István Fajth created HDDS-5078:
----------------------------------
Summary: NPE during secure SCM initialization with HA code updated
to an already existing cluster
Key: HDDS-5078
URL: https://issues.apache.org/jira/browse/HDDS-5078
Project: Apache Ozone
Issue Type: Bug
Components: SCM HA
Reporter: István Fajth
During SCM initialization, the following causes an NPE:
StorageContainerManager#initializeCertificateClient initializes the
scmCertificateClient only if scmStorageConfig#checkPrimarySCMIdInitialized()
evaluates to true. This evaluates to true, if the VERSION file contains
primaryScmNodeId with a value.
If you upgrade an existing cluster with a single SCM to this code, the VERSION
file does not contain a primaryScmNodeId, so the scmCertificateClient remains
null.
Later the initialization code calls the
StorageContainerManager#initializeCAnSecurityProtocol method, which at the end
creates the securityProtocolServer, for the constructor call the rootCACert is
provided by calling the scmCertificateClient#getCACertificate method, but this
is a null dereference as scmCertificateClient is null.
The scmCertificateClient being null, can cause problems later as well, as it is
used multiple times unconditionally.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
