[
https://issues.apache.org/jira/browse/HIVE-9934?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14365794#comment-14365794
]
Hive QA commented on HIVE-9934:
-------------------------------
{color:red}Overall{color}: -1 no tests executed
Here are the results of testing the latest attachment:
https://issues.apache.org/jira/secure/attachment/12705130/HIVE-9934.4.patch
Test results:
http://ec2-174-129-184-35.compute-1.amazonaws.com/jenkins/job/PreCommit-HIVE-TRUNK-Build/3059/testReport
Console output:
http://ec2-174-129-184-35.compute-1.amazonaws.com/jenkins/job/PreCommit-HIVE-TRUNK-Build/3059/console
Test logs:
http://ec2-174-129-184-35.compute-1.amazonaws.com/logs/PreCommit-HIVE-TRUNK-Build-3059/
Messages:
{noformat}
**** This message was trimmed, see log for full details ****
[INFO] Excluding org.scala-lang:scala-compiler:jar:2.10.0 from the shaded jar.
[INFO] Excluding org.scala-lang:scala-reflect:jar:2.10.0 from the shaded jar.
[INFO] Excluding com.fasterxml.jackson.core:jackson-databind:jar:2.3.1 from the
shaded jar.
[INFO] Excluding com.fasterxml.jackson.core:jackson-annotations:jar:2.3.0 from
the shaded jar.
[INFO] Excluding com.fasterxml.jackson.core:jackson-core:jar:2.3.1 from the
shaded jar.
[INFO] Excluding org.apache.mesos:mesos:jar:shaded-protobuf:0.18.1 from the
shaded jar.
[INFO] Excluding com.clearspring.analytics:stream:jar:2.7.0 from the shaded jar.
[INFO] Excluding com.codahale.metrics:metrics-core:jar:3.0.0 from the shaded
jar.
[INFO] Excluding com.codahale.metrics:metrics-jvm:jar:3.0.0 from the shaded jar.
[INFO] Excluding com.codahale.metrics:metrics-json:jar:3.0.0 from the shaded
jar.
[INFO] Excluding com.codahale.metrics:metrics-graphite:jar:3.0.0 from the
shaded jar.
[INFO] Excluding org.tachyonproject:tachyon-client:jar:0.5.0 from the shaded
jar.
[INFO] Excluding org.tachyonproject:tachyon:jar:0.5.0 from the shaded jar.
[INFO] Excluding org.spark-project:pyrolite:jar:2.0.1 from the shaded jar.
[INFO] Excluding net.sf.py4j:py4j:jar:0.8.2.1 from the shaded jar.
[INFO] Excluding org.spark-project.spark:unused:jar:1.0.0 from the shaded jar.
[INFO] Excluding org.apache.hadoop:hadoop-common:jar:2.6.0 from the shaded jar.
[INFO] Excluding xmlenc:xmlenc:jar:0.52 from the shaded jar.
[INFO] Excluding javax.servlet:servlet-api:jar:2.5 from the shaded jar.
[INFO] Excluding org.mortbay.jetty:jetty:jar:6.1.26 from the shaded jar.
[INFO] Excluding org.mortbay.jetty:jetty-util:jar:6.1.26 from the shaded jar.
[INFO] Excluding com.sun.jersey:jersey-core:jar:1.14 from the shaded jar.
[INFO] Excluding com.sun.jersey:jersey-json:jar:1.14 from the shaded jar.
[INFO] Excluding org.codehaus.jettison:jettison:jar:1.1 from the shaded jar.
[INFO] Excluding com.sun.xml.bind:jaxb-impl:jar:2.2.3-1 from the shaded jar.
[INFO] Excluding com.sun.jersey:jersey-server:jar:1.14 from the shaded jar.
[INFO] Excluding asm:asm:jar:3.1 from the shaded jar.
[INFO] Excluding tomcat:jasper-compiler:jar:5.5.23 from the shaded jar.
[INFO] Excluding tomcat:jasper-runtime:jar:5.5.23 from the shaded jar.
