[jira] [Created] (ZOOKEEPER-2699) Restrict 4lw commands based on client IP

[Mohammad Arshad (JIRA)]

Mohammad Arshad created ZOOKEEPER-2699:
--

 Summary: Restrict 4lw commands based on client IP
 Key: ZOOKEEPER-2699
 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2699
 Project: ZooKeeper
  Issue Type: Bug
  Components: security, server
Reporter: Mohammad Arshad
Assignee: Mohammad Arshad


Currently 4lw commands are executed without authentication and can be accessed 
from any IP which has access to ZooKeeper server. ZOOKEEPER-2693 attempts to 
limit the 4lw commands which are enabled by default or enabled by configuration.

In addition to ZOOKEEPER-2693 we should also restrict 4lw commands based on 
client IP as well. It is required for following scenario
# User wants to enable all the 4lw commands
# User wants to limit the access of the commands which are considered to be 
safe by default.
 
*Implementation:*
we can introduce new property 4lw.commands.host.whitelist
# By default we allow all the hosts, but off course only on the 4lw exposed 
commands as per the ZOOKEEPER-2693
# It can be configured to allow individual IPs(192.168.1.2,192.168.1.3 etc.)
# It can also be configured to allow group of IPs like 192.168.1.*



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

ZooKeeper_branch34_jdk7 - Build # 1410 - Still Failing

[Apache Jenkins Server]

See https://builds.apache.org/job/ZooKeeper_branch34_jdk7/1410/

###
## LAST 60 LINES OF THE CONSOLE 
###
[...truncated 28 lines...]
[junit] 2017-02-17 02:42:09,201 [myid:] - INFO  
[main:SessionTrackerImpl@225] - Shutting down
[junit] 2017-02-17 02:42:09,201 [myid:] - INFO  
[main:PrepRequestProcessor@764] - Shutting down
[junit] 2017-02-17 02:42:09,201 [myid:] - INFO  
[main:SyncRequestProcessor@208] - Shutting down
[junit] 2017-02-17 02:42:09,202 [myid:] - INFO  
[SyncThread:0:SyncRequestProcessor@186] - SyncRequestProcessor exited!
[junit] 2017-02-17 02:42:09,202 [myid:] - INFO  
[main:FinalRequestProcessor@402] - shutdown of request processor complete
[junit] 2017-02-17 02:42:09,203 [myid:] - INFO  
[main:FourLetterWordMain@62] - connecting to 127.0.0.1 11221
[junit] 2017-02-17 02:42:09,204 [myid:] - INFO  [main:JMXEnv@147] - 
ensureOnly:[]
[junit] 2017-02-17 02:42:09,204 [myid:] - INFO  [ProcessThread(sid:0 
cport:11221)::PrepRequestProcessor@143] - PrepRequestProcessor exited loop!
[junit] 2017-02-17 02:42:09,209 [myid:] - INFO  [main:ClientBase@445] - 
STARTING server
[junit] 2017-02-17 02:42:09,209 [myid:] - INFO  [main:ClientBase@366] - 
CREATING server instance 127.0.0.1:11221
[junit] 2017-02-17 02:42:09,210 [myid:] - INFO  
[main:NIOServerCnxnFactory@89] - binding to port 0.0.0.0/0.0.0.0:11221
[junit] 2017-02-17 02:42:09,210 [myid:] - INFO  [main:ClientBase@341] - 
STARTING server instance 127.0.0.1:11221
[junit] 2017-02-17 02:42:09,210 [myid:] - INFO  [main:ZooKeeperServer@173] 
- Created server with tickTime 3000 minSessionTimeout 6000 maxSessionTimeout 
6 datadir 
/home/jenkins/jenkins-slave/workspace/ZooKeeper_branch34_jdk7/build/test/tmp/test5375243551277146134.junit.dir/version-2
 snapdir 
/home/jenkins/jenkins-slave/workspace/ZooKeeper_branch34_jdk7/build/test/tmp/test5375243551277146134.junit.dir/version-2
[junit] 2017-02-17 02:42:09,214 [myid:] - ERROR [main:ZooKeeperServer@472] 
- ZKShutdownHandler is not registered, so ZooKeeper server won't take any 
action on ERROR or SHUTDOWN server state changes
[junit] 2017-02-17 02:42:09,214 [myid:] - INFO  
[main:FourLetterWordMain@62] - connecting to 127.0.0.1 11221
[junit] 2017-02-17 02:42:09,214 [myid:] - INFO  
[NIOServerCxn.Factory:0.0.0.0/0.0.0.0:11221:NIOServerCnxnFactory@192] - 
Accepted socket connection from /127.0.0.1:52976
[junit] 2017-02-17 02:42:09,215 [myid:] - INFO  
[NIOServerCxn.Factory:0.0.0.0/0.0.0.0:11221:NIOServerCnxn@838] - Processing 
stat command from /127.0.0.1:52976
[junit] 2017-02-17 02:42:09,215 [myid:] - INFO  
[Thread-4:NIOServerCnxn$StatCommand@674] - Stat command output
[junit] 2017-02-17 02:42:09,216 [myid:] - INFO  
[Thread-4:NIOServerCnxn@1019] - Closed socket connection for client 
/127.0.0.1:52976 (no session established for client)
[junit] 2017-02-17 02:42:09,216 [myid:] - INFO  [main:JMXEnv@230] - 
ensureParent:[InMemoryDataTree, StandaloneServer_port]
[junit] 2017-02-17 02:42:09,218 [myid:] - INFO  [main:JMXEnv@247] - 
expect:InMemoryDataTree
[junit] 2017-02-17 02:42:09,218 [myid:] - INFO  [main:JMXEnv@251] - 
found:InMemoryDataTree 
org.apache.ZooKeeperService:name0=StandaloneServer_port11221,name1=InMemoryDataTree
[junit] 2017-02-17 02:42:09,218 [myid:] - INFO  [main:JMXEnv@247] - 
expect:StandaloneServer_port
[junit] 2017-02-17 02:42:09,218 [myid:] - INFO  [main:JMXEnv@251] - 
found:StandaloneServer_port 
org.apache.ZooKeeperService:name0=StandaloneServer_port11221
[junit] 2017-02-17 02:42:09,219 [myid:] - INFO  
[main:JUnit4ZKTestRunner$LoggedInvokeMethod@58] - Memory used 35674
[junit] 2017-02-17 02:42:09,219 [myid:] - INFO  
[main:JUnit4ZKTestRunner$LoggedInvokeMethod@63] - Number of threads 20
[junit] 2017-02-17 02:42:09,219 [myid:] - INFO  
[main:JUnit4ZKTestRunner$LoggedInvokeMethod@78] - FINISHED TEST METHOD testQuota
[junit] 2017-02-17 02:42:09,219 [myid:] - INFO  [main:ClientBase@522] - 
tearDown starting
[junit] 2017-02-17 02:42:09,281 [myid:] - INFO  [main:ZooKeeper@684] - 
Session: 0x15a49f2bbf5 closed
[junit] 2017-02-17 02:42:09,282 [myid:] - INFO  [main:ClientBase@492] - 
STOPPING server
[junit] 2017-02-17 02:42:09,282 [myid:] - INFO  
[main-EventThread:ClientCnxn$EventThread@519] - EventThread shut down for 
session: 0x15a49f2bbf5
[junit] 2017-02-17 02:42:09,282 [myid:] - INFO  
[NIOServerCxn.Factory:0.0.0.0/0.0.0.0:11221:NIOServerCnxnFactory@219] - 
NIOServerCnxn factory exited run method
[junit] 2017-02-17 02:42:09,286 [myid:] - INFO  [main:ZooKeeperServer@505] 
- shutting down
[junit] 2017-02-17 02:42:09,287 [myid:] - ERROR [main:ZooKeeperServer@472] 
- ZKShutdownHandler is not registered, so ZooKeeper server won't take any 
action on ERROR or SHUTDOWN server state changes
[junit] 2017-02-17 

[GitHub] zookeeper issue #173: ZOOKEEPER-2691: recreateSocketAddresses may recreate t...

[JiangJiafu]

Github user JiangJiafu commented on the issue:

https://github.com/apache/zookeeper/pull/173
  
Hi, @hanm , do you mean that you will merge ZOOKEEPER-2691 and 
ZOOKEEPER-2184 to solve the problem later? If so, may I ask will the problem be 
solved in version zokkeper 3.4.10? 


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[jira] [Commented] (ZOOKEEPER-2691) recreateSocketAddresses may recreate the unreachable IP address

[ASF GitHub Bot (JIRA)]

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2691?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15871005#comment-15871005
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2691:
---

Github user JiangJiafu commented on the issue:

https://github.com/apache/zookeeper/pull/173
  
Hi, @hanm , do you mean that you will merge ZOOKEEPER-2691 and 
ZOOKEEPER-2184 to solve the problem later? If so, may I ask will the problem be 
solved in version zokkeper 3.4.10? 


> recreateSocketAddresses may recreate the unreachable IP address
> ---
>
> Key: ZOOKEEPER-2691
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2691
> Project: ZooKeeper
>  Issue Type: Bug
>Affects Versions: 3.4.8
> Environment: Centos6.5
> Java8
> ZooKeeper3.4.8
>Reporter: JiangJiafu
>Priority: Minor
>
> The QuorumPeer$QuorumServer.recreateSocketAddress()  is used to resolved the 
> hostname to a new IP address(InetAddress) when any exception happens to the 
> socket. It will be very useful when a hostname can be resolved to more than 
> one IP address.
> But the problem is Java API InetAddress.getByName(String hostname) will 
> always return the first IP address when the hostname can be resolved to more 
> than one IP address, and the first IP address may be unreachable forever. For 
> example, if a machine has two network interfaces: eth0, eth1, say eth0 has 
> ip1, eth1 has ip2, the relationship between hostname and the IP addresses is 
> set in /etc/hosts. When I "close" the eth0 by command "ifdown eth0", the 
> InetAddress.getByName(String hostname)  will still return ip1, which is 
> unreachable forever.
> So I think it will be better to check the IP address by 
> InetAddress.isReachable(long) and choose the reachable IP address. 
> I have modified the ZooKeeper source code, and test the new code in my own 
> environment, and it can work very well when I turn down some network 
> interfaces using "ifdown" command.
> The original code is:
> {code:title=QuorumPeer.java|borderStyle=solid}
> public void recreateSocketAddresses() {
> InetAddress address = null;
> try {
> address = InetAddress.getByName(this.hostname);
> LOG.info("Resolved hostname: {} to address: {}", 
> this.hostname, address);
> this.addr = new InetSocketAddress(address, this.port);
> if (this.electionPort > 0){
> this.electionAddr = new InetSocketAddress(address, 
> this.electionPort);
> }
> } catch (UnknownHostException ex) {
> LOG.warn("Failed to resolve address: {}", this.hostname, ex);
> // Have we succeeded in the past?
> if (this.addr != null) {
> // Yes, previously the lookup succeeded. Leave things as 
> they are
> return;
> }
> // The hostname has never resolved. Create our 
> InetSocketAddress(es) as unresolved
> this.addr = InetSocketAddress.createUnresolved(this.hostname, 
> this.port);
> if (this.electionPort > 0){
> this.electionAddr = 
> InetSocketAddress.createUnresolved(this.hostname,
>
> this.electionPort);
> }
> }
> }
> {code}
> After my modification:
> {code:title=QuorumPeer.java|borderStyle=solid}
> public void recreateSocketAddresses() {
> InetAddress address = null;
> try {
> address = getReachableAddress(this.hostname);
> LOG.info("Resolved hostname: {} to address: {}", 
> this.hostname, address);
> this.addr = new InetSocketAddress(address, this.port);
> if (this.electionPort > 0){
> this.electionAddr = new InetSocketAddress(address, 
> this.electionPort);
> }
> } catch (UnknownHostException ex) {
> LOG.warn("Failed to resolve address: {}", this.hostname, ex);
> // Have we succeeded in the past?
> if (this.addr != null) {
> // Yes, previously the lookup succeeded. Leave things as 
> they are
> return;
> }
> // The hostname has never resolved. Create our 
> InetSocketAddress(es) as unresolved
> this.addr = InetSocketAddress.createUnresolved(this.hostname, 
> this.port);
> if (this.electionPort > 0){
> this.electionAddr = 
> InetSocketAddress.createUnresolved(this.hostname,
>
> this.electionPort);
> }
>  

[jira] [Commented] (ZOOKEEPER-2684) Fix a crashing bug in the mixed workloads commit processor

[Ryan Zhang (JIRA)]

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2684?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15871003#comment-15871003
 ] 

Ryan Zhang commented on ZOOKEEPER-2684:
---

That's what I thought too. I submitted the new change but the test failed at 
random places. How can I rekick this build?


