[ https://issues.apache.org/jira/browse/HIVE-9934?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14365794#comment-14365794 ]
Hive QA commented on HIVE-9934: ------------------------------- {color:red}Overall{color}: -1 no tests executed Here are the results of testing the latest attachment: https://issues.apache.org/jira/secure/attachment/12705130/HIVE-9934.4.patch Test results: http://ec2-174-129-184-35.compute-1.amazonaws.com/jenkins/job/PreCommit-HIVE-TRUNK-Build/3059/testReport Console output: http://ec2-174-129-184-35.compute-1.amazonaws.com/jenkins/job/PreCommit-HIVE-TRUNK-Build/3059/console Test logs: http://ec2-174-129-184-35.compute-1.amazonaws.com/logs/PreCommit-HIVE-TRUNK-Build-3059/ Messages: {noformat} **** This message was trimmed, see log for full details **** [INFO] Excluding org.scala-lang:scala-compiler:jar:2.10.0 from the shaded jar. [INFO] Excluding org.scala-lang:scala-reflect:jar:2.10.0 from the shaded jar. [INFO] Excluding com.fasterxml.jackson.core:jackson-databind:jar:2.3.1 from the shaded jar. [INFO] Excluding com.fasterxml.jackson.core:jackson-annotations:jar:2.3.0 from the shaded jar. [INFO] Excluding com.fasterxml.jackson.core:jackson-core:jar:2.3.1 from the shaded jar. [INFO] Excluding org.apache.mesos:mesos:jar:shaded-protobuf:0.18.1 from the shaded jar. [INFO] Excluding com.clearspring.analytics:stream:jar:2.7.0 from the shaded jar. [INFO] Excluding com.codahale.metrics:metrics-core:jar:3.0.0 from the shaded jar. [INFO] Excluding com.codahale.metrics:metrics-jvm:jar:3.0.0 from the shaded jar. [INFO] Excluding com.codahale.metrics:metrics-json:jar:3.0.0 from the shaded jar. [INFO] Excluding com.codahale.metrics:metrics-graphite:jar:3.0.0 from the shaded jar. [INFO] Excluding org.tachyonproject:tachyon-client:jar:0.5.0 from the shaded jar. [INFO] Excluding org.tachyonproject:tachyon:jar:0.5.0 from the shaded jar. [INFO] Excluding org.spark-project:pyrolite:jar:2.0.1 from the shaded jar. [INFO] Excluding net.sf.py4j:py4j:jar:0.8.2.1 from the shaded jar. [INFO] Excluding org.spark-project.spark:unused:jar:1.0.0 from the shaded jar. [INFO] Excluding org.apache.hadoop:hadoop-common:jar:2.6.0 from the shaded jar. [INFO] Excluding xmlenc:xmlenc:jar:0.52 from the shaded jar. [INFO] Excluding javax.servlet:servlet-api:jar:2.5 from the shaded jar. [INFO] Excluding org.mortbay.jetty:jetty:jar:6.1.26 from the shaded jar. [INFO] Excluding org.mortbay.jetty:jetty-util:jar:6.1.26 from the shaded jar. [INFO] Excluding com.sun.jersey:jersey-core:jar:1.14 from the shaded jar. [INFO] Excluding com.sun.jersey:jersey-json:jar:1.14 from the shaded jar. [INFO] Excluding org.codehaus.jettison:jettison:jar:1.1 from the shaded jar. [INFO] Excluding com.sun.xml.bind:jaxb-impl:jar:2.2.3-1 from the shaded jar. [INFO] Excluding com.sun.jersey:jersey-server:jar:1.14 from the shaded jar. [INFO] Excluding asm:asm:jar:3.1 from the shaded jar. [INFO] Excluding tomcat:jasper-compiler:jar:5.5.23 from the shaded jar. [INFO] Excluding tomcat:jasper-runtime:jar:5.5.23 from the shaded jar. [INFO] Excluding javax.servlet.jsp:jsp-api:jar:2.1 from the shaded jar. [INFO] Excluding commons-el:commons-el:jar:1.0 from the shaded jar. [INFO] Excluding commons-configuration:commons-configuration:jar:1.6 from the shaded jar. [INFO] Excluding commons-digester:commons-digester:jar:1.8 from the shaded jar. [INFO] Excluding commons-beanutils:commons-beanutils:jar:1.7.0 from the shaded jar. [INFO] Excluding commons-beanutils:commons-beanutils-core:jar:1.8.0 