[INFO] Excluding javax.servlet.jsp:jsp-api:jar:2.1 from the shaded jar.
[INFO] Excluding commons-el:commons-el:jar:1.0 from the shaded jar.
[INFO] Excluding commons-configuration:commons-configuration:jar:1.6 from the
shaded jar.
[INFO] Excluding commons-digester:commons-digester:jar:1.8 from the shaded jar.
[INFO] Excluding commons-beanutils:commons-beanutils:jar:1.7.0 from the shaded
jar.
[INFO] Excluding commons-beanutils:commons-beanutils-core:jar:1.8.0 from the
shaded jar.
[INFO] Excluding com.google.code.gson:gson:jar:2.2.4 from the shaded jar.
[INFO] Excluding org.apache.hadoop:hadoop-auth:jar:2.6.0 from the shaded jar.
[INFO] Excluding
org.apache.directory.server:apacheds-kerberos-codec:jar:2.0.0-M15 from the
shaded jar.
[INFO] Excluding org.apache.directory.server:apacheds-i18n:jar:2.0.0-M15 from
the shaded jar.
[INFO] Excluding org.apache.directory.api:api-asn1-api:jar:1.0.0-M20 from the
shaded jar.
[INFO] Excluding org.apache.directory.api:api-util:jar:1.0.0-M20 from the
shaded jar.
[INFO] Excluding com.jcraft:jsch:jar:0.1.42 from the shaded jar.
[INFO] Excluding org.htrace:htrace-core:jar:3.0.4 from the shaded jar.
[INFO] Excluding org.apache.hadoop:hadoop-archives:jar:2.6.0 from the shaded
jar.
[INFO] Excluding org.apache.hadoop:hadoop-mapreduce-client-core:jar:2.6.0 from
the shaded jar.
[INFO] Excluding com.google.inject.extensions:guice-servlet:jar:3.0 from the
shaded jar.
[INFO] Excluding org.apache.hadoop:hadoop-yarn-server-common:jar:2.6.0 from the
shaded jar.
[INFO] Excluding org.fusesource.leveldbjni:leveldbjni-all:jar:1.8 from the
shaded jar.
[INFO] Excluding org.apache.hadoop:hadoop-hdfs:jar:2.6.0 from the shaded jar.
[INFO] Excluding commons-daemon:commons-daemon:jar:1.0.13 from the shaded jar.
[INFO] Excluding xerces:xercesImpl:jar:2.9.1 from the shaded jar.
[INFO] Excluding xml-apis:xml-apis:jar:1.3.04 from the shaded jar.
[INFO] Excluding org.apache.hadoop:hadoop-yarn-api:jar:2.6.0 from the shaded
jar.
[INFO] Excluding org.apache.hadoop:hadoop-yarn-common:jar:2.6.0 from the shaded
jar.
[INFO] Excluding javax.xml.bind:jaxb-api:jar:2.2.2 from the shaded jar.
[INFO] Excluding javax.xml.stream:stax-api:jar:1.0-2 from the shaded jar.
[INFO] Excluding javax.activation:activation:jar:1.1 from the shaded jar.
[INFO] Excluding com.sun.jersey:jersey-client:jar:1.9 from the shaded jar.
[INFO] Excluding org.codehaus.jackson:jackson-jaxrs:jar:1.9.2 from the shaded
jar.
[INFO] Excluding org.codehaus.jackson:jackson-xc:jar:1.9.2 from the shaded jar.
[INFO] Excluding com.google.inject:guice:jar:3.0 from the shaded jar.
[INFO] Excluding javax.inject:javax.inject:jar:1 from the shaded jar.
[INFO] Excluding aopalliance:aopalliance:jar:1.0 from the shaded jar.
[INFO] Excluding com.sun.jersey.contribs:jersey-guice:jar:1.9 from the shaded
jar.
[INFO] Excluding org.apache.hadoop:hadoop-yarn-client:jar:2.6.0 from the shaded
jar.
[INFO] Excluding org.slf4j:slf4j-api:jar:1.7.5 from the shaded jar.