> Fix a crashing bug in the mixed workloads commit processor
> --
>
> Key: ZOOKEEPER-2684
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2684
> Project: ZooKeeper
>  Issue Type: Bug
>  Components: server
>Affects Versions: 3.6.0
> Environment: with pretty heavy load on a real cluster
>Reporter: Ryan Zhang
>Assignee: Ryan Zhang
>Priority: Blocker
> Attachments: ZOOKEEPER-2684.patch
>
>
> We deployed our build with ZOOKEEPER-2024 and it quickly started to crash 
> with the following error
> atla-buh-05-sr1.prod.twttr.net: 2017-01-18 22:24:42,305 - ERROR 
> [CommitProcessor:2] 
> -org.apache.zookeeper.server.quorum.CommitProcessor.run(CommitProcessor.java:268)
>  – Got cxid 0x119fa expected 0x11fc5 for client session id 1009079ba470055
> atla-buh-05-sr1.prod.twttr.net: 2017-01-18 22:32:04,746 - ERROR 
> [CommitProcessor:2] 
> -org.apache.zookeeper.server.quorum.CommitProcessor.run(CommitProcessor.java:268)
>  – Got cxid 0x698 expected 0x928 for client session id 4002eeb3fd0009d
> atla-buh-05-sr1.prod.twttr.net: 2017-01-18 22:34:46,648 - ERROR 
> [CommitProcessor:2] 
> -org.apache.zookeeper.server.quorum.CommitProcessor.run(CommitProcessor.java:268)
>  – Got cxid 0x8904 expected 0x8f34 for client session id 51b8905c90251
> atla-buh-05-sr1.prod.twttr.net: 2017-01-18 22:43:46,834 - ERROR 
> [CommitProcessor:2] 
> -org.apache.zookeeper.server.quorum.CommitProcessor.run(CommitProcessor.java:268)
>  – Got cxid 0x3a8d expected 0x3ebc for client session id 2051af11af900cc
> clearly something is not right in the new commit processor per session queue 
> implementation.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[GitHub] zookeeper issue #167: commitProcessor does not crash when an unseen commit s...

[nerdyyatrice]

Github user nerdyyatrice commented on the issue:

https://github.com/apache/zookeeper/pull/167
  
How can I rekick this build? The test failed at random places


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[jira] [Commented] (ZOOKEEPER-2693) DOS attack on wchp/wchc four letter words (4lw)

[ASF GitHub Bot (JIRA)]

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2693?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15870997#comment-15870997
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2693:
---

Github user eribeiro commented on the issue:

https://github.com/apache/zookeeper/pull/179
  
+1. Great work, @hanm. Congrats.


> DOS attack on wchp/wchc four letter words (4lw)
> ---
>
> Key: ZOOKEEPER-2693
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2693
> Project: ZooKeeper
>  Issue Type: Bug
>  Components: security, server
>Affects Versions: 3.4.0, 3.5.1, 3.5.2
>Reporter: Patrick Hunt
>Assignee: Michael Han
>Priority: Blocker
> Fix For: 3.4.10, 3.5.3
>
>
> The wchp/wchc four letter words can be exploited in a DOS attack on the ZK 
> client port - typically 2181. The following POC attack was recently published 
> on the web:
> https://webcache.googleusercontent.com/search?q=cache:_CNGIz10PRYJ:https://www.exploit-db.com/exploits/41277/+=14=en=clnk=us
> The most straightforward way to block this attack is to not allow access to 
> the client port to non-trusted clients - i.e. firewall the ZooKeeper service 
> and only allow access to trusted applications using it for coordination.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[GitHub] zookeeper issue #179: ZOOKEEPER-2693: DOS attack on wchp/wchc four letter wo...

[eribeiro]

Github user eribeiro commented on the issue:

https://github.com/apache/zookeeper/pull/179
  
+1. Great work, @hanm. Congrats.


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[GitHub] zookeeper pull request #179: ZOOKEEPER-2693: DOS attack on wchp/wchc four le...

[eribeiro]

Github user eribeiro commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101667879
  
--- Diff: 
src/java/main/org/apache/zookeeper/server/command/FourLetterCommands.java ---
@@ -153,13 +155,33 @@
  */
 public final static int telnetCloseCmd = 0xfff4fffd;
 
-final static HashMap cmd2String =
-new HashMap();
+private static final String ZOOKEEPER_4LW_COMMANDS_WHITELIST = 
"zookeeper.4lw.commands.whitelist";
+
+final static Map cmd2String = new HashMap();
+
+final static Set whiteListedCommands = new HashSet();
 
 public static Map getCmdMapView() {
 return Collections.unmodifiableMap(cmd2String);
 }
 
+// ZOOKEEPER-2693: Only allow white listed commands.
+public static Set getWhiteListedCmdView() {
--- End diff --

Yeah, you right. 


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[jira] [Commented] (ZOOKEEPER-2693) DOS attack on wchp/wchc four letter words (4lw)

[ASF GitHub Bot (JIRA)]

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2693?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15870993#comment-15870993
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2693:
---

Github user eribeiro commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101667879
  
--- Diff: 
src/java/main/org/apache/zookeeper/server/command/FourLetterCommands.java ---
@@ -153,13 +155,33 @@
  */
 public final static int telnetCloseCmd = 0xfff4fffd;
 
-final static HashMap cmd2String =
-new HashMap();
+private static final String ZOOKEEPER_4LW_COMMANDS_WHITELIST = 
"zookeeper.4lw.commands.whitelist";
+
+final static Map cmd2String = new HashMap();
+
+final static Set whiteListedCommands = new HashSet();
 
 public static Map getCmdMapView() {
 return Collections.unmodifiableMap(cmd2String);
 }
 
+// ZOOKEEPER-2693: Only allow white listed commands.
+public static Set getWhiteListedCmdView() {
--- End diff --

Yeah, you right. 


> DOS attack on wchp/wchc four letter words (4lw)
> ---
>
> Key: ZOOKEEPER-2693
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2693
> Project: ZooKeeper
>  Issue Type: Bug
>  Components: security, server
>Affects Versions: 3.4.0, 3.5.1, 3.5.2
>Reporter: Patrick Hunt
>Assignee: Michael Han
>Priority: Blocker
> Fix For: 3.4.10, 3.5.3
>
>
> The wchp/wchc four letter words can be exploited in a DOS attack on the ZK 
> client port - typically 2181. The following POC attack was recently published 
> on the web:
> https://webcache.googleusercontent.com/search?q=cache:_CNGIz10PRYJ:https://www.exploit-db.com/exploits/41277/+=14=en=clnk=us
> The most straightforward way to block this attack is to not allow access to 
> the client port to non-trusted clients - i.e. firewall the ZooKeeper service 
> and only allow access to trusted applications using it for coordination.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Commented] (ZOOKEEPER-2691) recreateSocketAddresses may recreate the unreachable IP address

[ASF GitHub Bot (JIRA)]

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2691?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15870909#comment-15870909
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2691:
---

Github user afine commented on the issue:

https://github.com/apache/zookeeper/pull/173
  
nit: would this change be worth documenting?

Otherwise, +1.


> recreateSocketAddresses may recreate the unreachable IP address
> ---
>
> Key: ZOOKEEPER-2691
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2691
> Project: ZooKeeper
>  Issue Type: Bug
>Affects Versions: 3.4.8
> Environment: Centos6.5
> Java8
> ZooKeeper3.4.8
>Reporter: JiangJiafu
>Priority: Minor
>
> The QuorumPeer$QuorumServer.recreateSocketAddress()  is used to resolved the 
> hostname to a new IP address(InetAddress) when any exception happens to the 
> socket. It will be very useful when a hostname can be resolved to more than 
> one IP address.
> But the problem is Java API InetAddress.getByName(String hostname) will 
> always return the first IP address when the hostname can be resolved to more 
> than one IP address, and the first IP address may be unreachable forever. For 
> example, if a machine has two network interfaces: eth0, eth1, say eth0 has 
> ip1, eth1 has ip2, the relationship between hostname and the IP addresses is 
> set in /etc/hosts. When I "close" the eth0 by command "ifdown eth0", the 
> InetAddress.getByName(String hostname)  will still return ip1, which is 
> unreachable forever.
> So I think it will be better to check the IP address by 
> InetAddress.isReachable(long) and choose the reachable IP address. 
> I have modified the ZooKeeper source code, and test the new code in my own 
> environment, and it can work very well when I turn down some network 
> interfaces using "ifdown" command.
> The original code is:
> {code:title=QuorumPeer.java|borderStyle=solid}
> public void recreateSocketAddresses() {
> InetAddress address = null;
> try {
> address = InetAddress.getByName(this.hostname);
> LOG.info("Resolved hostname: {} to address: {}", 
> this.hostname, address);
> this.addr = new InetSocketAddress(address, this.port);
> if (this.electionPort > 0){
> this.electionAddr = new InetSocketAddress(address, 
> this.electionPort);
> }
> } catch (UnknownHostException ex) {
> LOG.warn("Failed to resolve address: {}", this.hostname, ex);
> // Have we succeeded in the past?
> if (this.addr != null) {
> // Yes, previously the lookup succeeded. Leave things as 
> they are
> return;
> }
> // The hostname has never resolved. Create our 
> InetSocketAddress(es) as unresolved
> this.addr = InetSocketAddress.createUnresolved(this.hostname, 
> this.port);
> if (this.electionPort > 0){
> this.electionAddr = 
> InetSocketAddress.createUnresolved(this.hostname,
>
> this.electionPort);
> }
> }
> }
> {code}
> After my modification:
> {code:title=QuorumPeer.java|borderStyle=solid}
> public void recreateSocketAddresses() {
> InetAddress address = null;
> try {
> address = getReachableAddress(this.hostname);
> LOG.info("Resolved hostname: {} to address: {}", 
> this.hostname, address);
> this.addr = new InetSocketAddress(address, this.port);
> if (this.electionPort > 0){
> this.electionAddr = new InetSocketAddress(address, 
> this.electionPort);
> }
> } catch (UnknownHostException ex) {
> LOG.warn("Failed to resolve address: {}", this.hostname, ex);
> // Have we succeeded in the past?
> if (this.addr != null) {
> // Yes, previously the lookup succeeded. Leave things as 
> they are
> return;
> }
> // The hostname has never resolved. Create our 
> InetSocketAddress(es) as unresolved
> this.addr = InetSocketAddress.createUnresolved(this.hostname, 
> this.port);
> if (this.electionPort > 0){
> this.electionAddr = 
> InetSocketAddress.createUnresolved(this.hostname,
>
> this.electionPort);
> }
> }
> }
> public InetAddress getReachableAddress(String hostname) throws 
> UnknownHostException {

[GitHub] zookeeper issue #173: ZOOKEEPER-2691: recreateSocketAddresses may recreate t...

[afine]

Github user afine commented on the issue:

https://github.com/apache/zookeeper/pull/173
  
nit: would this change be worth documenting?

Otherwise, +1.