from the shaded jar. [INFO] Excluding com.google.code.gson:gson:jar:2.2.4 from the shaded jar. [INFO] Excluding org.apache.hadoop:hadoop-auth:jar:2.6.0 from the shaded jar. [INFO] Excluding org.apache.directory.server:apacheds-kerberos-codec:jar:2.0.0-M15 from the shaded jar. [INFO] Excluding org.apache.directory.server:apacheds-i18n:jar:2.0.0-M15 from the shaded jar. [INFO] Excluding org.apache.directory.api:api-asn1-api:jar:1.0.0-M20 from the shaded jar. [INFO] Excluding org.apache.directory.api:api-util:jar:1.0.0-M20 from the shaded jar. [INFO] Excluding com.jcraft:jsch:jar:0.1.42 from the shaded jar. [INFO] Excluding org.htrace:htrace-core:jar:3.0.4 from the shaded jar. [INFO] Excluding org.apache.hadoop:hadoop-archives:jar:2.6.0 from the shaded jar. [INFO] Excluding org.apache.hadoop:hadoop-mapreduce-client-core:jar:2.6.0 from the shaded jar. [INFO] Excluding com.google.inject.extensions:guice-servlet:jar:3.0 from the shaded jar. [INFO] Excluding org.apache.hadoop:hadoop-yarn-server-common:jar:2.6.0 from the shaded jar. [INFO] Excluding org.fusesource.leveldbjni:leveldbjni-all:jar:1.8 from the shaded jar. [INFO] Excluding org.apache.hadoop:hadoop-hdfs:jar:2.6.0 from the shaded jar. [INFO] Excluding commons-daemon:commons-daemon:jar:1.0.13 from the shaded jar. [INFO] Excluding xerces:xercesImpl:jar:2.9.1 from the shaded jar. [INFO] Excluding xml-apis:xml-apis:jar:1.3.04 from the shaded jar. [INFO] Excluding org.apache.hadoop:hadoop-yarn-api:jar:2.6.0 from the shaded jar. [INFO] Excluding org.apache.hadoop:hadoop-yarn-common:jar:2.6.0 from the shaded jar. [INFO] Excluding javax.xml.bind:jaxb-api:jar:2.2.2 from the shaded jar. [INFO] Excluding javax.xml.stream:stax-api:jar:1.0-2 from the shaded jar. [INFO] Excluding javax.activation:activation:jar:1.1 from the shaded jar. [INFO] Excluding com.sun.jersey:jersey-client:jar:1.9 from the shaded jar. [INFO] Excluding org.codehaus.jackson:jackson-jaxrs:jar:1.9.2 from the shaded jar. [INFO] Excluding org.codehaus.jackson:jackson-xc:jar:1.9.2 from the shaded jar. [INFO] Excluding com.google.inject:guice:jar:3.0 from the shaded jar. [INFO] Excluding javax.inject:javax.inject:jar:1 from the shaded jar. [INFO] Excluding aopalliance:aopalliance:jar:1.0 from the shaded jar. [INFO] Excluding com.sun.jersey.contribs:jersey-guice:jar:1.9 from the shaded jar. [INFO] Excluding org.apache.hadoop:hadoop-yarn-client:jar:2.6.0 from the shaded jar. [INFO] Excluding org.slf4j:slf4j-api:jar:1.7.5 from the shaded jar. [INFO] Excluding org.slf4j:slf4j-log4j12:jar:1.7.5 from the shaded jar. [INFO] Replacing original artifact with shaded artifact. [INFO] Replacing /data/hive-ptest/working/apache-svn-trunk-source/ql/target/hive-exec-1.2.0-SNAPSHOT.jar with /data/hive-ptest/working/apache-svn-trunk-source/ql/target/hive-exec-1.2.0-SNAPSHOT-shaded.jar [INFO] Dependency-reduced POM written at: /data/hive-ptest/working/apache-svn-trunk-source/ql/dependency-reduced-pom.xml [INFO] Dependency-reduced POM written at: /data/hive-ptest/working/apache-svn-trunk-source/ql/dependency-reduced-pom.xml [INFO] [INFO] --- maven-install-plugin:2.4:install (default-install) @ hive-exec --- [INFO] Installing /data/hive-ptest/working/apache-svn-trunk-source/ql/target/hive-exec-1.2.0-SNAPSHOT.jar to /data/hive-ptest/working/maven/org/apache/hive/hive-exec/1.2.0-SNAPSHOT/hive-exec-1.2.0-SNAPSHOT.jar [INFO] Installing /data/hive-ptest/working/apache-svn-trunk-source/ql/dependency-reduced-pom.xml