[INFO] Excluding org.slf4j:slf4j-log4j12:jar:1.7.5 from the shaded jar.
[INFO] Replacing original artifact with shaded artifact.
[INFO] Replacing
/data/hive-ptest/working/apache-svn-trunk-source/ql/target/hive-exec-1.2.0-SNAPSHOT.jar
with
/data/hive-ptest/working/apache-svn-trunk-source/ql/target/hive-exec-1.2.0-SNAPSHOT-shaded.jar
[INFO] Dependency-reduced POM written at:
/data/hive-ptest/working/apache-svn-trunk-source/ql/dependency-reduced-pom.xml
[INFO] Dependency-reduced POM written at:
/data/hive-ptest/working/apache-svn-trunk-source/ql/dependency-reduced-pom.xml
[INFO]
[INFO] --- maven-install-plugin:2.4:install (default-install) @ hive-exec ---
[INFO] Installing
/data/hive-ptest/working/apache-svn-trunk-source/ql/target/hive-exec-1.2.0-SNAPSHOT.jar
to
/data/hive-ptest/working/maven/org/apache/hive/hive-exec/1.2.0-SNAPSHOT/hive-exec-1.2.0-SNAPSHOT.jar
[INFO] Installing
/data/hive-ptest/working/apache-svn-trunk-source/ql/dependency-reduced-pom.xml
to
/data/hive-ptest/working/maven/org/apache/hive/hive-exec/1.2.0-SNAPSHOT/hive-exec-1.2.0-SNAPSHOT.pom
[INFO] Installing
/data/hive-ptest/working/apache-svn-trunk-source/ql/target/hive-exec-1.2.0-SNAPSHOT-tests.jar
to
/data/hive-ptest/working/maven/org/apache/hive/hive-exec/1.2.0-SNAPSHOT/hive-exec-1.2.0-SNAPSHOT-tests.jar
[INFO] Installing
/data/hive-ptest/working/apache-svn-trunk-source/ql/target/hive-exec-1.2.0-SNAPSHOT-core.jar
to
/data/hive-ptest/working/maven/org/apache/hive/hive-exec/1.2.0-SNAPSHOT/hive-exec-1.2.0-SNAPSHOT-core.jar
[INFO]
[INFO] ------------------------------------------------------------------------
[INFO] Building Hive Service 1.2.0-SNAPSHOT
[INFO] ------------------------------------------------------------------------
[INFO]
[INFO] --- maven-clean-plugin:2.5:clean (default-clean) @ hive-service ---
[INFO] Deleting /data/hive-ptest/working/apache-svn-trunk-source/service
(includes = [datanucleus.log, derby.log], excludes = [])
[INFO]
[INFO] --- maven-enforcer-plugin:1.3.1:enforce (enforce-no-snapshots) @
hive-service ---
[INFO]
[INFO] --- build-helper-maven-plugin:1.8:add-source (add-source) @ hive-service
---
[INFO] Source directory:
/data/hive-ptest/working/apache-svn-trunk-source/service/src/model added.
[INFO] Source directory:
/data/hive-ptest/working/apache-svn-trunk-source/service/src/gen/thrift/gen-javabean
added.
[INFO]
[INFO] --- maven-remote-resources-plugin:1.5:process (default) @ hive-service
---
[INFO]
[INFO] --- maven-resources-plugin:2.6:resources (default-resources) @
hive-service ---
[INFO] Using 'UTF-8' encoding to copy filtered resources.
[INFO] skip non existing resourceDirectory
/data/hive-ptest/working/apache-svn-trunk-source/service/src/main/resources
[INFO] Copying 3 resources
[INFO]
[INFO] --- maven-antrun-plugin:1.7:run (define-classpath) @ hive-service ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- maven-compiler-plugin:3.1:compile (default-compile) @ hive-service
---
[INFO] Compiling 176 source files to
/data/hive-ptest/working/apache-svn-trunk-source/service/target/classes
[WARNING]
/data/hive-ptest/working/apache-svn-trunk-source/service/src/java/org/apache/hive/service/cli/operation/SQLOperation.java:
Some input files use or override a deprecated API.