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

Failed: ZOOKEEPER- PreCommit Build #347

[Apache Jenkins Server]

Build: https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/347/

###
## LAST 60 LINES OF THE CONSOLE 
###
[...truncated 473380 lines...]
 [exec] +1 tests included.  The patch appears to include 3 new or 
modified tests.
 [exec] 
 [exec] +1 javadoc.  The javadoc tool did not generate any warning 
messages.
 [exec] 
 [exec] +1 javac.  The applied patch does not increase the total number 
of javac compiler warnings.
 [exec] 
 [exec] +1 findbugs.  The patch does not introduce any new Findbugs 
(version 3.0.1) warnings.
 [exec] 
 [exec] +1 release audit.  The applied patch does not increase the 
total number of release audit warnings.
 [exec] 
 [exec] -1 core tests.  The patch failed core unit tests.
 [exec] 
 [exec] +1 contrib tests.  The patch passed contrib unit tests.
 [exec] 
 [exec] Test results: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/347//testReport/
 [exec] Findbugs warnings: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/347//artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html
 [exec] Console output: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/347//console
 [exec] 
 [exec] This message is automatically generated.
 [exec] 
 [exec] 
 [exec] 
==
 [exec] 
==
 [exec] Adding comment to Jira.
 [exec] 
==
 [exec] 
==
 [exec] 
 [exec] 
 [exec] Error: No value specified for option "issue"
 [exec] 4ed325ede729b0a45155ef91e95d9d264211f2c4 logged out
 [exec] 
 [exec] 
 [exec] 
==
 [exec] 
==
 [exec] Finished build.
 [exec] 
==
 [exec] 
==
 [exec] 
 [exec] 
 [exec] mv: 
‘/home/jenkins/jenkins-slave/workspace/PreCommit-ZOOKEEPER-github-pr-build/patchprocess’
 and 
‘/home/jenkins/jenkins-slave/workspace/PreCommit-ZOOKEEPER-github-pr-build/patchprocess’
 are the same file

BUILD FAILED
/home/jenkins/jenkins-slave/workspace/PreCommit-ZOOKEEPER-github-pr-build/build.xml:1635:
 exec returned: 1

Total time: 13 minutes 17 seconds
Build step 'Execute shell' marked build as failure
Archiving artifacts
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Compressed 575.39 KB of artifacts by 61.2% relative to #337
Recording test results
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
[description-setter] Could not determine description.
Putting comment on the pull request
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Email was triggered for: Failure - Any
Sending email for trigger: Failure - Any
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7



###
## FAILED TESTS (if any) 
##
1 tests failed.
FAILED:  
org.apache.zookeeper.server.quorum.ReconfigRecoveryTest.testCurrentServersAreObserversInNextConfig

Error Message:
waiting for server 3 being up

Stack Trace:
junit.framework.AssertionFailedError: waiting for server 3 being up
at 
org.apache.zookeeper.server.quorum.ReconfigRecoveryTest.testCurrentServersAreObserversInNextConfig(ReconfigRecoveryTest.java:217)
at 
org.apache.zookeeper.JUnit4ZKTestRunner$LoggedInvokeMethod.evaluate(JUnit4ZKTestRunner.java:79)

[jira] [Commented] (ZOOKEEPER-2691) recreateSocketAddresses may recreate the unreachable IP address

[ASF GitHub Bot (JIRA)]

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2691?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15870905#comment-15870905
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2691:
---

Github user afine commented on the issue:

https://github.com/apache/zookeeper/pull/173
  
sure, one is on the client and one is on the server but I do not think that 
means the problem is inherently different. 

I think it would be fair to say that both pr's revolve around what to do 
when the answer we select from dns is not one that we could use (they both 
revolve around calls to `InetAddress.getAllByName`). This patch description is 
framed in a way where we are assuming there is a list of possible ip addresses 
for some hostname and we just need to find one that is working. Nevertheless, 
this patch should work when the address the hostname resolves to changes 
entirely. 

Likewise, ZOOKEEPER-2184 should handle the "first record doesn't work" 
issue you are solving here. 

I think it may be valuable to have some shared code that effectively deals 
with mapping ip addresses to hostnames. 

After an offline discussion with @hanm we concluded that this may be good 
to look into after both 2691 and 2184 are merged in.



> recreateSocketAddresses may recreate the unreachable IP address
> ---
>
> Key: ZOOKEEPER-2691
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2691
> Project: ZooKeeper
>  Issue Type: Bug
>Affects Versions: 3.4.8
> Environment: Centos6.5
> Java8
> ZooKeeper3.4.8
>Reporter: JiangJiafu
>Priority: Minor
>
> The QuorumPeer$QuorumServer.recreateSocketAddress()  is used to resolved the 
> hostname to a new IP address(InetAddress) when any exception happens to the 
> socket. It will be very useful when a hostname can be resolved to more than 
> one IP address.
> But the problem is Java API InetAddress.getByName(String hostname) will 
> always return the first IP address when the hostname can be resolved to more 
> than one IP address, and the first IP address may be unreachable forever. For 
> example, if a machine has two network interfaces: eth0, eth1, say eth0 has 
> ip1, eth1 has ip2, the relationship between hostname and the IP addresses is 
> set in /etc/hosts. When I "close" the eth0 by command "ifdown eth0", the 
> InetAddress.getByName(String hostname)  will still return ip1, which is 
> unreachable forever.
> So I think it will be better to check the IP address by 
> InetAddress.isReachable(long) and choose the reachable IP address. 
> I have modified the ZooKeeper source code, and test the new code in my own 
> environment, and it can work very well when I turn down some network 
> interfaces using "ifdown" command.
> The original code is:
> {code:title=QuorumPeer.java|borderStyle=solid}
> public void recreateSocketAddresses() {
> InetAddress address = null;
> try {
> address = InetAddress.getByName(this.hostname);
> LOG.info("Resolved hostname: {} to address: {}", 
> this.hostname, address);
> this.addr = new InetSocketAddress(address, this.port);
> if (this.electionPort > 0){
> this.electionAddr = new InetSocketAddress(address, 
> this.electionPort);
> }
> } catch (UnknownHostException ex) {
> LOG.warn("Failed to resolve address: {}", this.hostname, ex);
> // Have we succeeded in the past?
> if (this.addr != null) {
> // Yes, previously the lookup succeeded. Leave things as 
> they are
> return;
> }
> // The hostname has never resolved. Create our 
> InetSocketAddress(es) as unresolved
> this.addr = InetSocketAddress.createUnresolved(this.hostname, 
> this.port);
> if (this.electionPort > 0){
> this.electionAddr = 
> InetSocketAddress.createUnresolved(this.hostname,
>
> this.electionPort);
> }
> }
> }
> {code}
> After my modification:
> {code:title=QuorumPeer.java|borderStyle=solid}
> public void recreateSocketAddresses() {
> InetAddress address = null;
> try {
> address = getReachableAddress(this.hostname);
> LOG.info("Resolved hostname: {} to address: {}", 
> this.hostname, address);
> this.addr = new InetSocketAddress(address, this.port);
> if (this.electionPort > 0){
> this.electionAddr = new InetSocketAddress(address, 
> this.electionPort);
> }
> } catch (UnknownHostException 

[jira] [Commented] (ZOOKEEPER-2691) recreateSocketAddresses may recreate the unreachable IP address

[ASF GitHub Bot (JIRA)]

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2691?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15870904#comment-15870904
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2691:
---

Github user hanm commented on the issue:

https://github.com/apache/zookeeper/pull/173
  
>> on the surface this pr reminds me of ZOOKEEPER-2184, wondering if some 
of the logic can be shared?

I had a chat with @afine offline again about this and I think Abe had a 
good point of view of both problems at a higher level - they are not resolving 
exact same problem but there is an opportunity that we could do some 
refactoring and code sharing regarding effectively map between usable IP and 
host names. This improvement could be done later though given the current many 
things in flight status to reduce the risk of this PR being stale...


> recreateSocketAddresses may recreate the unreachable IP address
> ---
>
> Key: ZOOKEEPER-2691
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2691
> Project: ZooKeeper
>  Issue Type: Bug
>Affects Versions: 3.4.8
> Environment: Centos6.5
> Java8
> ZooKeeper3.4.8
>Reporter: JiangJiafu
>Priority: Minor
>
> The QuorumPeer$QuorumServer.recreateSocketAddress()  is used to resolved the 
> hostname to a new IP address(InetAddress) when any exception happens to the 
> socket. It will be very useful when a hostname can be resolved to more than 
> one IP address.
> But the problem is Java API InetAddress.getByName(String hostname) will 
> always return the first IP address when the hostname can be resolved to more 
> than one IP address, and the first IP address may be unreachable forever. For 
> example, if a machine has two network interfaces: eth0, eth1, say eth0 has 
> ip1, eth1 has ip2, the relationship between hostname and the IP addresses is 
> set in /etc/hosts. When I "close" the eth0 by command "ifdown eth0", the 
> InetAddress.getByName(String hostname)  will still return ip1, which is 
> unreachable forever.
> So I think it will be better to check the IP address by 
> InetAddress.isReachable(long) and choose the reachable IP address. 
> I have modified the ZooKeeper source code, and test the new code in my own 
> environment, and it can work very well when I turn down some network 
> interfaces using "ifdown" command.
> The original code is:
> {code:title=QuorumPeer.java|borderStyle=solid}
> public void recreateSocketAddresses() {
> InetAddress address = null;
> try {
> address = InetAddress.getByName(this.hostname);
> LOG.info("Resolved hostname: {} to address: {}", 
> this.hostname, address);
> this.addr = new InetSocketAddress(address, this.port);
> if (this.electionPort > 0){
> this.electionAddr = new InetSocketAddress(address, 
> this.electionPort);
> }
> } catch (UnknownHostException ex) {
> LOG.warn("Failed to resolve address: {}", this.hostname, ex);
> // Have we succeeded in the past?
> if (this.addr != null) {
> // Yes, previously the lookup succeeded. Leave things as 
> they are
> return;
> }
> // The hostname has never resolved. Create our 
> InetSocketAddress(es) as unresolved
> this.addr = InetSocketAddress.createUnresolved(this.hostname, 
> this.port);
> if (this.electionPort > 0){
> this.electionAddr = 
> InetSocketAddress.createUnresolved(this.hostname,
>
> this.electionPort);
> }
> }
> }
> {code}
> After my modification:
> {code:title=QuorumPeer.java|borderStyle=solid}
> public void recreateSocketAddresses() {
> InetAddress address = null;
> try {
> address = getReachableAddress(this.hostname);
> LOG.info("Resolved hostname: {} to address: {}", 
> this.hostname, address);
> this.addr = new InetSocketAddress(address, this.port);
> if (this.electionPort > 0){
> this.electionAddr = new InetSocketAddress(address, 
> this.electionPort);
> }
> } catch (UnknownHostException ex) {
> LOG.warn("Failed to resolve address: {}", this.hostname, ex);
> // Have we succeeded in the past?
> if (this.addr != null) {
> // Yes, previously the lookup succeeded. Leave things as 
> they are
> return;
> }
> // The hostname has never resolved. Create our 
> InetSocketAddress(es) as 

[GitHub] zookeeper issue #173: ZOOKEEPER-2691: recreateSocketAddresses may recreate t...

[afine]

Github user afine commented on the issue:

https://github.com/apache/zookeeper/pull/173
  
sure, one is on the client and one is on the server but I do not think that 
means the problem is inherently different. 

I think it would be fair to say that both pr's revolve around what to do 
when the answer we select from dns is not one that we could use (they both 
revolve around calls to `InetAddress.getAllByName`). This patch description is 
framed in a way where we are assuming there is a list of possible ip addresses 
for some hostname and we just need to find one that is working. Nevertheless, 
this patch should work when the address the hostname resolves to changes 
entirely. 

Likewise, ZOOKEEPER-2184 should handle the "first record doesn't work" 
issue you are solving here. 

I think it may be valuable to have some shared code that effectively deals 
with mapping ip addresses to hostnames. 

After an offline discussion with @hanm we concluded that this may be good 
to look into after both 2691 and 2184 are merged in.



---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[GitHub] zookeeper issue #173: ZOOKEEPER-2691: recreateSocketAddresses may recreate t...

[hanm]

Github user hanm commented on the issue:

https://github.com/apache/zookeeper/pull/173
  
>> on the surface this pr reminds me of ZOOKEEPER-2184, wondering if some 
of the logic can be shared?

I had a chat with @afine offline again about this and I think Abe had a 
good point of view of both problems at a higher level - they are not resolving 
exact same problem but there is an opportunity that we could do some 
refactoring and code sharing regarding effectively map between usable IP and 
host names. This improvement could be done later though given the current many 
things in flight status to reduce the risk of this PR being stale...


