IMPALA-5825: Catch exceptions thrown by TSSLSocketFactory c'tor Change-Id: I9b1698ee423c0db419b5de74c3664c88294fff49 Reviewed-on: http://gerrit.cloudera.org:8080/7768 Reviewed-by: Bharath Vissapragada <[email protected]> Tested-by: Impala Public Jenkins
Project: http://git-wip-us.apache.org/repos/asf/incubator-impala/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-impala/commit/f9b222e9 Tree: http://git-wip-us.apache.org/repos/asf/incubator-impala/tree/f9b222e9 Diff: http://git-wip-us.apache.org/repos/asf/incubator-impala/diff/f9b222e9 Branch: refs/heads/master Commit: f9b222e9229ef3830f00b0e47073d7a8880e2bfb Parents: 7264c54 Author: Henry Robinson <[email protected]> Authored: Mon Aug 21 17:55:39 2017 -0700 Committer: Impala Public Jenkins <[email protected]> Committed: Tue Aug 22 08:56:22 2017 +0000 ---------------------------------------------------------------------- be/src/rpc/thrift-server.cc | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-impala/blob/f9b222e9/be/src/rpc/thrift-server.cc ---------------------------------------------------------------------- diff --git a/be/src/rpc/thrift-server.cc b/be/src/rpc/thrift-server.cc index 1a558d9..35a1852 100644 --- a/be/src/rpc/thrift-server.cc +++ b/be/src/rpc/thrift-server.cc @@ -374,12 +374,13 @@ class ImpalaSslSocketFactory : public TSSLSocketFactory { } Status ThriftServer::CreateSocket(boost::shared_ptr<TServerTransport>* socket) { if (ssl_enabled()) { - // This 'factory' is only called once, since CreateSocket() is only called from - // Start() - boost::shared_ptr<TSSLSocketFactory> socket_factory( - new ImpalaSslSocketFactory(version_, key_password_)); - socket_factory->overrideDefaultPasswordCallback(); try { + // This 'factory' is only called once, since CreateSocket() is only called from + // Start(). The c'tor may throw if there is an error initializing the SSL context. + boost::shared_ptr<TSSLSocketFactory> socket_factory( + new ImpalaSslSocketFactory(version_, key_password_)); + socket_factory->overrideDefaultPasswordCallback(); + if (!cipher_list_.empty()) socket_factory->ciphers(cipher_list_); socket_factory->loadCertificate(certificate_path_.c_str()); socket_factory->loadPrivateKey(private_key_path_.c_str());
