[ https://issues.apache.org/jira/browse/HDFS-3059?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14962724#comment-14962724 ]
Hadoop QA commented on HDFS-3059: --------------------------------- \\ \\ | (x) *{color:red}-1 overall{color}* | \\ \\ || Vote || Subsystem || Runtime || Comment || | {color:red}-1{color} | pre-patch | 21m 19s | Pre-patch trunk has 1 extant Findbugs (version 3.0.0) warnings. | | {color:green}+1{color} | @author | 0m 0s | The patch does not contain any @author tags. | | {color:red}-1{color} | tests included | 0m 0s | The patch doesn't appear to include any new or modified tests. Please justify why no new tests are needed for this patch. Also please list what manual steps were performed to verify this patch. | | {color:green}+1{color} | javac | 8m 35s | There were no new javac warning messages. | | {color:green}+1{color} | javadoc | 11m 10s | There were no new javadoc warning messages. | | {color:green}+1{color} | release audit | 0m 24s | The applied patch does not increase the total number of release audit warnings. | | {color:red}-1{color} | checkstyle | 1m 30s | The applied patch generated 2 new checkstyle issues (total was 508, now 510). | | {color:green}+1{color} | whitespace | 0m 0s | The patch has no lines that end in whitespace. | | {color:green}+1{color} | install | 1m 39s | mvn install still works. | | {color:green}+1{color} | eclipse:eclipse | 0m 36s | The patch built with eclipse:eclipse. | | {color:green}+1{color} | findbugs | 2m 39s | The patch does not introduce any new Findbugs (version 3.0.0) warnings. | | {color:green}+1{color} | native | 3m 25s | Pre-build of native portion | | {color:red}-1{color} | hdfs tests | 62m 57s | Tests failed in hadoop-hdfs. | | | | 114m 18s | | \\ \\ || Reason || Tests || | Failed unit tests | hadoop.hdfs.TestReplaceDatanodeOnFailure | | | hadoop.hdfs.TestRollingUpgrade | | | hadoop.hdfs.server.namenode.TestFileTruncate | \\ \\ || Subsystem || Report/Notes || | Patch URL | http://issues.apache.org/jira/secure/attachment/12766944/HDFS-3059.06.patch | | Optional Tests | javadoc javac unit findbugs checkstyle | | git revision | trunk / 0ab3f9d | | Pre-patch Findbugs warnings | https://builds.apache.org/job/PreCommit-HDFS-Build/13044/artifact/patchprocess/trunkFindbugsWarningshadoop-hdfs.html | | checkstyle | https://builds.apache.org/job/PreCommit-HDFS-Build/13044/artifact/patchprocess/diffcheckstylehadoop-hdfs.txt | | hadoop-hdfs test log | https://builds.apache.org/job/PreCommit-HDFS-Build/13044/artifact/patchprocess/testrun_hadoop-hdfs.txt | | Test Results | https://builds.apache.org/job/PreCommit-HDFS-Build/13044/testReport/ | | Java | 1.7.0_55 | | uname | Linux asf909.gq1.ygridcore.net 3.13.0-36-lowlatency #63-Ubuntu SMP PREEMPT Wed Sep 3 21:56:12 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux | | Console output | https://builds.apache.org/job/PreCommit-HDFS-Build/13044/console | This message was automatically generated. > ssl-server.xml causes NullPointer > --------------------------------- > > Key: HDFS-3059 > URL: https://issues.apache.org/jira/browse/HDFS-3059 > Project: Hadoop HDFS > Issue Type: Bug > Components: datanode, security > Affects Versions: 2.7.1 > Environment: in core-site.xml: > {code:xml} > <property> > <name>hadoop.security.authentication</name> > <value>kerberos</value> > </property> > <property> > <name>hadoop.security.authorization</name> > <value>true</value> > </property> > {code} > in hdfs-site.xml: > {code:xml} > <property> > <name>dfs.https.server.keystore.resource</name> > <value>/etc/hadoop/conf/ssl-server.xml</value> > </property> > <property> > <name>dfs.https.enable</name> > <value>true</value> > </property> > <property> > ...other security props > </property> > {code} > Reporter: Evert Lammerts > Assignee: Xiao Chen > Priority: Minor > Labels: BB2015-05-TBR > Attachments: HDFS-3059.02.patch, HDFS-3059.03.patch, > HDFS-3059.04.patch, HDFS-3059.05.patch, HDFS-3059.06.patch, HDFS-3059.patch, > HDFS-3059.patch.2 > > > If ssl is enabled (dfs.https.enable) but ssl-server.xml is not available, a > DN will crash during startup while setting up an SSL socket with a > NullPointerException: > {noformat}12/03/07 17:08:36 DEBUG security.Krb5AndCertsSslSocketConnector: > useKerb = false, useCerts = true > jetty.ssl.password : jetty.ssl.keypassword : 12/03/07 17:08:36 INFO > mortbay.log: jetty-6.1.26.cloudera.1 > 12/03/07 17:08:36 INFO mortbay.log: Started > selectchannelconnec...@p-worker35.alley.sara.nl:1006 > 12/03/07 17:08:36 DEBUG security.Krb5AndCertsSslSocketConnector: Creating new > KrbServerSocket for: 0.0.0.0 > 12/03/07 17:08:36 WARN mortbay.log: java.lang.NullPointerException > 12/03/07 17:08:36 WARN mortbay.log: failed > Krb5AndCertsSslSocketConnector@0.0.0.0:50475: java.io.IOException: > !JsseListener: java.lang.NullPointerException > 12/03/07 17:08:36 WARN mortbay.log: failed Server@604788d5: > java.io.IOException: !JsseListener: java.lang.NullPointerException > 12/03/07 17:08:36 INFO mortbay.log: Stopped > Krb5AndCertsSslSocketConnector@0.0.0.0:50475 > 12/03/07 17:08:36 INFO mortbay.log: Stopped > selectchannelconnec...@p-worker35.alley.sara.nl:1006 > 12/03/07 17:08:37 INFO datanode.DataNode: Waiting for threadgroup to exit, > active threads is 0{noformat} > The same happens if I set an absolute path to an existing > dfs.https.server.keystore.resource - in this case the file cannot be found > but not even a WARN is given. > Since in dfs.https.server.keystore.resource we know we need to have 4 > properties specified (ssl.server.truststore.location, > ssl.server.keystore.location, ssl.server.keystore.password, and > ssl.server.keystore.keypassword) we should check if they are set and throw an > IOException if they are not. -- This message was sent by Atlassian JIRA (v6.3.4#6332)