Merge pull request #1759 from marklogic/feature/polaris

A raft of Polaris fixes

Author: rjrudin

examples/src/main/java/com/marklogic/client/example/cookbook/SSLClientCreator.java

@@ -57,7 +57,7 @@ public X509Certificate[] getAcceptedIssuers() {
     };
 
     // create an SSL context
-    SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
+    SSLContext sslContext = SSLContext.getInstance("TLSv1.3");
     /*
      * Here, we use a naive TrustManager which would accept any certificate
      * which the server produces. But in a real application, there should be a

marklogic-client-api/src/main/java/com/marklogic/client/DatabaseClientFactory.java

@@ -1030,7 +1030,7 @@ public CertificateAuthContext(String certFile, String certPassword, X509TrustMan
         this.certFile = certFile;
         this.certPassword = certPassword;
         this.trustManager = trustManager;
-        this.sslContext = createSSLContext();
+        this.sslContext = createSSLContext(DEFAULT_SSL_PROTOCOL);
 	}
 
 	  /**
@@ -1060,11 +1060,6 @@ public CertificateAuthContext(String certFile, String certPassword, X509TrustMan
 		this.sslContext = createSSLContext(sslProtocol);
 	}
 
-    private SSLContext createSSLContext()
-			throws UnrecoverableKeyException, CertificateException, IOException, KeyManagementException {
-		return createSSLContext(DEFAULT_SSL_PROTOCOL);
-    }
-
     private SSLContext createSSLContext(String sslProtocol)
       throws CertificateException, IOException, UnrecoverableKeyException, KeyManagementException {
       if(certPassword == null) {
@@ -1076,12 +1071,14 @@ private SSLContext createSSLContext(String sslProtocol)
       try {
         keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
       } catch (NoSuchAlgorithmException e) {
+		  SSLUtil.logSecurityRelatedException(e);
         throw new IllegalStateException(
           "CertificateAuthContext requires KeyManagerFactory.getInstance(\"SunX509\")");
       }
       try {
         keyStore = KeyStore.getInstance("PKCS12");
       } catch (KeyStoreException e) {
+		  SSLUtil.logSecurityRelatedException(e);
         throw new IllegalStateException("CertificateAuthContext requires KeyStore.getInstance(\"PKCS12\")");
       }
       try {
@@ -1100,6 +1097,7 @@ private SSLContext createSSLContext(String sslProtocol)
 			sslContext = SSLContext.getInstance(sslProtocol);
 		}
       } catch (NoSuchAlgorithmException | KeyStoreException e) {
+		  SSLUtil.logSecurityRelatedException(e);
         throw new IllegalStateException("The certificate algorithm used or the Key store "
           + "Service provider Implementaion (SPI) is invalid. CertificateAuthContext "
           + "requires SunX509 algorithm and PKCS12 Key store SPI", e);
@@ -1291,6 +1289,7 @@ static public DatabaseClient newClient(String host, int port, String basePath, S
 		  clientConfigurators.forEach(configurator -> {
 			  if (configurator instanceof OkHttpClientConfigurator) {
 				  OkHttpClient okHttpClient = (OkHttpClient) services.getClientImplementation();
+				  Objects.requireNonNull(okHttpClient);
 				  OkHttpClient.Builder clientBuilder = okHttpClient.newBuilder();
 				  ((OkHttpClientConfigurator) configurator).configure(clientBuilder);
 				  ((OkHttpServices) services).setClientImplementation(clientBuilder.build());

marklogic-client-api/src/main/java/com/marklogic/client/datamovement/impl/QueryBatcherImpl.java

@@ -731,7 +731,8 @@ public void run() {
                 .withForest(forest);
 
         QueryManagerImpl queryMgr = (QueryManagerImpl) client.newQueryManager();
-        queryMgr.setPageLength(getBatchSize() * getDocToUriBatchRatio());
+		final long newPageLength = (long)getBatchSize() * (long)getDocToUriBatchRatio();
+        queryMgr.setPageLength(newPageLength);
         UrisHandle handle = new UrisHandle();
 