[WARNING]
/data/hive-ptest/working/apache-svn-trunk-source/service/src/java/org/apache/hive/service/cli/operation/SQLOperation.java:
Recompile with -Xlint:deprecation for details.
[WARNING]
/data/hive-ptest/working/apache-svn-trunk-source/service/src/java/org/apache/hive/service/cli/thrift/ThriftHttpServlet.java:
Some input files use unchecked or unsafe operations.
[WARNING]
/data/hive-ptest/working/apache-svn-trunk-source/service/src/java/org/apache/hive/service/cli/thrift/ThriftHttpServlet.java:
Recompile with -Xlint:unchecked for details.
[INFO]
[INFO] --- maven-resources-plugin:2.6:testResources (default-testResources) @
hive-service ---
[INFO] Using 'UTF-8' encoding to copy filtered resources.
[INFO] skip non existing resourceDirectory
/data/hive-ptest/working/apache-svn-trunk-source/service/src/test/resources
[INFO] Copying 3 resources
[INFO]
[INFO] --- maven-antrun-plugin:1.7:run (setup-test-dirs) @ hive-service ---
[INFO] Executing tasks
main:
[mkdir] Created dir:
/data/hive-ptest/working/apache-svn-trunk-source/service/target/tmp
[mkdir] Created dir:
/data/hive-ptest/working/apache-svn-trunk-source/service/target/warehouse
[mkdir] Created dir:
/data/hive-ptest/working/apache-svn-trunk-source/service/target/tmp/conf
[copy] Copying 11 files to
/data/hive-ptest/working/apache-svn-trunk-source/service/target/tmp/conf
[INFO] Executed tasks
[INFO]
[INFO] --- maven-compiler-plugin:3.1:testCompile (default-testCompile) @
hive-service ---
[INFO] Compiling 9 source files to
/data/hive-ptest/working/apache-svn-trunk-source/service/target/test-classes
[INFO] -------------------------------------------------------------
[WARNING] COMPILATION WARNING :
[INFO] -------------------------------------------------------------
[WARNING]
/data/hive-ptest/working/apache-svn-trunk-source/service/src/test/org/apache/hive/service/cli/TestHiveSQLException.java:
Some input files use or override a deprecated API.
[WARNING]
/data/hive-ptest/working/apache-svn-trunk-source/service/src/test/org/apache/hive/service/cli/TestHiveSQLException.java:
Recompile with -Xlint:deprecation for details.
[INFO] 2 warnings
[INFO] -------------------------------------------------------------
[INFO] -------------------------------------------------------------
[ERROR] COMPILATION ERROR :
[INFO] -------------------------------------------------------------
[ERROR]
/data/hive-ptest/working/apache-svn-trunk-source/service/src/test/org/apache/hive/service/auth/TestLdapAuthenticationProviderImpl.java:[29,4]
cannot find symbol
symbol: class Test
location: class
org.apache.hive.service.auth.TestLdapAuthenticationProviderImpl
[INFO] 1 error
[INFO] -------------------------------------------------------------
[INFO] ------------------------------------------------------------------------
[INFO] Reactor Summary:
[INFO]
[INFO] Hive .............................................. SUCCESS [11.554s]
[INFO] Hive Shims Common ................................. SUCCESS [11.449s]
[INFO] Hive Shims 0.20S .................................. SUCCESS [3.234s]
[INFO] Hive Shims 0.23 ................................... SUCCESS [10.993s]
[INFO] Hive Shims Scheduler .............................. SUCCESS [2.037s]
[INFO] Hive Shims ........................................ SUCCESS [2.736s]
[INFO] Hive Common ....................................... SUCCESS [26.647s]
[INFO] Hive Serde ........................................ SUCCESS [17.567s]
[INFO] Hive Metastore .................................... SUCCESS [35.653s]
[INFO] Hive Ant Utilities ................................ SUCCESS [1.739s]
[INFO] Spark Remote Client ............................... SUCCESS [24.281s]
[INFO] Hive Query Language ............................... SUCCESS [1:52.865s]
[INFO] Hive Service ...................................... FAILURE [5.764s]
[INFO] Hive Accumulo Handler ............................. SKIPPED
[INFO] Hive JDBC ......................................... SKIPPED