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

ZooKeeper_branch34 - Build # 1840 - Still Failing

[Apache Jenkins Server]

See https://builds.apache.org/job/ZooKeeper_branch34/1840/

###
## LAST 60 LINES OF THE CONSOLE 
###
[...truncated 58 lines...]
  collisions:0 txqueuelen:0 
  RX bytes:2377676422954 (2.3 TB)  TX bytes:2377676422954 (2.3 TB)

core file size  (blocks, -c) 0
data seg size   (kbytes, -d) unlimited
scheduling priority (-e) 0
file size   (blocks, -f) unlimited
pending signals (-i) 386177
max locked memory   (kbytes, -l) 64
max memory size (kbytes, -m) unlimited
open files  (-n) 6
pipe size(512 bytes, -p) 8
POSIX message queues (bytes, -q) 819200
real-time priority  (-r) 0
stack size  (kbytes, -s) 8192
cpu time   (seconds, -t) unlimited
max user processes  (-u) 10240
virtual memory  (kbytes, -v) unlimited
file locks  (-x) unlimited
6
/home/jenkins/tools/ant/latest/bin/ant clean
Exception in thread "main" java.lang.UnsupportedClassVersionError: 
org/apache/tools/ant/launch/Launcher : Unsupported major.minor version 52.0
at java.lang.ClassLoader.defineClass1(Native Method)
at java.lang.ClassLoader.defineClass(ClassLoader.java:800)
at 
java.security.SecureClassLoader.defineClass(SecureClassLoader.java:142)
at java.net.URLClassLoader.defineClass(URLClassLoader.java:449)
at java.net.URLClassLoader.access$100(URLClassLoader.java:71)
at java.net.URLClassLoader$1.run(URLClassLoader.java:361)
at java.net.URLClassLoader$1.run(URLClassLoader.java:355)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.java:354)
at java.lang.ClassLoader.loadClass(ClassLoader.java:425)
at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:308)
at java.lang.ClassLoader.loadClass(ClassLoader.java:358)
at sun.launcher.LauncherHelper.checkAndLoadMain(LauncherHelper.java:482)
Exception in thread "main" java.lang.UnsupportedClassVersionError: 
org/apache/tools/ant/launch/Launcher : Unsupported major.minor version 52.0
at java.lang.ClassLoader.defineClass1(Native Method)
at java.lang.ClassLoader.defineClass(ClassLoader.java:800)
at 
java.security.SecureClassLoader.defineClass(SecureClassLoader.java:142)
at java.net.URLClassLoader.defineClass(URLClassLoader.java:449)
at java.net.URLClassLoader.access$100(URLClassLoader.java:71)
at java.net.URLClassLoader$1.run(URLClassLoader.java:361)
at java.net.URLClassLoader$1.run(URLClassLoader.java:355)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.java:354)
at java.lang.ClassLoader.loadClass(ClassLoader.java:425)
at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:308)
at java.lang.ClassLoader.loadClass(ClassLoader.java:358)
at sun.launcher.LauncherHelper.checkAndLoadMain(LauncherHelper.java:482)
mv: cannot stat ‘build/*.tar.gz’: No such file or directory
mv: cannot stat ‘build/*.jar’: No such file or directory
mv: cannot stat ‘build/test/findbugs’: No such file or directory
mv: cannot stat ‘build/docs/api’: No such file or directory
Build Failed
Build step 'Execute shell' marked build as failure
Recording test results
ERROR: Step ‘Publish JUnit test result report’ failed: No test report files 
were found. Configuration error?
Email was triggered for: Failure - Any
Sending email for trigger: Failure - Any



###
## FAILED TESTS (if any) 
##
No tests ran.

[jira] [Commented] (ZOOKEEPER-2693) DOS attack on wchp/wchc four letter words (4lw)

[Michael Han (JIRA)]

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2693?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15870889#comment-15870889
 ] 

Michael Han commented on ZOOKEEPER-2693:


bq. Can we restrict 4lw commands based on IP By default we can allow access to 
the IP on which server is running.
[~arshad.mohammad] Thanks for feedback, this is one way of addressing the 
issue. I still prefer the current white list approach because:
* It has a smaller scope than the IP-restriction based approach. It is simpler, 
less cases to test, and easier to understand.
* One case about IP based approach - what if the access point which IP is white 
listed gets compromised and admins are not aware of such case (so reconfigure 
the IP white list will not be done in time)? In that case, this exploit is 
still possible from the compromised and white listed access point. On the other 
side, the command white list approach does not have this issue, if the watcher 
monitoring commands listed in this issue are not white listed, there is no way 
to exploit. 

Overall I think the IP white list approach is a nice to have as it provides the 
option to use the entire sets of commands while mitigating the potential risk 
of being exploited - while the command white list approach is a must have based 
on my previous arguments. I propose we get the command white list patch in, and 
then the release out, and then think about how to improve the overall access 
control of ZK in the wild, unless the current command white list does not 
address the security concern raised by this JIRA. 


> DOS attack on wchp/wchc four letter words (4lw)
> ---
>
> Key: ZOOKEEPER-2693
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2693
> Project: ZooKeeper
>  Issue Type: Bug
>  Components: security, server
>Affects Versions: 3.4.0, 3.5.1, 3.5.2
>Reporter: Patrick Hunt
>Assignee: Michael Han
>Priority: Blocker
> Fix For: 3.4.10, 3.5.3
>
>
> The wchp/wchc four letter words can be exploited in a DOS attack on the ZK 
> client port - typically 2181. The following POC attack was recently published 
> on the web:
> https://webcache.googleusercontent.com/search?q=cache:_CNGIz10PRYJ:https://www.exploit-db.com/exploits/41277/+=14=en=clnk=us
> The most straightforward way to block this attack is to not allow access to 
> the client port to non-trusted clients - i.e. firewall the ZooKeeper service 
> and only allow access to trusted applications using it for coordination.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Comment Edited] (ZOOKEEPER-2693) DOS attack on wchp/wchc four letter words (4lw)

[Michael Han (JIRA)]

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2693?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15870889#comment-15870889
 ] 

Michael Han edited comment on ZOOKEEPER-2693 at 2/16/17 11:40 PM:
--

bq. Can we restrict 4lw commands based on IP By default we can allow access to 
the IP on which server is running.
[~arshad.mohammad] Thanks for feedback, this is one way of addressing the 
issue. I still prefer the current command white list approach because:
* It has a smaller scope than the IP-restriction based approach. It is simpler, 
less cases to test, and easier to understand.
* One case about IP based approach - what if the access point which IP is white 
listed gets compromised and admins are not aware of such case (so reconfigure 
the IP white list will not be done in time)? In that case, this exploit is 
still possible from the compromised and white listed access point. On the other 
side, the command white list approach does not have this issue, if the watcher 
monitoring commands listed in this issue are not white listed, there is no way 
to exploit. 

Overall I think the IP white list approach is a nice to have as it provides the 
option to use the entire sets of commands while mitigating the potential risk 
of being exploited - while the command white list approach is a must have based 
on my previous arguments. I propose we get the command white list patch in, and 
then the release out, and then think about how to improve the overall access 
control of ZK in the wild, unless the current command white list does not 
address the security concern raised by this JIRA. 



was (Author: hanm):
bq. Can we restrict 4lw commands based on IP By default we can allow access to 
the IP on which server is running.
[~arshad.mohammad] Thanks for feedback, this is one way of addressing the 
issue. I still prefer the current white list approach because:
* It has a smaller scope than the IP-restriction based approach. It is simpler, 
less cases to test, and easier to understand.
* One case about IP based approach - what if the access point which IP is white 
listed gets compromised and admins are not aware of such case (so reconfigure 
the IP white list will not be done in time)? In that case, this exploit is 
still possible from the compromised and white listed access point. On the other 
side, the command white list approach does not have this issue, if the watcher 
monitoring commands listed in this issue are not white listed, there is no way 
to exploit. 

Overall I think the IP white list approach is a nice to have as it provides the 
option to use the entire sets of commands while mitigating the potential risk 
of being exploited - while the command white list approach is a must have based 
on my previous arguments. I propose we get the command white list patch in, and 
then the release out, and then think about how to improve the overall access 
control of ZK in the wild, unless the current command white list does not 
address the security concern raised by this JIRA. 


> DOS attack on wchp/wchc four letter words (4lw)
> ---
>
> Key: ZOOKEEPER-2693
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2693
> Project: ZooKeeper
>  Issue Type: Bug
>  Components: security, server
>Affects Versions: 3.4.0, 3.5.1, 3.5.2
>Reporter: Patrick Hunt
>Assignee: Michael Han
>Priority: Blocker
> Fix For: 3.4.10, 3.5.3
>
>
> The wchp/wchc four letter words can be exploited in a DOS attack on the ZK 
> client port - typically 2181. The following POC attack was recently published 
> on the web:
> https://webcache.googleusercontent.com/search?q=cache:_CNGIz10PRYJ:https://www.exploit-db.com/exploits/41277/+=14=en=clnk=us
> The most straightforward way to block this attack is to not allow access to 
> the client port to non-trusted clients - i.e. firewall the ZooKeeper service 
> and only allow access to trusted applications using it for coordination.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Commented] (ZOOKEEPER-2693) DOS attack on wchp/wchc four letter words (4lw)

[Michael Han (JIRA)]

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2693?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15870870#comment-15870870
 ] 

Michael Han commented on ZOOKEEPER-2693:


The test report seems wrong, all test passed 
[here|https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/342//testReport/].

> DOS attack on wchp/wchc four letter words (4lw)
> ---
>
> Key: ZOOKEEPER-2693
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2693
> Project: ZooKeeper
>  Issue Type: Bug
>  Components: security, server
>Affects Versions: 3.4.0, 3.5.1, 3.5.2
>Reporter: Patrick Hunt
>Assignee: Michael Han
>Priority: Blocker
> Fix For: 3.4.10, 3.5.3
>
>
> The wchp/wchc four letter words can be exploited in a DOS attack on the ZK 
> client port - typically 2181. The following POC attack was recently published 
> on the web:
> https://webcache.googleusercontent.com/search?q=cache:_CNGIz10PRYJ:https://www.exploit-db.com/exploits/41277/+=14=en=clnk=us
> The most straightforward way to block this attack is to not allow access to 
> the client port to non-trusted clients - i.e. firewall the ZooKeeper service 
> and only allow access to trusted applications using it for coordination.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

ZooKeeper-trunk - Build # 3284 - Still Failing

[Apache Jenkins Server]

See https://builds.apache.org/job/ZooKeeper-trunk/3284/

###
## LAST 60 LINES OF THE CONSOLE 
###
[...truncated 79 lines...]
POSIX message queues (bytes, -q) 819200
real-time priority  (-r) 0
stack size  (kbytes, -s) 8192
cpu time   (seconds, -t) unlimited
max user processes  (-u) 10240
virtual memory  (kbytes, -v) unlimited
file locks  (-x) unlimited
6
/home/jenkins/tools/ant/latest/bin/ant clean
Exception in thread "main" java.lang.UnsupportedClassVersionError: 
org/apache/tools/ant/launch/Launcher : Unsupported major.minor version 52.0
at java.lang.ClassLoader.defineClass1(Native Method)
at java.lang.ClassLoader.defineClass(ClassLoader.java:800)
at 
java.security.SecureClassLoader.defineClass(SecureClassLoader.java:142)
at java.net.URLClassLoader.defineClass(URLClassLoader.java:449)
at java.net.URLClassLoader.access$100(URLClassLoader.java:71)
at java.net.URLClassLoader$1.run(URLClassLoader.java:361)
at java.net.URLClassLoader$1.run(URLClassLoader.java:355)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.java:354)
at java.lang.ClassLoader.loadClass(ClassLoader.java:425)
at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:308)
at java.lang.ClassLoader.loadClass(ClassLoader.java:358)
at sun.launcher.LauncherHelper.checkAndLoadMain(LauncherHelper.java:482)
Exception in thread "main" java.lang.UnsupportedClassVersionError: 
org/apache/tools/ant/launch/Launcher : Unsupported major.minor version 52.0
at java.lang.ClassLoader.defineClass1(Native Method)
at java.lang.ClassLoader.defineClass(ClassLoader.java:800)
at 
java.security.SecureClassLoader.defineClass(SecureClassLoader.java:142)
at java.net.URLClassLoader.defineClass(URLClassLoader.java:449)
at java.net.URLClassLoader.access$100(URLClassLoader.java:71)
at java.net.URLClassLoader$1.run(URLClassLoader.java:361)
at java.net.URLClassLoader$1.run(URLClassLoader.java:355)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.java:354)
at java.lang.ClassLoader.loadClass(ClassLoader.java:425)
at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:308)
at java.lang.ClassLoader.loadClass(ClassLoader.java:358)
at sun.launcher.LauncherHelper.checkAndLoadMain(LauncherHelper.java:482)
mv: cannot stat 'build/*.tar.gz': No such file or directory
mv: cannot stat 'build/*.jar': No such file or directory
mv: cannot stat 'build/test/findbugs': No such file or directory
mv: cannot stat 'build/docs/api': No such file or directory
Build Failed
Build step 'Execute shell' marked build as failure
[FINDBUGS] Skipping publisher since build result is FAILURE
[WARNINGS] Skipping publisher since build result is FAILURE
Archiving artifacts
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Recording fingerprints
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Recording test results
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
ERROR: Step ?Publish JUnit test result report? failed: No test report files 
were found. Configuration error?
Publishing Javadoc
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Email was triggered for: Failure - Any
Sending email for trigger: Failure - Any
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7



