Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

panic : runtime error : index out of range [1] with length 1 #4302

Closed
JungHyeokChoi opened this issue Jun 29, 2023 · 8 comments
Closed

panic : runtime error : index out of range [1] with length 1 #4302

JungHyeokChoi opened this issue Jun 29, 2023 · 8 comments
Assignees
@C0rWin
Labels
bug

Comments

@JungHyeokChoi
Copy link

JungHyeokChoi commented Jun 29, 2023
edited
Loading

Description

Hello, I started the peer node with version 2.5.3 but got an error.

The error is follow:

2023-06-29 05:52:57.596 UTC 05a5 INFO [gossip.gossip] Stop -> Stopping gossip
2023-06-29 05:52:57.596 UTC 05a6 DEBU [gossip.gossip] handlePresumedDead -> Exiting
2023-06-29 05:52:57.596 UTC 05a7 DEBU [gossip.gossip] acceptMessages -> Exiting
2023-06-29 05:52:57.596 UTC 05a8 INFO [gossip.discovery] Stop -> Stopping
2023-06-29 05:52:57.596 UTC 05a9 INFO [gossip.discovery] Stop -> Stopped
2023-06-29 05:52:57.596 UTC 05aa INFO [gossip.comm] Stop -> Stopping
2023-06-29 05:52:57.596 UTC 05ab DEBU [gossip.comm] Stop -> Shut down connection store, connection count: 0
2023-06-29 05:52:57.596 UTC 05ac DEBU [gossip.comm] func1 -> Exiting Accept() loop
2023-06-29 05:52:57.596 UTC 05ad INFO [gossip.comm] Stop -> Stopped
panic: runtime error: index out of range [1] with length 1

goroutine 1 [running]:
http://github.com/hyperledger/fabric/msp.(*bccspmsp).sanitizeCert(0x0?, 0xc0000f7180)
	/msp/mspimpl.go:924 +0x245
http://github.com/hyperledger/fabric/msp.newIdentity(0xc00054e960?, {0x1d77100?, 0xc000015b18}, 0xc000413400)
	/msp/identities.go:61 +0x105
http://github.com/hyperledger/fabric/msp.(*bccspmsp).getIdentityFromConf(0xc000413400, {0xc00016b200?, 0x44b?, 0x480?})
	/msp/mspimpl.go:200 +0x9e
http://github.com/hyperledger/fabric/msp.(*bccspmsp).setupCAs(0xc000413400, 0xc0001e3680)
	/msp/mspimplsetup.go:135 +0x41f
http://github.com/hyperledger/fabric/msp.(*bccspmsp).preSetupV142(0xc000413400, 0xe9228e?)
	/msp/mspimplsetup.go:570 +0x3f
http://github.com/hyperledger/fabric/msp.(*bccspmsp).setupV142(0x18f4820?, 0xc0004bbbc0?)
	/msp/mspimplsetup.go:646 +0x25
http://github.com/hyperledger/fabric/msp.(*bccspmsp).Setup(0xc000413400, 0xc0006c7800)
	/msp/mspimpl.go:267 +0x146
http://github.com/hyperledger/fabric/msp/cache.(*cachedMSP).Setup(0xc0001afb30, 0xc000413400?)
	/msp/cache/cache.go:87 +0x3c

I used a full chain peer root certificate.

Versions v1.4.12 and v2.2.10 worked fine, but I ran into a problem with v2.5.3.

Please check this issues and reply.

Steps to reproduce

No response
@C0rWin
Copy link
Contributor

C0rWin commented Jun 29, 2023

Which version of go are you using?

@C0rWin C0rWin self-assigned this Jun 29, 2023
@JungHyeokChoi
Copy link
Author

JungHyeokChoi commented Jun 30, 2023
edited
Loading

I’m so sorry. late comment due to different time zone.

I’m using golang version 1.20.5

Version : v2.5.3
Commit SHA: 8e3bbcc
Go version: go1.20.5
OS/Arch: linux/amd64

If channel is not join, peer is working. but orderer still not working.

I used the ORDERER_GENERAL_TLS_ROOTCAS as the full chain issued by intermediate CA and still got the error.

Maybe i’m using it wrong?

@JungHyeokChoi
Copy link
Author

JungHyeokChoi commented Jun 30, 2023
edited
Loading

After checking, there is a problem when verifying the Root CA certificate part from genesis block, but I put in all the keys correctly.

  • admincerts
  • cacerts
  • intermediatecerts
  • tlscacerts
  • tlsintermediatecerts

@JungHyeokChoi
Copy link
Author

JungHyeokChoi commented Jun 30, 2023
edited
Loading

Fortunately i solved it.

In hyperledger fabric v1.4 and v2.2, verification succeeded even if intermediatecerts and tlsintermediatecerts folders did not exist in MSP when generating the genesis block, but in v2.5 an error occurred due to the changed logic.

Thank you for your help.