[INFO] Hive Beeline ...................................... SKIPPED
[INFO] Hive CLI .......................................... SKIPPED
[INFO] Hive Contrib ...................................... SKIPPED
[INFO] Hive HBase Handler ................................ SKIPPED
[INFO] Hive HCatalog ..................................... SKIPPED
[INFO] Hive HCatalog Core ................................ SKIPPED
[INFO] Hive HCatalog Pig Adapter ......................... SKIPPED
[INFO] Hive HCatalog Server Extensions ................... SKIPPED
[INFO] Hive HCatalog Webhcat Java Client ................. SKIPPED
[INFO] Hive HCatalog Webhcat ............................. SKIPPED
[INFO] Hive HCatalog Streaming ........................... SKIPPED
[INFO] Hive HWI .......................................... SKIPPED
[INFO] Hive ODBC ......................................... SKIPPED
[INFO] Hive Shims Aggregator ............................. SKIPPED
[INFO] Hive TestUtils .................................... SKIPPED
[INFO] Hive Packaging .................................... SKIPPED
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 4:29.556s
[INFO] Finished at: Tue Mar 17 15:00:16 EDT 2015
[INFO] Final Memory: 132M/700M
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal
org.apache.maven.plugins:maven-compiler-plugin:3.1:testCompile
(default-testCompile) on project hive-service: Compilation failure
[ERROR]
/data/hive-ptest/working/apache-svn-trunk-source/service/src/test/org/apache/hive/service/auth/TestLdapAuthenticationProviderImpl.java:[29,4]
cannot find symbol
[ERROR] symbol: class Test
[ERROR] location: class
org.apache.hive.service.auth.TestLdapAuthenticationProviderImpl
[ERROR] -> [Help 1]
[ERROR]
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e
switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR]
[ERROR] For more information about the errors and possible solutions, please
read the following articles:
[ERROR] [Help 1]
http://cwiki.apache.org/confluence/display/MAVEN/MojoFailureException
[ERROR]
[ERROR] After correcting the problems, you can resume the build with the command
[ERROR] mvn <goals> -rf :hive-service
+ exit 1
'
{noformat}
This message is automatically generated.
ATTACHMENT ID: 12705130 - PreCommit-HIVE-TRUNK-Build
> Vulnerability in LdapAuthenticationProviderImpl enables HiveServer2 client to
> degrade the authentication mechanism to "none", allowing authentication
> without password
> ----------------------------------------------------------------------------------------------------------------------------------------------------------------------
>
> Key: HIVE-9934
> URL: https://issues.apache.org/jira/browse/HIVE-9934
> Project: Hive
> Issue Type: Bug
> Components: Security
> Affects Versions: 1.1.0
> Reporter: Chao
> Assignee: Chao
> Attachments: HIVE-9934.1.patch, HIVE-9934.2.patch, HIVE-9934.3.patch,
> HIVE-9934.3.patch, HIVE-9934.4.patch
>
>
> Vulnerability in LdapAuthenticationProviderImpl enables HiveServer2 client to
> degrade the authentication mechanism to "none", allowing authentication
> without password.
> See: http://docs.oracle.com/javase/jndi/tutorial/ldap/security/simple.html
> “If you supply an empty string, an empty byte/char array, or null to the
> Context.SECURITY_CREDENTIALS environment property, then the authentication
> mechanism will be "none". This is because the LDAP requires the password to
> be nonempty for simple authentication. The protocol automatically converts
> the authentication to "none" if a password is not supplied.”
>
> Since the LdapAuthenticationProviderImpl.Authenticate method is relying on a
> NamingException being thrown during creation of initial context, it does not
> fail when the context result is an “unauthenticated” positive response from
> the LDAP server. The end result is, one can authenticate with HiveServer2
> using the LdapAuthenticationProviderImpl with only a user name and an empty
> password.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