###
## FAILED TESTS (if any) 
##
No tests ran.

Failed: ZOOKEEPER- PreCommit Build #346

[Apache Jenkins Server]

Build: https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/346/

###
## LAST 60 LINES OF THE CONSOLE 
###
[...truncated 483055 lines...]
 [exec] 
 [exec] +0 tests included.  The patch appears to be a documentation 
patch that doesn't require tests.
 [exec] 
 [exec] +1 javadoc.  The javadoc tool did not generate any warning 
messages.
 [exec] 
 [exec] +1 javac.  The applied patch does not increase the total number 
of javac compiler warnings.
 [exec] 
 [exec] +1 findbugs.  The patch does not introduce any new Findbugs 
(version 3.0.1) warnings.
 [exec] 
 [exec] +1 release audit.  The applied patch does not increase the 
total number of release audit warnings.
 [exec] 
 [exec] -1 core tests.  The patch failed core unit tests.
 [exec] 
 [exec] +1 contrib tests.  The patch passed contrib unit tests.
 [exec] 
 [exec] Test results: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/346//testReport/
 [exec] Findbugs warnings: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/346//artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html
 [exec] Console output: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/346//console
 [exec] 
 [exec] This message is automatically generated.
 [exec] 
 [exec] 
 [exec] 
==
 [exec] 
==
 [exec] Adding comment to Jira.
 [exec] 
==
 [exec] 
==
 [exec] 
 [exec] 
 [exec] Error: No value specified for option "issue"
 [exec] 76cc7c1a5b70a724bc7250c6e8f38389387ff253 logged out
 [exec] 
 [exec] 
 [exec] 
==
 [exec] 
==
 [exec] Finished build.
 [exec] 
==
 [exec] 
==
 [exec] 
 [exec] 
 [exec] mv: 
‘/home/jenkins/jenkins-slave/workspace/PreCommit-ZOOKEEPER-github-pr-build/patchprocess’
 and 
‘/home/jenkins/jenkins-slave/workspace/PreCommit-ZOOKEEPER-github-pr-build/patchprocess’
 are the same file

BUILD FAILED
/home/jenkins/jenkins-slave/workspace/PreCommit-ZOOKEEPER-github-pr-build/build.xml:1635:
 exec returned: 1

Total time: 18 minutes 38 seconds
Build step 'Execute shell' marked build as failure
Archiving artifacts
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Compressed 575.39 KB of artifacts by 61.2% relative to #337
Recording test results
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
[description-setter] Could not determine description.
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Email was triggered for: Failure - Any
Sending email for trigger: Failure - Any
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7



###
## FAILED TESTS (if any) 
##
1 tests failed.
FAILED:  
org.apache.zookeeper.server.quorum.StandaloneDisabledTest.startSingleServerTest

Error Message:
Timeout occurred. Please note the time in the report does not reflect the time 
until the timeout.

Stack Trace:
junit.framework.AssertionFailedError: Timeout occurred. Please note the time in 
the report does not reflect the time until the timeout.
at java.lang.Thread.run(Thread.java:745)

ZooKeeper_branch34_jdk8 - Build # 888 - Still Failing

[Apache Jenkins Server]

See https://builds.apache.org/job/ZooKeeper_branch34_jdk8/888/

###
## LAST 60 LINES OF THE CONSOLE 
###
[...truncated 243602 lines...]
[junit] 2017-02-16 22:58:21,803 [myid:] - INFO  
[main:SessionTrackerImpl@225] - Shutting down
[junit] 2017-02-16 22:58:21,803 [myid:] - INFO  
[main:PrepRequestProcessor@764] - Shutting down
[junit] 2017-02-16 22:58:21,803 [myid:] - INFO  
[main:SyncRequestProcessor@208] - Shutting down
[junit] 2017-02-16 22:58:21,803 [myid:] - INFO  [ProcessThread(sid:0 
cport:11221)::PrepRequestProcessor@143] - PrepRequestProcessor exited loop!
[junit] 2017-02-16 22:58:21,804 [myid:] - INFO  
[SyncThread:0:SyncRequestProcessor@186] - SyncRequestProcessor exited!
[junit] 2017-02-16 22:58:21,804 [myid:] - INFO  
[main:FinalRequestProcessor@402] - shutdown of request processor complete
[junit] 2017-02-16 22:58:21,804 [myid:] - INFO  
[main:FourLetterWordMain@62] - connecting to 127.0.0.1 11221
[junit] 2017-02-16 22:58:21,805 [myid:] - INFO  [main:JMXEnv@147] - 
ensureOnly:[]
[junit] 2017-02-16 22:58:21,806 [myid:] - INFO  [main:ClientBase@445] - 
STARTING server
[junit] 2017-02-16 22:58:21,806 [myid:] - INFO  [main:ClientBase@366] - 
CREATING server instance 127.0.0.1:11221
[junit] 2017-02-16 22:58:21,807 [myid:] - INFO  
[main:NIOServerCnxnFactory@89] - binding to port 0.0.0.0/0.0.0.0:11221
[junit] 2017-02-16 22:58:21,807 [myid:] - INFO  [main:ClientBase@341] - 
STARTING server instance 127.0.0.1:11221
[junit] 2017-02-16 22:58:21,807 [myid:] - INFO  [main:ZooKeeperServer@173] 
- Created server with tickTime 3000 minSessionTimeout 6000 maxSessionTimeout 
6 datadir 
/home/jenkins/jenkins-slave/workspace/ZooKeeper_branch34_jdk8/build/test/tmp/test834334586290515297.junit.dir/version-2
 snapdir 
/home/jenkins/jenkins-slave/workspace/ZooKeeper_branch34_jdk8/build/test/tmp/test834334586290515297.junit.dir/version-2
[junit] 2017-02-16 22:58:21,810 [myid:] - ERROR [main:ZooKeeperServer@472] 
- ZKShutdownHandler is not registered, so ZooKeeper server won't take any 
action on ERROR or SHUTDOWN server state changes
[junit] 2017-02-16 22:58:21,810 [myid:] - INFO  
[main:FourLetterWordMain@62] - connecting to 127.0.0.1 11221
[junit] 2017-02-16 22:58:21,811 [myid:] - INFO  
[NIOServerCxn.Factory:0.0.0.0/0.0.0.0:11221:NIOServerCnxnFactory@192] - 
Accepted socket connection from /127.0.0.1:41794
[junit] 2017-02-16 22:58:21,811 [myid:] - INFO  
[NIOServerCxn.Factory:0.0.0.0/0.0.0.0:11221:NIOServerCnxn@838] - Processing 
stat command from /127.0.0.1:41794
[junit] 2017-02-16 22:58:21,811 [myid:] - INFO  
[Thread-4:NIOServerCnxn$StatCommand@674] - Stat command output
[junit] 2017-02-16 22:58:21,812 [myid:] - INFO  
[Thread-4:NIOServerCnxn@1019] - Closed socket connection for client 
/127.0.0.1:41794 (no session established for client)
[junit] 2017-02-16 22:58:21,812 [myid:] - INFO  [main:JMXEnv@230] - 
ensureParent:[InMemoryDataTree, StandaloneServer_port]
[junit] 2017-02-16 22:58:21,814 [myid:] - INFO  [main:JMXEnv@247] - 
expect:InMemoryDataTree
[junit] 2017-02-16 22:58:21,814 [myid:] - INFO  [main:JMXEnv@251] - 
found:InMemoryDataTree 
org.apache.ZooKeeperService:name0=StandaloneServer_port11221,name1=InMemoryDataTree
[junit] 2017-02-16 22:58:21,814 [myid:] - INFO  [main:JMXEnv@247] - 
expect:StandaloneServer_port
[junit] 2017-02-16 22:58:21,814 [myid:] - INFO  [main:JMXEnv@251] - 
found:StandaloneServer_port 
org.apache.ZooKeeperService:name0=StandaloneServer_port11221
[junit] 2017-02-16 22:58:21,815 [myid:] - INFO  
[main:JUnit4ZKTestRunner$LoggedInvokeMethod@58] - Memory used 35517
[junit] 2017-02-16 22:58:21,815 [myid:] - INFO  
[main:JUnit4ZKTestRunner$LoggedInvokeMethod@63] - Number of threads 20
[junit] 2017-02-16 22:58:21,815 [myid:] - INFO  
[main:JUnit4ZKTestRunner$LoggedInvokeMethod@78] - FINISHED TEST METHOD testQuota
[junit] 2017-02-16 22:58:21,815 [myid:] - INFO  [main:ClientBase@522] - 
tearDown starting
[junit] 2017-02-16 22:58:21,886 [myid:] - INFO  [main:ZooKeeper@684] - 
Session: 0x15a4925d93a closed
[junit] 2017-02-16 22:58:21,887 [myid:] - INFO  [main:ClientBase@492] - 
STOPPING server
[junit] 2017-02-16 22:58:21,886 [myid:] - INFO  
[main-EventThread:ClientCnxn$EventThread@519] - EventThread shut down for 
session: 0x15a4925d93a
[junit] 2017-02-16 22:58:21,887 [myid:] - INFO  
[NIOServerCxn.Factory:0.0.0.0/0.0.0.0:11221:NIOServerCnxnFactory@219] - 
NIOServerCnxn factory exited run method
[junit] 2017-02-16 22:58:21,887 [myid:] - INFO  [main:ZooKeeperServer@505] 
- shutting down
[junit] 2017-02-16 22:58:21,887 [myid:] - ERROR [main:ZooKeeperServer@472] 
- ZKShutdownHandler is not registered, so ZooKeeper server won't take any 
action on ERROR or SHUTDOWN server state changes
[junit] 2017-02-16 22:58:21,887 

Failed: ZOOKEEPER- PreCommit Build #345

[Apache Jenkins Server]

Build: https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/345/

###
## LAST 60 LINES OF THE CONSOLE 
###
[...truncated 477811 lines...]
 [exec] 
 [exec] +0 tests included.  The patch appears to be a documentation 
patch that doesn't require tests.
 [exec] 
 [exec] +1 javadoc.  The javadoc tool did not generate any warning 
messages.
 [exec] 
 [exec] +1 javac.  The applied patch does not increase the total number 
of javac compiler warnings.
 [exec] 
 [exec] +1 findbugs.  The patch does not introduce any new Findbugs 
(version 3.0.1) warnings.
 [exec] 
 [exec] +1 release audit.  The applied patch does not increase the 
total number of release audit warnings.
 [exec] 
 [exec] -1 core tests.  The patch failed core unit tests.
 [exec] 
 [exec] +1 contrib tests.  The patch passed contrib unit tests.
 [exec] 
 [exec] Test results: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/345//testReport/
 [exec] Findbugs warnings: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/345//artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html
 [exec] Console output: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/345//console
 [exec] 
 [exec] This message is automatically generated.
 [exec] 
 [exec] 
 [exec] 
==
 [exec] 
==
 [exec] Adding comment to Jira.
 [exec] 
==
 [exec] 
==
 [exec] 
 [exec] 
 [exec] Error: No value specified for option "issue"
 [exec] 6bb316803322f9ea1ce046dc34314cc14806018d logged out
 [exec] 
 [exec] 
 [exec] 
==
 [exec] 
==
 [exec] Finished build.
 [exec] 
==
 [exec] 
==
 [exec] 
 [exec] 
 [exec] mv: 
‘/home/jenkins/jenkins-slave/workspace/PreCommit-ZOOKEEPER-github-pr-build/patchprocess’
 and 
‘/home/jenkins/jenkins-slave/workspace/PreCommit-ZOOKEEPER-github-pr-build/patchprocess’
 are the same file

BUILD FAILED
/home/jenkins/jenkins-slave/workspace/PreCommit-ZOOKEEPER-github-pr-build/build.xml:1635:
 exec returned: 1

