowCompletionException( BoltSer
         }
     }
 
-    private Set<BoltServerAddress> resolveAllByDomainName( BoltServerAddress address ) throws UnknownHostException
+    private BoltServerAddress resolveAllByDomainName( ServerAddress address ) throws UnknownHostException
     {
-        return Arrays.stream( domainNameResolver.resolve( address.host() ) )
-                     .map( inetAddress -> new BoltServerAddress( inetAddress.getHostAddress(), address.port() ) )
-                     .collect( Collectors.toCollection( LinkedHashSet::new ) );
+        return new BoltServerAddress( address.host(), address.port(), domainNameResolver.resolve( address.host() ) );
     }
 }

driver/src/main/java/org/neo4j/driver/internal/cluster/RoutingTableHandlerImpl.java

@@ -116,11 +116,9 @@ private synchronized void freshClusterCompositionFetched( ClusterCompositionLook
             routingTableRegistry.removeAged();
 
             Set<BoltServerAddress> addressesToRetain = new LinkedHashSet<>();
-            for ( BoltServerAddress address : routingTableRegistry.allServers() )
-            {
-                addressesToRetain.add( address );
-                addressesToRetain.addAll( address.resolved() );
-            }
+            routingTableRegistry.allServers().stream()
+                                .flatMap( BoltServerAddress::toUnicast )
+                                .forEach( addressesToRetain::add );
             composition.getResolvedInitialRouters().ifPresent(
                     addresses ->
                     {