to /data/hive-ptest/working/maven/org/apache/hive/hive-exec/1.2.0-SNAPSHOT/hive-exec-1.2.0-SNAPSHOT.pom [INFO] Installing /data/hive-ptest/working/apache-svn-trunk-source/ql/target/hive-exec-1.2.0-SNAPSHOT-tests.jar to /data/hive-ptest/working/maven/org/apache/hive/hive-exec/1.2.0-SNAPSHOT/hive-exec-1.2.0-SNAPSHOT-tests.jar [INFO] Installing /data/hive-ptest/working/apache-svn-trunk-source/ql/target/hive-exec-1.2.0-SNAPSHOT-core.jar to /data/hive-ptest/working/maven/org/apache/hive/hive-exec/1.2.0-SNAPSHOT/hive-exec-1.2.0-SNAPSHOT-core.jar [INFO] [INFO] ------------------------------------------------------------------------ [INFO] Building Hive Service 1.2.0-SNAPSHOT [INFO] ------------------------------------------------------------------------ [INFO] [INFO] --- maven-clean-plugin:2.5:clean (default-clean) @ hive-service --- [INFO] Deleting /data/hive-ptest/working/apache-svn-trunk-source/service (includes = [datanucleus.log, derby.log], excludes = []) [INFO] [INFO] --- maven-enforcer-plugin:1.3.1:enforce (enforce-no-snapshots) @ hive-service --- [INFO] [INFO] --- build-helper-maven-plugin:1.8:add-source (add-source) @ hive-service --- [INFO] Source directory: /data/hive-ptest/working/apache-svn-trunk-source/service/src/model added. [INFO] Source directory: /data/hive-ptest/working/apache-svn-trunk-source/service/src/gen/thrift/gen-javabean added. [INFO] [INFO] --- maven-remote-resources-plugin:1.5:process (default) @ hive-service --- [INFO] [INFO] --- maven-resources-plugin:2.6:resources (default-resources) @ hive-service --- [INFO] Using 'UTF-8' encoding to copy filtered resources. [INFO] skip non existing resourceDirectory /data/hive-ptest/working/apache-svn-trunk-source/service/src/main/resources [INFO] Copying 3 resources [INFO] [INFO] --- maven-antrun-plugin:1.7:run (define-classpath) @ hive-service --- [INFO] Executing tasks main: [INFO] Executed tasks [INFO] [INFO] --- maven-compiler-plugin:3.1:compile (default-compile) @ hive-service --- [INFO] Compiling 176 source files to /data/hive-ptest/working/apache-svn-trunk-source/service/target/classes [WARNING] /data/hive-ptest/working/apache-svn-trunk-source/service/src/java/org/apache/hive/service/cli/operation/SQLOperation.java: Some input files use or override a deprecated API. [WARNING] /data/hive-ptest/working/apache-svn-trunk-source/service/src/java/org/apache/hive/service/cli/operation/SQLOperation.java: Recompile with -Xlint:deprecation for details. [WARNING] /data/hive-ptest/working/apache-svn-trunk-source/service/src/java/org/apache/hive/service/cli/thrift/ThriftHttpServlet.java: Some input files use unchecked or unsafe operations. [WARNING] /data/hive-ptest/working/apache-svn-trunk-source/service/src/java/org/apache/hive/service/cli/thrift/ThriftHttpServlet.java: Recompile with -Xlint:unchecked for details. [INFO] [INFO] --- maven-resources-plugin:2.6:testResources (default-testResources) @ hive-service --- [INFO] Using 'UTF-8' encoding to copy filtered resources. [INFO] skip non existing resourceDirectory /data/hive-ptest/working/apache-svn-trunk-source/service/src/test/resources [INFO] Copying 3 resources [INFO] [INFO] --- maven-antrun-plugin:1.7:run (setup-test-dirs) @ hive-service --- [INFO] Executing tasks main: [mkdir] Created dir: /data/hive-ptest/working/apache-svn-trunk-source/service/target/tmp [mkdir] Created dir: /data/hive-ptest/working/apache-svn-trunk-source/service/target/warehouse [mkdir] Created dir: /data/hive-ptest/working/apache-svn-trunk-source/service/target/tmp/conf [copy] Copying 11 files to /data/hive-ptest/working/apache-svn-trunk-source/service/target/tmp/conf [INFO] Executed tasks [INFO] [INFO] --- maven-compiler-plugin:3.1:testCompile (default-testCompile) @ hive-service --- [INFO] Compiling 9 source files to /data/hive-ptest/working/apache-svn-trunk-source/service/target/test-classes [INFO] ------------------------------------------------------------- [WARNING] COMPILATION WARNING : [INFO] ------------------------------------------------------------- [WARNING] /data/hive-ptest/working/apache-svn-trunk-source/service/src/test/org/apache/hive/service/cli/TestHiveSQLException.java: Some input files use or override a deprecated API. [WARNING] /data/hive-ptest/working/apache-svn-trunk-source/service/src/test/org/apache/hive/service/cli/TestHiveSQLException.java: Recompile with -Xlint:deprecation for details. [INFO] 2 warnings [INFO] ------------------------------------------------------------- [INFO] ------------------------------------------------------------- [ERROR] COMPILATION ERROR : [INFO] ------------------------------------------------------------- [ERROR] /data/hive-ptest/working/apache-svn-trunk-source/service/src/test/org/apache/hive/service/auth/TestLdapAuthenticationProviderImpl.java:[29,4] cannot find symbol symbol: class Test location: class org.apache.hive.service.auth.TestLdapAuthenticationProviderImpl [INFO] 1 error [INFO] ------------------------------------------------------------- [INFO] ------------------------------------------------------------------------ [INFO] Reactor Summary: [INFO] [INFO] Hive .............................................. SUCCESS [11.554s] [INFO] Hive Shims Common ................................. SUCCESS [11.449s] [INFO] Hive Shims 0.20S .................................. SUCCESS [3.234s] [INFO] Hive Shims 0.23 ................................... SUCCESS [10.993s] [INFO] Hive Shims Scheduler .............................. SUCCESS [2.037s] [INFO] Hive Shims ........................................ SUCCESS [2.736s] [INFO] Hive Common ....................................... SUCCESS [26.647s] [INFO] Hive Serde ........................................ SUCCESS [17.567s] [INFO] Hive Metastore .................................... SUCCESS [35.653s] [INFO] Hive Ant Utilities ................................ SUCCESS [1.739s] [INFO] Spark Remote Client ............................... SUCCESS [24.281s] [INFO] Hive Query Language ............................... SUCCESS [1:52.865s] [INFO] Hive Service ...................................... FAILURE [5.764s] [INFO] Hive Accumulo Handler ............................. SKIPPED [INFO] Hive JDBC ......................................... SKIPPED [INFO] Hive Beeline ...................................... SKIPPED [INFO] Hive CLI .......................................... SKIPPED [INFO] Hive Contrib ...................................... SKIPPED [INFO] Hive HBase Handler ................................ SKIPPED [INFO] Hive HCatalog ..................................... SKIPPED [INFO] Hive HCatalog Core ................................ SKIPPED [INFO] Hive HCatalog Pig Adapter ......................... SKIPPED [INFO] Hive HCatalog Server Extensions ................... SKIPPED [INFO] Hive HCatalog Webhcat Java Client ................. SKIPPED [INFO] Hive HCatalog Webhcat ............................. SKIPPED [INFO] Hive HCatalog Streaming ........................... SKIPPED [INFO] Hive HWI .......................................... SKIPPED [INFO] Hive ODBC ......................................... SKIPPED [INFO] Hive Shims Aggregator ............................. SKIPPED [INFO] Hive TestUtils .................................... SKIPPED [INFO] Hive Packaging .................................... SKIPPED [INFO] ------------------------------------------------------------------------ [INFO] BUILD FAILURE [INFO] ------------------------------------------------------------------------ [INFO] Total time: 4:29.556s [INFO] Finished at: Tue Mar 17 15:00:16 EDT 2015 [INFO] Final Memory: 132M/700M [INFO] ------------------------------------------------------------------------ [ERROR] Failed to execute goal org.apache.maven.plugins:maven-compiler-plugin:3.1:testCompile (default-testCompile) on project hive-service: Compilation failure [ERROR] /data/hive-ptest/working/apache-svn-trunk-source/service/src/test/org/apache/hive/service/auth/TestLdapAuthenticationProviderImpl.java:[29,4] cannot find symbol [ERROR] symbol: class Test [ERROR] location: class org.apache.hive.service.auth.TestLdapAuthenticationProviderImpl [ERROR] -> [Help 1] [ERROR] [ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch. [ERROR] Re-run Maven using the -X switch to enable full debug logging. [ERROR] [ERROR] For more information about the errors and possible solutions, please read the following articles: [ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/MojoFailureException [ERROR] [ERROR] After correcting the problems, you can resume the build with the command [ERROR] mvn <goals> -rf :hive-service + exit 1 ' {noformat} This message is automatically generated. ATTACHMENT ID: 12705130 - PreCommit-HIVE-TRUNK-Build > Vulnerability in LdapAuthenticationProviderImpl enables HiveServer2 client to > degrade the authentication mechanism to "none", allowing authentication > without password > ---------------------------------------------------------------------------------------------------------------------------------------------------------------------- > > Key: HIVE-9934 > URL: https://issues.apache.org/jira/browse/HIVE-9934 > Project: Hive > Issue Type: Bug > Components: Security > Affects Versions: 1.1.0 > Reporter: Chao > Assignee: Chao > Attachments: HIVE-9934.1.patch, HIVE-9934.2.patch, HIVE-9934.3.patch, > HIVE-9934.3.patch, HIVE-9934.4.patch > > > Vulnerability in LdapAuthenticationProviderImpl enables HiveServer2 client to > degrade the authentication mechanism to "none", allowing authentication > without password. > See: http://docs.oracle.com/javase/jndi/tutorial/ldap/security/simple.html > “If you supply an empty string, an empty byte/char array, or null to the > Context.SECURITY_CREDENTIALS environment property, then the authentication > mechanism will be "none". This is because the LDAP requires the password to > be nonempty for simple authentication. The protocol automatically converts > the authentication to "none" if a password is not supplied.” > > Since the LdapAuthenticationProviderImpl.Authenticate method is relying on a > NamingException being thrown during creation of initial context, it does not > fail when the context result is an “unauthenticated” positive response from > the LDAP server. The end result is, one can authenticate with HiveServer2 > using the LdapAuthenticationProviderImpl with only a user name and an empty > password. -- This message was sent by Atlassian JIRA (v6.3.4#6332)