Alexey Serbin has submitted this change and it was merged. ( http://gerrit.cloudera.org:8080/19977 )
Change subject: [util] handle OpenSSL errors in JWT code ...................................................................... [util] handle OpenSSL errors in JWT code While looking at ~50% flakiness stats for the newly added JWT test, I found that the root cause of the issue was a non-handled error left at the OpenSSL's error stack. When looking at the code in jwt-util.cc, it turned out the usage of the OpenSSL API in ConvertJwkToPem() methods was a bit fragile: possible errors returned by OpenSSL functions were not properly handled. While this patch doesn't fix the flakiness in the JWT test, it addresses the issue with unhandled OpenSSL errors in the JWT wrapper code. I also updated the code to enable larger RSA and EC keys to be converted into PEM format, and detect if the provided JWK keys are too big. Change-Id: Iac5142c1dcaeec5042217e1c90f8e8770b36a670 Reviewed-on: http://gerrit.cloudera.org:8080/19799 Tested-by: Kudu Jenkins Reviewed-by: Wenzhe Zhou <[email protected]> Reviewed-by: Yuqi Du <[email protected]> Reviewed-by: Zoltan Chovan <[email protected]> Reviewed-by: Abhishek Chennaka <[email protected]> (cherry picked from commit 5a3d116f302bde07e86bf80c237f8a595d5003b4) Reviewed-on: http://gerrit.cloudera.org:8080/19977 Reviewed-by: Alexey Serbin <[email protected]> --- M src/kudu/util/jwt-util-internal.h M src/kudu/util/jwt-util.cc M src/kudu/util/jwt_test_certs.cc 3 files changed, 139 insertions(+), 105 deletions(-) Approvals: Kudu Jenkins: Verified Alexey Serbin: Looks good to me, approved -- To view, visit http://gerrit.cloudera.org:8080/19977 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: branch-1.17.x Gerrit-MessageType: merged Gerrit-Change-Id: Iac5142c1dcaeec5042217e1c90f8e8770b36a670 Gerrit-Change-Number: 19977 Gerrit-PatchSet: 3 Gerrit-Owner: Alexey Serbin <[email protected]> Gerrit-Reviewer: Abhishek Chennaka <[email protected]> Gerrit-Reviewer: Alexey Serbin <[email protected]> Gerrit-Reviewer: Kudu Jenkins (120) Gerrit-Reviewer: Wenzhe Zhou <[email protected]> Gerrit-Reviewer: Yingchun Lai <[email protected]> Gerrit-Reviewer: Yuqi Du <[email protected]> Gerrit-Reviewer: Zoltan Chovan <[email protected]>
