[
https://issues.apache.org/jira/browse/HDDS-7708?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17655618#comment-17655618
]
István Fajth commented on HDDS-7708:
------------------------------------
Hi [~ssulav],
this one was going through under my radar, but after the fact I would still
like to add a note here.
Most of the things I agree with, we should not allow negative days, and we
should not allow to have a certificate that is valid longer than the max value
that is great to add. Grace period is the same, we should not allow it to go
negative, but I believe 0 and arbitrarily large values for the grace period are
coming in handy especially for testing not for real use cases.
Two scenarios where it is handy:
- Checking renew after certificates expired. For this you would need a grace
period of 0, so any renewal can happen just after expiration for sure.
- Checking renew right after the system initialized itself. For this you would
need a longer grace period than certificate lifetime, so that certs are
renewable by the next restart that does not need to wait for anything else.
Let me know if you disagree, if you agree, then I will create a new JIRA to
ease these checks a bit.
> No check for certificate duration config scenarios
> --------------------------------------------------
>
> Key: HDDS-7708
> URL: https://issues.apache.org/jira/browse/HDDS-7708
> Project: Apache Ozone
> Issue Type: Bug
> Components: SCM
> Affects Versions: 1.3.0
> Reporter: Soumitra Sulav
> Assignee: Ashish Kumar
> Priority: Critical
> Labels: pki, pull-request-available
> Fix For: 1.4.0
>
>
> *Issue :*
> While validating the config duration with multiple negative scenarios and
> below were the observations :
> Config duration accepts 0D as the duration.
> Config duration accepts negative days -1D as the duration.
> No check was added for hdds.x509.renew.grace.duration value
> The only check available currently is for hdds.x509.default.duration not
> greater than hdds.x509.max.duration.
> The logging message is wrong and the config order is reversed.
> Scenarios Tried :
> Unnatural sequence
> Max = 0 | Def = 2 | Grace = 1 Failed
> Max = 5 | Def = 0 | Grace = 1 Restarted
> Max = 5 | Def = 2 | Grace = 0 Restarted
> Max = 5 | Def = 6 | Grace = 1 Failed
> Max = 5 | Def = 2 | Grace = 3 Restarted
> Max = 5 | Def = 2 | Grace = 6 Restarted
> Negative values
> Max = -5 | Def = 2 | Grace = 1 Failed
> Max = 5 | Def = -2 | Grace = 1 Restarted
> Max = 5 | Def = 2 | Grace = -1 Restarted
> Fractional values
> Max = 5.25 | Def = 2 | Grace = 1 Failed
> Max = 5 | Def = 2.5 | Grace = 1 Failed
> Max = 5 | Def = 2 | Grace = 1.75 Failed
> The scenarios where the restart could go through should have actually failed
> to start.
> +Error with Logging Message.+
> Scenario 1 where Max Duration is 0D and Default Duration is 2D.
> *Stacktrace :*
> [root@quasar-gvwabo-2 ~]# vim /var/log/hadoop-ozone/ozone-scm.log
> 2022-12-22 08:57:25,296 ERROR
> org.apache.hadoop.hdds.security.x509.SecurityConfig: Certificate duration
> PT0S should not be greater than Maximum Certificate duration PT48H
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