Total time: 13 minutes 30 seconds
Build step 'Execute shell' marked build as failure
Archiving artifacts
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Compressed 575.39 KB of artifacts by 61.2% relative to #337
Recording test results
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
[description-setter] Could not determine description.
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Email was triggered for: Failure - Any
Sending email for trigger: Failure - Any
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7



###
## FAILED TESTS (if any) 
##
1 tests failed.
FAILED:  org.apache.zookeeper.test.AsyncHammerTest.testHammer

Error Message:
null

Stack Trace:
junit.framework.AssertionFailedError
at 
org.apache.zookeeper.test.AsyncHammerTest.testHammer(AsyncHammerTest.java:186)
at 
org.apache.zookeeper.JUnit4ZKTestRunner$LoggedInvokeMethod.evaluate(JUnit4ZKTestRunner.java:79)

Failed: ZOOKEEPER- PreCommit Build #344

[Apache Jenkins Server]

Build: https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/344/

###
## LAST 60 LINES OF THE CONSOLE 
###
[...truncated 483086 lines...]
 [exec] 
 [exec] +0 tests included.  The patch appears to be a documentation 
patch that doesn't require tests.
 [exec] 
 [exec] +1 javadoc.  The javadoc tool did not generate any warning 
messages.
 [exec] 
 [exec] +1 javac.  The applied patch does not increase the total number 
of javac compiler warnings.
 [exec] 
 [exec] +1 findbugs.  The patch does not introduce any new Findbugs 
(version 3.0.1) warnings.
 [exec] 
 [exec] +1 release audit.  The applied patch does not increase the 
total number of release audit warnings.
 [exec] 
 [exec] -1 core tests.  The patch failed core unit tests.
 [exec] 
 [exec] +1 contrib tests.  The patch passed contrib unit tests.
 [exec] 
 [exec] Test results: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/344//testReport/
 [exec] Findbugs warnings: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/344//artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html
 [exec] Console output: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/344//console
 [exec] 
 [exec] This message is automatically generated.
 [exec] 
 [exec] 
 [exec] 
==
 [exec] 
==
 [exec] Adding comment to Jira.
 [exec] 
==
 [exec] 
==
 [exec] 
 [exec] 
 [exec] Error: No value specified for option "issue"
 [exec] e9a02220ae9f7f8621f10c7d1d948618bdf74552 logged out
 [exec] 
 [exec] 
 [exec] 
==
 [exec] 
==
 [exec] Finished build.
 [exec] 
==
 [exec] 
==
 [exec] 
 [exec] 
 [exec] mv: 
‘/home/jenkins/jenkins-slave/workspace/PreCommit-ZOOKEEPER-github-pr-build/patchprocess’
 and 
‘/home/jenkins/jenkins-slave/workspace/PreCommit-ZOOKEEPER-github-pr-build/patchprocess’
 are the same file

BUILD FAILED
/home/jenkins/jenkins-slave/workspace/PreCommit-ZOOKEEPER-github-pr-build/build.xml:1635:
 exec returned: 1

Total time: 13 minutes 39 seconds
Build step 'Execute shell' marked build as failure
Archiving artifacts
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Compressed 575.39 KB of artifacts by 61.2% relative to #337
Recording test results
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
[description-setter] Could not determine description.
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Email was triggered for: Failure - Any
Sending email for trigger: Failure - Any
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7



###
## FAILED TESTS (if any) 
##
1 tests failed.
FAILED:  
org.apache.zookeeper.server.quorum.ReconfigRecoveryTest.testCurrentServersAreObserversInNextConfig

Error Message:
waiting for server 4 being up

Stack Trace:
junit.framework.AssertionFailedError: waiting for server 4 being up
at 
org.apache.zookeeper.server.quorum.ReconfigRecoveryTest.testCurrentServersAreObserversInNextConfig(ReconfigRecoveryTest.java:217)
at 
org.apache.zookeeper.JUnit4ZKTestRunner$LoggedInvokeMethod.evaluate(JUnit4ZKTestRunner.java:79)

[jira] [Commented] (ZOOKEEPER-2693) DOS attack on wchp/wchc four letter words (4lw)

[ASF GitHub Bot (JIRA)]

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2693?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15870693#comment-15870693
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2693:
---

Github user hanm commented on the issue:

https://github.com/apache/zookeeper/pull/179
  
Thanks everyone for feedback. Updated pull request to address your review 
comments. One change I made on latest update is to introduce an internal Java 
system property zookeeper.test.4lw.enabled for tests so we don't have to copy 
paste the lengthy set up code for zookeeper.4lw.commands.whitelist property and 
use  zookeeper.test.4lw.enabled instead providing an elegant switch. 
zookeeper.4lw.commands.whitelist is still used in some tests to provide 
complete code coverage for new code paths introduced.

All tests should be green now.


> DOS attack on wchp/wchc four letter words (4lw)
> ---
>
> Key: ZOOKEEPER-2693
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2693
> Project: ZooKeeper
>  Issue Type: Bug
>  Components: security, server
>Affects Versions: 3.4.0, 3.5.1, 3.5.2
>Reporter: Patrick Hunt
>Assignee: Michael Han
>Priority: Blocker
> Fix For: 3.4.10, 3.5.3
>
>
> The wchp/wchc four letter words can be exploited in a DOS attack on the ZK 
> client port - typically 2181. The following POC attack was recently published 
> on the web:
> https://webcache.googleusercontent.com/search?q=cache:_CNGIz10PRYJ:https://www.exploit-db.com/exploits/41277/+=14=en=clnk=us
> The most straightforward way to block this attack is to not allow access to 
> the client port to non-trusted clients - i.e. firewall the ZooKeeper service 
> and only allow access to trusted applications using it for coordination.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Commented] (ZOOKEEPER-2693) DOS attack on wchp/wchc four letter words (4lw)

[Hadoop QA (JIRA)]

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2693?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15870694#comment-15870694
 ] 

Hadoop QA commented on ZOOKEEPER-2693:
--

-1 overall.  GitHub Pull Request  Build
  

+1 @author.  The patch does not contain any @author tags.

+1 tests included.  The patch appears to include 29 new or modified tests.

+1 javadoc.  The javadoc tool did not generate any warning messages.

+1 javac.  The applied patch does not increase the total number of javac 
compiler warnings.

+1 findbugs.  The patch does not introduce any new Findbugs (version 3.0.1) 
warnings.

+1 release audit.  The applied patch does not increase the total number of 
release audit warnings.

-1 core tests.  The patch failed core unit tests.

-1 contrib tests.  The patch failed contrib unit tests.

Test results: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/342//testReport/
Findbugs warnings: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/342//artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html
Console output: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/342//console

This message is automatically generated.

> DOS attack on wchp/wchc four letter words (4lw)
> ---
>
> Key: ZOOKEEPER-2693
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2693
> Project: ZooKeeper
>  Issue Type: Bug
>  Components: security, server
>Affects Versions: 3.4.0, 3.5.1, 3.5.2
>Reporter: Patrick Hunt
>Assignee: Michael Han
>Priority: Blocker
> Fix For: 3.4.10, 3.5.3
>
>
> The wchp/wchc four letter words can be exploited in a DOS attack on the ZK 
> client port - typically 2181. The following POC attack was recently published 
> on the web:
> https://webcache.googleusercontent.com/search?q=cache:_CNGIz10PRYJ:https://www.exploit-db.com/exploits/41277/+=14=en=clnk=us
> The most straightforward way to block this attack is to not allow access to 
> the client port to non-trusted clients - i.e. firewall the ZooKeeper service 
> and only allow access to trusted applications using it for coordination.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Failed: ZOOKEEPER- PreCommit Build #343

[Apache Jenkins Server]

Build: https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/343/

###
## LAST 60 LINES OF THE CONSOLE 
###
[...truncated 494 lines...]
 [exec] 
 [exec] +1 javadoc.  The javadoc tool did not generate any warning 
messages.
 [exec] 
 [exec] +1 javac.  The applied patch does not increase the total number 
of javac compiler warnings.
 [exec] 
 [exec] +1 findbugs.  The patch does not introduce any new Findbugs 
(version 3.0.1) warnings.
 [exec] 
 [exec] +1 release audit.  The applied patch does not increase the 
total number of release audit warnings.
 [exec] 
 [exec] -1 core tests.  The patch failed core unit tests.
 [exec] 
 [exec] +1 contrib tests.  The patch passed contrib unit tests.
 [exec] 
 [exec] Test results: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/343//testReport/
 [exec] Findbugs warnings: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/343//artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html
 [exec] Console output: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/343//console
 [exec] 
 [exec] This message is automatically generated.
 [exec] 
 [exec] 
 [exec] 
==
 [exec] 
==
 [exec] Adding comment to Jira.
 [exec] 
==
 [exec] 
==
 [exec] 
 [exec] 
 [exec] Error: No value specified for option "issue"
 [exec] 7e865809f541c4abe21827a288c6523e4634d516 logged out
 [exec] 
 [exec] 
 [exec] 
==
 [exec] 
==
 [exec] Finished build.
 [exec] 
==
 [exec] 
==
 [exec] 
 [exec] 
 [exec] mv: 
‘/home/jenkins/jenkins-slave/workspace/PreCommit-ZOOKEEPER-github-pr-build@2/patchprocess’
 and 
‘/home/jenkins/jenkins-slave/workspace/PreCommit-ZOOKEEPER-github-pr-build@2/patchprocess’
 are the same file

BUILD FAILED
/home/jenkins/jenkins-slave/workspace/PreCommit-ZOOKEEPER-github-pr-build@2/build.xml:1635:
 exec returned: 1

Total time: 2 minutes 56 seconds
Build step 'Execute shell' marked build as failure
Archiving artifacts
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Compressed 579.02 KB of artifacts by 22.1% relative to #337
Recording test results
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
ERROR: Step ‘Publish JUnit test result report’ failed: No test report files 
were found. Configuration error?
[description-setter] Could not determine description.
Putting comment on the pull request
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Email was triggered for: Failure - Any
Sending email for trigger: Failure - Any
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7



###
## FAILED TESTS (if any) 
##
No tests ran.

[GitHub] zookeeper issue #179: ZOOKEEPER-2693: DOS attack on wchp/wchc four letter wo...

[hanm]

Github user hanm commented on the issue:

https://github.com/apache/zookeeper/pull/179
  
Thanks everyone for feedback. Updated pull request to address your review 
comments. One change I made on latest update is to introduce an internal Java 
system property zookeeper.test.4lw.enabled for tests so we don't have to copy 
paste the lengthy set up code for zookeeper.4lw.commands.whitelist property and 
use  zookeeper.test.4lw.enabled instead providing an elegant switch. 
zookeeper.4lw.commands.whitelist is still used in some tests to provide 
complete code coverage for new code paths introduced.

All tests should be green now.


