[jira] [Work logged] (HIVE-27271) Client connection to HS2 fails when transportMode=http, ssl=true, sslTrustStore specified without trustStorePassword in the JDBC URL

[ASF GitHub Bot (Jira)]

     [ 
https://issues.apache.org/jira/browse/HIVE-27271?focusedWorklogId=858727&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-858727
 ]

ASF GitHub Bot logged work on HIVE-27271:
-----------------------------------------

                Author: ASF GitHub Bot
            Created on: 24/Apr/23 14:46
            Start Date: 24/Apr/23 14:46
    Worklog Time Spent: 10m 
      Work Description: VenuReddy2103 opened a new pull request, #4262:
URL: https://github.com/apache/hive/pull/4262

   ### What changes were proposed in this pull request?
   keyStore.load() is invoked with null password when the trustStorePassword is 
not passed in JDBC URL.
   
   
   ### Why are the changes needed?
   Client connection to HS2 fails with transportMode as http, ssl is enabled, 
sslTrustStore is specified without trustStorePassword in the JDBC URL. 
trustStorePassword is not a necessary parameter in connection URL. Connection 
can be established without it.
   
   From the javadocs 
[Link](https://docs.oracle.com/javase/7/docs/api/java/security/KeyStore.html#load(java.io.InputStream,%20char%5B%5D))
 A password may be given to unlock the keystore (e.g. the keystore resides on a 
hardware token device), or to check the integrity of the keystore data. If a 
password is not given for integrity checking, then integrity checking is not 
performed.
   
   At present, org.apache.hive.jdbc.HiveConnection#getHttpClient() access 
sslTrustStorePassword null reference(NPE) and fails.
   
   ### Does this PR introduce _any_ user-facing change?
   No
   
   ### How was this patch tested?
   Verified manually with cluster
   




Issue Time Tracking
-------------------

            Worklog Id:     (was: 858727)
    Remaining Estimate: 0h
            Time Spent: 10m

> Client connection to HS2 fails when transportMode=http, ssl=true, 
> sslTrustStore specified without trustStorePassword in the JDBC URL
> ------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: HIVE-27271
>                 URL: https://issues.apache.org/jira/browse/HIVE-27271
>             Project: Hive
>          Issue Type: Bug
>            Reporter: Venugopal Reddy K
>            Assignee: Venugopal Reddy K
>            Priority: Major
>         Attachments: image-2023-04-19-14-27-23-665.png
>
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> *[Description]*
> Client connection to HS2 fails with transportMode as http, ssl is enabled, 
> sslTrustStore is specified without trustStorePassword in the JDBC URL. Where 
> as with transportMode as binary, connection is successful without 
> trustStorePassword in the connection URL.
> trustStorePassword is not a necessary parameter in connection URL. Connection 
> can be established without it.
> From the javadocs 
> [Link|https://docs.oracle.com/javase/7/docs/api/java/security/KeyStore.html#load(java.io.InputStream,%20char%5B%5D)]
>  A password may be given to unlock the keystore (e.g. the keystore resides on 
> a hardware token device), or to check the integrity of the keystore data. If 
> a password is not given for integrity checking, then integrity checking is 
> not performed.
>  
> At present, org.apache.hive.jdbc.HiveConnection#getHttpClient() access 
> sslTrustStorePassword null reference and fails as shown below:
> !image-2023-04-19-14-27-23-665.png!
>  
> *[Steps to reproduce]*
> {code:java}
> kvenureddy@192 apache-hive-3.1.3000.2023.0.15.0-SNAPSHOT-bin % bin/beeline -u 
> "jdbc:hive2://kvrtls-1.kvrtls.root.hwx.site:10001/default;ssl=true;sslTrustStore=/Users/kvenureddy/code/hive/cloudera/hive/packaging/target/apache-hive-3.1.3000.2023.0.15.0-SNAPSHOT-bin/apache-hive-3.1.3000.2023.0.15.0-SNAPSHOT-bin/cm-auto-global_truststore.jks;transportMode=http;httpPath=cliservice;"
> Error: Could not open client transport with JDBC Uri: 
> jdbc:hive2://kvrtls-1.kvrtls.root.hwx.site:10001/default;ssl=true;sslTrustStore=/Users/kvenureddy/code/hive/cloudera/hive/packaging/target/apache-hive-3.1.3000.2023.0.15.0-SNAPSHOT-bin/apache-hive-3.1.3000.2023.0.15.0-SNAPSHOT-bin/cm-auto-global_truststore.jks;transportMode=http;httpPath=cliservice;:
>  Could not create an https connection to 
> jdbc:hive2://kvrtls-1.kvrtls.root.hwx.site:10001/default;ssl=true;sslTrustStore=/Users/kvenureddy/code/hive/cloudera/hive/packaging/target/apache-hive-3.1.3000.2023.0.15.0-SNAPSHOT-bin/apache-hive-3.1.3000.2023.0.15.0-SNAPSHOT-bin/cm-auto-global_truststore.jks;transportMode=http;httpPath=cliservice;.
>  null (state=08S01,code=0)
> kvenureddy@192 apache-hive-3.1.3000.2023.0.15.0-SNAPSHOT-bin % 
> {code}
>  



--
This message was sent by Atlassian Jira
(v8.20.10#820010)