@C0rWin
Copy link
Contributor

C0rWin commented Jul 2, 2023

Fortunately i solved it.

In hyperledger fabric v1.4 and v2.2, verification succeeded even if intermediatecerts and tlsintermediatecerts folders did not exist in MSP when generating the genesis block, but in v2.5 an error occurred due to the changed logic.

Thank you for your help.

Thanks for your investigation, though I am still not clear what exactly happened since the panic stack trace indeed indicates there is a problem... not sure what exactly did you do, cause the error shows that it was trying to sanitize the certificate and wasn't able to extract the chain for non-root CA cert, which is odd.

@C0rWin
Copy link
Contributor

C0rWin commented Jul 3, 2023

Ok, I succeeded in reproducing the bug. The problem manifests when configuring a peer node, intermediate CA configured without root CAs. It worked previously because during certs sanitization, intermediate certs, and root certs were treated in the same way, while now there is a clear difference in how it works now.

I think the best way to treat it is to provide meaningful errors instead of letting peers fail with panic.

@C0rWin C0rWin mentioned this issue Jul 3, 2023
Merged
C0rWin added a commit to C0rWin/fabric that referenced this issue Jul 3, 2023
@C0rWin
[Fix]: Provide a meaningful error for cert sanitization
d7de0cd 
This commit takes care to handle the error where certificate
sanitization procedure fails to construct certificate chain due to
misconfiguration. Before this commit, the peer will simply fail with
panic without clear explanation of what exactly was wrong.

Addresses (hyperledger#4302).

Signed-off-by: Artem Barger <artem@bargr.net>
yacovm pushed a commit that referenced this issue Jul 5, 2023
@C0rWin
[Fix]: Provide a meaningful error for cert sanitization (#4307)
ffc6803 
This commit takes care to handle the error where certificate
sanitization procedure fails to construct certificate chain due to
misconfiguration. Before this commit, the peer will simply fail with
panic without clear explanation of what exactly was wrong.

Addresses (#4302).

Signed-off-by: Artem Barger <artem@bargr.net>
pfi79 pushed a commit to scientificideas/fabric that referenced this issue Jul 10, 2023
@C0rWin @pfi79
[Fix]: Provide a meaningful error for cert sanitization (hyperledger#…
15c70b4 
…4307)

This commit takes care to handle the error where certificate
sanitization procedure fails to construct certificate chain due to
misconfiguration. Before this commit, the peer will simply fail with
panic without clear explanation of what exactly was wrong.

Addresses (hyperledger#4302).

Signed-off-by: Artem Barger <artem@bargr.net>
(cherry picked from commit ffc6803)
mergify bot pushed a commit that referenced this issue Jul 19, 2023
@C0rWin @mergify
[Fix]: Provide a meaningful error for cert sanitization (#4307)
0e3c0ea 
This commit takes care to handle the error where certificate
sanitization procedure fails to construct certificate chain due to
misconfiguration. Before this commit, the peer will simply fail with
panic without clear explanation of what exactly was wrong.

Addresses (#4302).

Signed-off-by: Artem Barger <artem@bargr.net>
(cherry picked from commit ffc6803)
denyeart added a commit to denyeart/fabric that referenced this issue Jul 19, 2023
@denyeart
[Fix]: Provide a meaningful error for cert sanitization (release-2.2)
669cf52 
This commit handles the error where the certificate sanitization procedure fails to construct the certificate chain due to misconfiguration.
Before this commit, the peer will simply fail with panic without a clear explanation of what exactly was wrong.

Addresses (hyperledger#4302).

Signed-off-by: David Enyeart <enyeart@us.ibm.com>
@denyeart denyeart mentioned this issue Jul 19, 2023
Merged
denyeart pushed a commit that referenced this issue Jul 19, 2023
@C0rWin @denyeart
[Fix]: Provide a meaningful error for cert sanitization (#4307)
54b969a 
This commit takes care to handle the error where certificate
sanitization procedure fails to construct certificate chain due to
misconfiguration. Before this commit, the peer will simply fail with
panic without clear explanation of what exactly was wrong.

Addresses (#4302).

Signed-off-by: Artem Barger <artem@bargr.net>
(cherry picked from commit ffc6803)
yacovm pushed a commit that referenced this issue Jul 19, 2023
@denyeart
[Fix]: Provide a meaningful error for cert sanitization (release-2.2) (
21df05b 
…#4324)

This commit handles the error where the certificate sanitization procedure fails to construct the certificate chain due to misconfiguration.
Before this commit, the peer will simply fail with panic without a clear explanation of what exactly was wrong.

Addresses (#4302).

Signed-off-by: David Enyeart <enyeart@us.ibm.com>
@liz-llzz
Copy link

liz-llzz commented Oct 8, 2023

what are you think about?

@JungHyeokChoi
Copy link
Author

what are you think about?

What did you mean?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@C0rWin C0rWin

Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@C0rWin @JungHyeokChoi @liz-llzz