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

Failed: ZOOKEEPER- PreCommit Build #342

[Apache Jenkins Server]

Build: https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/342/

###
## LAST 60 LINES OF THE CONSOLE 
###
[...truncated 413708 lines...]
 [exec] 
 [exec] +1 javadoc.  The javadoc tool did not generate any warning 
messages.
 [exec] 
 [exec] +1 javac.  The applied patch does not increase the total number 
of javac compiler warnings.
 [exec] 
 [exec] +1 findbugs.  The patch does not introduce any new Findbugs 
(version 3.0.1) warnings.
 [exec] 
 [exec] +1 release audit.  The applied patch does not increase the 
total number of release audit warnings.
 [exec] 
 [exec] -1 core tests.  The patch failed core unit tests.
 [exec] 
 [exec] -1 contrib tests.  The patch failed contrib unit tests.
 [exec] 
 [exec] Test results: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/342//testReport/
 [exec] Findbugs warnings: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/342//artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html
 [exec] Console output: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/342//console
 [exec] 
 [exec] This message is automatically generated.
 [exec] 
 [exec] 
 [exec] 
==
 [exec] 
==
 [exec] Adding comment to Jira.
 [exec] 
==
 [exec] 
==
 [exec] 
 [exec] 
 [exec] Comment added.
 [exec] 735745431e170e5e2f3742de43d30391729082e0 logged out
 [exec] 
 [exec] 
 [exec] 
==
 [exec] 
==
 [exec] Finished build.
 [exec] 
==
 [exec] 
==
 [exec] 
 [exec] 
 [exec] mv: 
‘/home/jenkins/jenkins-slave/workspace/PreCommit-ZOOKEEPER-github-pr-build/patchprocess’
 and 
‘/home/jenkins/jenkins-slave/workspace/PreCommit-ZOOKEEPER-github-pr-build/patchprocess’
 are the same file

BUILD FAILED
/home/jenkins/jenkins-slave/workspace/PreCommit-ZOOKEEPER-github-pr-build/build.xml:1635:
 exec returned: 2

Total time: 9 minutes 40 seconds
Build step 'Execute shell' marked build as failure
Archiving artifacts
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Compressed 575.58 KB of artifacts by 44.5% relative to #337
Recording test results
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
[description-setter] Description set: ZOOKEEPER-2693
Putting comment on the pull request
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Email was triggered for: Failure - Any
Sending email for trigger: Failure - Any
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7



###
## FAILED TESTS (if any) 
##
All tests passed

[jira] [Assigned] (ZOOKEEPER-2698) Netty+SSL support for server to server communication

[Abraham Fine (JIRA)]

 [ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2698?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Abraham Fine reassigned ZOOKEEPER-2698:
---

Assignee: Abraham Fine

> Netty+SSL support for server to server communication
> 
>
> Key: ZOOKEEPER-2698
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2698
> Project: ZooKeeper
>  Issue Type: New Feature
>Reporter: Abraham Fine
>Assignee: Abraham Fine
>




--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Created] (ZOOKEEPER-2698) Netty+SSL support for server to server communication

[Abraham Fine (JIRA)]

Abraham Fine created ZOOKEEPER-2698:
---

 Summary: Netty+SSL support for server to server communication
 Key: ZOOKEEPER-2698
 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2698
 Project: ZooKeeper
  Issue Type: New Feature
Reporter: Abraham Fine






--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Failed: ZOOKEEPER- PreCommit Build #341

[Apache Jenkins Server]

Build: https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/341/

###
## LAST 60 LINES OF THE CONSOLE 
###
[...truncated 25 lines...]
  Getting sizes
Done: 2
  Compressing objects
Done: 0
  Writing objects
Done: 3
  remote: Updating references
Merging refs/tags/changes/341
 > git rev-parse refs/tags/changes/341^{commit} # timeout=10
 > git merge a58b9792d39cd3a4c5adaa9cdbd086623820c49c # timeout=10
 > git rev-parse branch-3.4^{commit} # timeout=10
Checking out Revision c9151e0ecad9a9be67e1fc84a603d310eed8e4fe (branch-3.4)
 > git config core.sparsecheckout # timeout=10
 > git checkout -f c9151e0ecad9a9be67e1fc84a603d310eed8e4fe
 > git rev-parse origin/branch-3.4^{commit} # timeout=10
 > git rev-list 373b82bab843cc84c22b99f6511f8fea974fd2b4 # timeout=10
No emails were triggered.
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
[PreCommit-ZOOKEEPER-github-pr-build] $ /bin/bash 
/tmp/hudson3837927765838694457.sh
/home/jenkins/tools/java/latest1.7/bin/java
java version "1.7.0_80"
Java(TM) SE Runtime Environment (build 1.7.0_80-b15)
Java HotSpot(TM) 64-Bit Server VM (build 24.80-b11, mixed mode)
core file size  (blocks, -c) 0
data seg size   (kbytes, -d) unlimited
scheduling priority (-e) 0
file size   (blocks, -f) unlimited
pending signals (-i) 386177
max locked memory   (kbytes, -l) 64
max memory size (kbytes, -m) unlimited
open files  (-n) 6
pipe size(512 bytes, -p) 8
POSIX message queues (bytes, -q) 819200
real-time priority  (-r) 0
stack size  (kbytes, -s) 8192
cpu time   (seconds, -t) unlimited
max user processes  (-u) 10240
virtual memory  (kbytes, -v) unlimited
file locks  (-x) unlimited
Buildfile: 
/home/jenkins/jenkins-slave/workspace/PreCommit-ZOOKEEPER-github-pr-build/build.xml

BUILD FAILED
Target "qa-test-pullrequest" does not exist in the project "ZooKeeper". 

Total time: 0 seconds
Build step 'Execute shell' marked build as failure
Archiving artifacts
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Recording test results
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
ERROR: Step ‘Publish JUnit test result report’ failed: No test report files 
were found. Configuration error?
[description-setter] Could not determine description.
Putting comment on the pull request
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Email was triggered for: Failure - Any
Sending email for trigger: Failure - Any
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7



###
## FAILED TESTS (if any) 
##
No tests ran.

[jira] [Commented] (ZOOKEEPER-2696) Eclipse ant ask no longer determines correct classpath for tests after ZOOKEEPER-2689

[ASF GitHub Bot (JIRA)]

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2696?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15870502#comment-15870502
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2696:
---

Github user afine commented on the issue:

https://github.com/apache/zookeeper/pull/178
  
You are correct @rakeshadr , that test fails. I will change the patch to 
just removing `transitive="false"`


> Eclipse ant ask no longer determines correct classpath for tests after 
> ZOOKEEPER-2689
> -
>
> Key: ZOOKEEPER-2696
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2696
> Project: ZooKeeper
>  Issue Type: Bug
>Affects Versions: 3.4.10
>Reporter: Abraham Fine
>Assignee: Abraham Fine
>
> Following the changes made in ZOOKEEPER-2689 IDE's using the .classpath file 
> generated by the eclipse ant task (I tested both idea and eclipse) cannot 
> compile the tests.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[GitHub] zookeeper issue #178: ZOOKEEPER-2696: Eclipse ant ask no longer determines c...

[afine]

Github user afine commented on the issue:

https://github.com/apache/zookeeper/pull/178
  
You are correct @rakeshadr , that test fails. I will change the patch to 
just removing `transitive="false"`


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[jira] [Commented] (ZOOKEEPER-2696) Eclipse ant ask no longer determines correct classpath for tests after ZOOKEEPER-2689

[ASF GitHub Bot (JIRA)]

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2696?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15870475#comment-15870475
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2696:
---

Github user rakeshadr commented on the issue:

https://github.com/apache/zookeeper/pull/178
  
>> I was able to run the unit tests within eclipse or idea (I used 
WatcherTest as my example) using just the dependencies I added in the patch.

@afine , Probably, you can run `QuorumKerberosAuthTest.java` test case, 
which needs all these libraries during execution.


> Eclipse ant ask no longer determines correct classpath for tests after 
> ZOOKEEPER-2689
> -
>
> Key: ZOOKEEPER-2696
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2696
> Project: ZooKeeper
>  Issue Type: Bug
>Affects Versions: 3.4.10
>Reporter: Abraham Fine
>Assignee: Abraham Fine
>
> Following the changes made in ZOOKEEPER-2689 IDE's using the .classpath file 
> generated by the eclipse ant task (I tested both idea and eclipse) cannot 
> compile the tests.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[GitHub] zookeeper issue #178: ZOOKEEPER-2696: Eclipse ant ask no longer determines c...

[rakeshadr]

Github user rakeshadr commented on the issue:

https://github.com/apache/zookeeper/pull/178
  
>> I was able to run the unit tests within eclipse or idea (I used 
WatcherTest as my example) using just the dependencies I added in the patch.

@afine , Probably, you can run `QuorumKerberosAuthTest.java` test case, 
which needs all these libraries during execution.


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

Failed: ZOOKEEPER- PreCommit Build #340

[Apache Jenkins Server]

Build: https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/340/

###
## LAST 60 LINES OF THE CONSOLE 
###
[...truncated 478117 lines...]
 [exec] 
 [exec] +1 javadoc.  The javadoc tool did not generate any warning 
messages.
 [exec] 
 [exec] +1 javac.  The applied patch does not increase the total number 
of javac compiler warnings.
 [exec] 
 [exec] +1 findbugs.  The patch does not introduce any new Findbugs 
(version 3.0.1) warnings.
 [exec] 
 [exec] +1 release audit.  The applied patch does not increase the 
total number of release audit warnings.
 [exec] 
 [exec] -1 core tests.  The patch failed core unit tests.
 [exec] 
 [exec] +1 contrib tests.  The patch passed contrib unit tests.
 [exec] 
 [exec] Test results: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/340//testReport/
 [exec] Findbugs warnings: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/340//artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html
 [exec] Console output: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/340//console
 [exec] 
 [exec] This message is automatically generated.
 [exec] 
 [exec] 
 [exec] 
==
 [exec] 
==
 [exec] Adding comment to Jira.
 [exec] 
==
 [exec] 
==
 [exec] 
 [exec] 
 [exec] Comment added.
 [exec] 9233e96eec491a91761edc85354545269f9470bb logged out
 [exec] 
 [exec] 
 [exec] 
==
 [exec] 
==
 [exec] Finished build.
 [exec] 
==
 [exec] 
==
 [exec] 
 [exec] 
 [exec] mv: 
'/home/jenkins/jenkins-slave/workspace/PreCommit-ZOOKEEPER-github-pr-build/patchprocess'
 and 
'/home/jenkins/jenkins-slave/workspace/PreCommit-ZOOKEEPER-github-pr-build/patchprocess'
 are the same file

BUILD FAILED
/home/jenkins/jenkins-slave/workspace/PreCommit-ZOOKEEPER-github-pr-build/build.xml:1635:
 exec returned: 1

Total time: 14 minutes 12 seconds
Build step 'Execute shell' marked build as failure
Archiving artifacts
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Compressed 575.59 KB of artifacts by 44.5% relative to #337
Recording test results
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
[description-setter] Description set: ZOOKEEPER-2693
Putting comment on the pull request
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Email was triggered for: Failure - Any
Sending email for trigger: Failure - Any
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7



###
## FAILED TESTS (if any) 
##
9 tests failed.
FAILED:  org.apache.zookeeper.test.FourLetterWordsTest.testFourLetterWords

Error Message:
null

Stack Trace:
junit.framework.AssertionFailedError
at 
org.apache.zookeeper.test.FourLetterWordsTest.verify(FourLetterWordsTest.java:140)
at 
org.apache.zookeeper.test.FourLetterWordsTest.testFourLetterWords(FourLetterWordsTest.java:62)
at 
org.apache.zookeeper.JUnit4ZKTestRunner$LoggedInvokeMethod.evaluate(JUnit4ZKTestRunner.java:79)
at java.util.concurrent.FutureTask.run(FutureTask.java:262)
at java.lang.Thread.run(Thread.java:745)


FAILED:  org.apache.zookeeper.test.FourLetterWordsTest.testSetTraceMask

Error Message:
null

Stack Trace:
junit.framework.AssertionFailedError
at 
org.apache.zookeeper.test.FourLetterWordsTest.testSetTraceMask(FourLetterWordsTest.java:222)
at 
org.apache.zookeeper.JUnit4ZKTestRunner$LoggedInvokeMethod.evaluate(JUnit4ZKTestRunner.java:79)
at java.util.concurrent.FutureTask.run(FutureTask.java:262)
at java.lang.Thread.run(Thread.java:745)


FAILED:  org.apache.zookeeper.test.FourLetterWordsTest.testValidateConsOutput

Error Message:
null

Stack Trace:
junit.framework.AssertionFailedError
at 
org.apache.zookeeper.test.FourLetterWordsTest.testValidateConsOutput(FourLetterWordsTest.java:201)
at 

[jira] [Commented] (ZOOKEEPER-2693) DOS attack on wchp/wchc four letter words (4lw)

[Hadoop QA (JIRA)]

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2693?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15870435#comment-15870435
 ] 

Hadoop QA commented on ZOOKEEPER-2693:
--

-1 overall.  GitHub Pull Request  Build
  

+1 @author.  The patch does not contain any @author tags.

+1 tests included.  The patch appears to include 20 new or modified tests.

+1 javadoc.  The javadoc tool did not generate any warning messages.

+1 javac.  The applied patch does not increase the total number of javac 
compiler warnings.

+1 findbugs.  The patch does not introduce any new Findbugs (version 3.0.1) 
warnings.

+1 release audit.  The applied patch does not increase the total number of 
release audit warnings.

-1 core tests.  The patch failed core unit tests.

+1 contrib tests.  The patch passed contrib unit tests.

Test results: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/340//testReport/
Findbugs warnings: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/340//artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html
Console output: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/340//console

This message is automatically generated.