         if (consistentSnapshot == true && serverTimestamp.get() > -1) {
@@ -881,11 +882,13 @@ private void processDocs(QueryBatchImpl batch) {
               logger.error("Exception thrown by an onQueryFailure listener", e2);
             }
           }
-          if (retryForestMap.get(forest).get() == 0) {
-            isDone.set(true);
-          } else {
-            retryForestMap.get(forest).decrementAndGet();
-          }
+			AtomicInteger forestRetryCounter = retryForestMap.get(forest);
+			Objects.requireNonNull(forestRetryCounter);
+			if (forestRetryCounter.get() == 0) {
+				isDone.set(true);
+			} else {
+				forestRetryCounter.decrementAndGet();
+			}
         } else if (t instanceof RuntimeException) {
           throw (RuntimeException) t;
         } else {
@@ -905,7 +908,8 @@ private void launchNextTask() {
     	  shutdownIfAllForestsAreDone();
     	  return;
       }
-      long nextStart = start + getBatchSize() * getDocToUriBatchRatio();
+	  final long interval = (long)getBatchSize() * (long)getDocToUriBatchRatio();
+      long nextStart = start + interval;
       threadPool.execute(new QueryTask(
           moveMgr, batcher, forest, QueryBatcherImpl.this.queryMethod, query, filtered, forestBatchNum + getBatchSize(), nextStart, null, nextAfterUri
       ));

marklogic-client-api/src/main/java/com/marklogic/client/datamovement/impl/RowBatcherImpl.java

@@ -63,7 +63,7 @@ class RowBatcherImpl<T>  extends BatcherImpl implements RowBatcher<T> {
         this.rowsHandle = rowsHandle;
 
 		DatabaseClient databaseClient = getPrimaryClient();
-		assert databaseClient != null;
+		Objects.requireNonNull(databaseClient);
 		defaultRowManager = databaseClient.newRowManager();
 
         super.withBatchSize(DEFAULT_BATCH_SIZE);

marklogic-client-api/src/main/java/com/marklogic/client/impl/BaseProxy.java

@@ -51,6 +51,7 @@ public BaseProxy(String endpointDir, JSONWriteHandle serviceDeclaration) {
          init(endpointDir);
       } else {
          JsonNode serviceDecl = NodeConverter.handleToJsonNode(serviceDeclaration);
+		 Objects.requireNonNull(serviceDecl);
 
          JsonNode endpointDirProp = serviceDecl.get("endpointDirectory");
          if (endpointDirProp == null) {

marklogic-client-api/src/main/java/com/marklogic/client/impl/CombinedQueryBuilderImpl.java

@@ -301,7 +301,10 @@ private String makeXMLCombinedQuery(CombinedQueryDefinitionImpl qdef) {
         if ( value instanceof OutputStreamSender ) {
           ((OutputStreamSender) value).write(out);
         } else {
-          out.write(HandleAccessor.contentAsString(options).getBytes("UTF-8"));
+			String content = HandleAccessor.contentAsString(options);
+			if (content != null) {
+				out.write(content.getBytes("UTF-8"));
+			}
         }
         out.flush();
       }

marklogic-client-api/src/main/java/com/marklogic/client/impl/DatabaseClientPropertySource.java

@@ -440,13 +440,15 @@ private SSLUtil.SSLInputs useNewSSLContext(String sslProtocol, X509TrustManager
 		try {
 			sslContext = SSLContext.getInstance(sslProtocol);
 		} catch (NoSuchAlgorithmException e) {
+			SSLUtil.logSecurityRelatedException(e);
 			throw new RuntimeException(String.format("Unable to get SSLContext instance with protocol: %s; cause: %s",
 				sslProtocol, e.getMessage()), e);
 		}
 		if (userTrustManager != null) {
 			try {
 				sslContext.init(null, new X509TrustManager[]{userTrustManager}, null);
 			} catch (KeyManagementException e) {
+				SSLUtil.logSecurityRelatedException(e);
 				throw new RuntimeException(String.format("Unable to initialize SSLContext; protocol: %s; cause: %s",
 					sslProtocol, e.getMessage()), e);
 			}

marklogic-client-api/src/main/java/com/marklogic/client/impl/HTTPKerberosAuthInterceptor.java

@@ -48,6 +48,7 @@ public HTTPKerberosAuthInterceptor(String host, Map<String,String> krbOptions) {
     try {
       buildSubjectCredentials();
     } catch (LoginException e) {
+		SSLUtil.logSecurityRelatedException(e);
       throw new FailedRequestException(e.getMessage(), e);
     }
   }

marklogic-client-api/src/main/java/com/marklogic/client/impl/OkHttpServices.java

@@ -879,8 +879,8 @@ private boolean getDocumentImpl(RequestLogger reqlog,
 				"Document read for document identifier without uri");
 		}
 
-		assert metadataHandle != null : "metadataHandle is null";
-		assert contentHandle != null : "contentHandle is null";
+		Objects.requireNonNull(metadataHandle);
+		Objects.requireNonNull(contentHandle);
 
 		logger.debug("Getting multipart for {} in transaction {}", uri, getTransactionId(transaction));