> DOS attack on wchp/wchc four letter words (4lw)
> ---
>
> Key: ZOOKEEPER-2693
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2693
> Project: ZooKeeper
>  Issue Type: Bug
>  Components: security, server
>Affects Versions: 3.4.0, 3.5.1, 3.5.2
>Reporter: Patrick Hunt
>Assignee: Michael Han
>Priority: Blocker
> Fix For: 3.4.10, 3.5.3
>
>
> The wchp/wchc four letter words can be exploited in a DOS attack on the ZK 
> client port - typically 2181. The following POC attack was recently published 
> on the web:
> https://webcache.googleusercontent.com/search?q=cache:_CNGIz10PRYJ:https://www.exploit-db.com/exploits/41277/+=14=en=clnk=us
> The most straightforward way to block this attack is to not allow access to 
> the client port to non-trusted clients - i.e. firewall the ZooKeeper service 
> and only allow access to trusted applications using it for coordination.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Commented] (ZOOKEEPER-2693) DOS attack on wchp/wchc four letter words (4lw)

[ASF GitHub Bot (JIRA)]

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2693?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15870432#comment-15870432
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2693:
---

Github user hanm commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101589125
  
--- Diff: 
src/java/main/org/apache/zookeeper/server/command/FourLetterCommands.java ---
@@ -153,13 +155,33 @@
  */
 public final static int telnetCloseCmd = 0xfff4fffd;
 
-final static HashMap cmd2String =
-new HashMap();
+private static final String ZOOKEEPER_4LW_COMMANDS_WHITELIST = 
"zookeeper.4lw.commands.whitelist";
+
+final static Map cmd2String = new HashMap();
+
+final static Set whiteListedCommands = new HashSet();
 
 public static Map getCmdMapView() {
 return Collections.unmodifiableMap(cmd2String);
 }
 
+// ZOOKEEPER-2693: Only allow white listed commands.
+public static Set getWhiteListedCmdView() {
--- End diff --

The class name already provide context on caller site - 
FourLetterCommands.getWhiteListedFourLetterCmd sounds redundant.


> DOS attack on wchp/wchc four letter words (4lw)
> ---
>
> Key: ZOOKEEPER-2693
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2693
> Project: ZooKeeper
>  Issue Type: Bug
>  Components: security, server
>Affects Versions: 3.4.0, 3.5.1, 3.5.2
>Reporter: Patrick Hunt
>Assignee: Michael Han
>Priority: Blocker
> Fix For: 3.4.10, 3.5.3
>
>
> The wchp/wchc four letter words can be exploited in a DOS attack on the ZK 
> client port - typically 2181. The following POC attack was recently published 
> on the web:
> https://webcache.googleusercontent.com/search?q=cache:_CNGIz10PRYJ:https://www.exploit-db.com/exploits/41277/+=14=en=clnk=us
> The most straightforward way to block this attack is to not allow access to 
> the client port to non-trusted clients - i.e. firewall the ZooKeeper service 
> and only allow access to trusted applications using it for coordination.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[GitHub] zookeeper pull request #179: ZOOKEEPER-2693: DOS attack on wchp/wchc four le...

[hanm]

Github user hanm commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101589125
  
--- Diff: 
src/java/main/org/apache/zookeeper/server/command/FourLetterCommands.java ---
@@ -153,13 +155,33 @@
  */
 public final static int telnetCloseCmd = 0xfff4fffd;
 
-final static HashMap cmd2String =
-new HashMap();
+private static final String ZOOKEEPER_4LW_COMMANDS_WHITELIST = 
"zookeeper.4lw.commands.whitelist";
+
+final static Map cmd2String = new HashMap();
+
+final static Set whiteListedCommands = new HashSet();
 
 public static Map getCmdMapView() {
 return Collections.unmodifiableMap(cmd2String);
 }
 
+// ZOOKEEPER-2693: Only allow white listed commands.
+public static Set getWhiteListedCmdView() {
--- End diff --

The class name already provide context on caller site - 
FourLetterCommands.getWhiteListedFourLetterCmd sounds redundant.


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[GitHub] zookeeper pull request #179: ZOOKEEPER-2693: DOS attack on wchp/wchc four le...

[eribeiro]

Github user eribeiro commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101588332
  
--- Diff: 
src/java/main/org/apache/zookeeper/server/command/FourLetterCommands.java ---
@@ -153,13 +155,33 @@
  */
 public final static int telnetCloseCmd = 0xfff4fffd;
 
-final static HashMap cmd2String =
-new HashMap();
+private static final String ZOOKEEPER_4LW_COMMANDS_WHITELIST = 
"zookeeper.4lw.commands.whitelist";
+
+final static Map cmd2String = new HashMap();
+
+final static Set whiteListedCommands = new HashSet();
 
 public static Map getCmdMapView() {
 return Collections.unmodifiableMap(cmd2String);
 }
 
+// ZOOKEEPER-2693: Only allow white listed commands.
+public static Set getWhiteListedCmdView() {
--- End diff --

nit: I would change this method name to something akin 
`getWhiteListedFourLetterCmds()` or `getWhiteListed4lw()`


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[jira] [Commented] (ZOOKEEPER-2693) DOS attack on wchp/wchc four letter words (4lw)

[ASF GitHub Bot (JIRA)]

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2693?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15870428#comment-15870428
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2693:
---

Github user eribeiro commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101588332
  
--- Diff: 
src/java/main/org/apache/zookeeper/server/command/FourLetterCommands.java ---
@@ -153,13 +155,33 @@
  */
 public final static int telnetCloseCmd = 0xfff4fffd;
 
-final static HashMap cmd2String =
-new HashMap();
+private static final String ZOOKEEPER_4LW_COMMANDS_WHITELIST = 
"zookeeper.4lw.commands.whitelist";
+
+final static Map cmd2String = new HashMap();
+
+final static Set whiteListedCommands = new HashSet();
 
 public static Map getCmdMapView() {
 return Collections.unmodifiableMap(cmd2String);
 }
 
+// ZOOKEEPER-2693: Only allow white listed commands.
+public static Set getWhiteListedCmdView() {
--- End diff --

nit: I would change this method name to something akin 
`getWhiteListedFourLetterCmds()` or `getWhiteListed4lw()`


> DOS attack on wchp/wchc four letter words (4lw)
> ---
>
> Key: ZOOKEEPER-2693
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2693
> Project: ZooKeeper
>  Issue Type: Bug
>  Components: security, server
>Affects Versions: 3.4.0, 3.5.1, 3.5.2
>Reporter: Patrick Hunt
>Assignee: Michael Han
>Priority: Blocker
> Fix For: 3.4.10, 3.5.3
>
>
> The wchp/wchc four letter words can be exploited in a DOS attack on the ZK 
> client port - typically 2181. The following POC attack was recently published 
> on the web:
> https://webcache.googleusercontent.com/search?q=cache:_CNGIz10PRYJ:https://www.exploit-db.com/exploits/41277/+=14=en=clnk=us
> The most straightforward way to block this attack is to not allow access to 
> the client port to non-trusted clients - i.e. firewall the ZooKeeper service 
> and only allow access to trusted applications using it for coordination.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Commented] (ZOOKEEPER-2693) DOS attack on wchp/wchc four letter words (4lw)

[ASF GitHub Bot (JIRA)]

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2693?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15870427#comment-15870427
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2693:
---

Github user hanm commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101588320
  
--- Diff: 
src/java/main/org/apache/zookeeper/server/command/FourLetterCommands.java ---
@@ -153,13 +155,33 @@
  */
 public final static int telnetCloseCmd = 0xfff4fffd;
 
-final static HashMap cmd2String =
-new HashMap();
+private static final String ZOOKEEPER_4LW_COMMANDS_WHITELIST = 
"zookeeper.4lw.commands.whitelist";
+
+final static Map cmd2String = new HashMap();
+
+final static Set whiteListedCommands = new HashSet();
 
 public static Map getCmdMapView() {
 return Collections.unmodifiableMap(cmd2String);
 }
 
+// ZOOKEEPER-2693: Only allow white listed commands.
+public static Set getWhiteListedCmdView() {
+if (!whiteListedCommands.isEmpty()) {
+return Collections.unmodifiableSet(whiteListedCommands);
+}
+
+String commands = 
System.getProperty(ZOOKEEPER_4LW_COMMANDS_WHITELIST);
+if (commands != null) {
+String[] list = commands.split(",");
+for (String cmd : list) {
+whiteListedCommands.add(cmd.trim());
--- End diff --

That is fine - an empty string will not do any damage here but it is a good 
to have check and the cost is minimum. Will do.


> DOS attack on wchp/wchc four letter words (4lw)
> ---
>
> Key: ZOOKEEPER-2693
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2693
> Project: ZooKeeper
>  Issue Type: Bug
>  Components: security, server
>Affects Versions: 3.4.0, 3.5.1, 3.5.2
>Reporter: Patrick Hunt
>Assignee: Michael Han
>Priority: Blocker
> Fix For: 3.4.10, 3.5.3
>
>
> The wchp/wchc four letter words can be exploited in a DOS attack on the ZK 
> client port - typically 2181. The following POC attack was recently published 
> on the web:
> https://webcache.googleusercontent.com/search?q=cache:_CNGIz10PRYJ:https://www.exploit-db.com/exploits/41277/+=14=en=clnk=us
> The most straightforward way to block this attack is to not allow access to 
> the client port to non-trusted clients - i.e. firewall the ZooKeeper service 
> and only allow access to trusted applications using it for coordination.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[GitHub] zookeeper pull request #179: ZOOKEEPER-2693: DOS attack on wchp/wchc four le...

[hanm]

Github user hanm commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101588320
  
--- Diff: 
src/java/main/org/apache/zookeeper/server/command/FourLetterCommands.java ---
@@ -153,13 +155,33 @@
  */
 public final static int telnetCloseCmd = 0xfff4fffd;
 
-final static HashMap cmd2String =
-new HashMap();
+private static final String ZOOKEEPER_4LW_COMMANDS_WHITELIST = 
"zookeeper.4lw.commands.whitelist";
+
+final static Map cmd2String = new HashMap();
+
+final static Set whiteListedCommands = new HashSet();
 
 public static Map getCmdMapView() {
 return Collections.unmodifiableMap(cmd2String);
 }
 
+// ZOOKEEPER-2693: Only allow white listed commands.
+public static Set getWhiteListedCmdView() {
+if (!whiteListedCommands.isEmpty()) {
+return Collections.unmodifiableSet(whiteListedCommands);
+}
+
+String commands = 
System.getProperty(ZOOKEEPER_4LW_COMMANDS_WHITELIST);
+if (commands != null) {
+String[] list = commands.split(",");
+for (String cmd : list) {
+whiteListedCommands.add(cmd.trim());
--- End diff --

That is fine - an empty string will not do any damage here but it is a good 
to have check and the cost is minimum. Will do.


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[GitHub] zookeeper pull request #179: ZOOKEEPER-2693: DOS attack on wchp/wchc four le...

[eribeiro]

Github user eribeiro commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101587320
  
--- Diff: 
src/java/main/org/apache/zookeeper/server/command/FourLetterCommands.java ---
@@ -153,13 +155,33 @@
  */
 public final static int telnetCloseCmd = 0xfff4fffd;
 
-final static HashMap cmd2String =
-new HashMap();
+private static final String ZOOKEEPER_4LW_COMMANDS_WHITELIST = 
"zookeeper.4lw.commands.whitelist";
+
+final static Map cmd2String = new HashMap();
--- End diff --

nit: `static final` (lines 160 and 162)


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[jira] [Commented] (ZOOKEEPER-2693) DOS attack on wchp/wchc four letter words (4lw)

[ASF GitHub Bot (JIRA)]

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2693?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15870418#comment-15870418
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2693:
---

Github user eribeiro commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101587320
  
--- Diff: 
src/java/main/org/apache/zookeeper/server/command/FourLetterCommands.java ---
@@ -153,13 +155,33 @@
  */
 public final static int telnetCloseCmd = 0xfff4fffd;
 
-final static HashMap cmd2String =
-new HashMap();
+private static final String ZOOKEEPER_4LW_COMMANDS_WHITELIST = 
"zookeeper.4lw.commands.whitelist";
+
+final static Map cmd2String = new HashMap();
--- End diff --

nit: `static final` (lines 160 and 162)


> DOS attack on wchp/wchc four letter words (4lw)
> ---
>
> Key: ZOOKEEPER-2693
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2693
> Project: ZooKeeper
>  Issue Type: Bug
>  Components: security, server
>Affects Versions: 3.4.0, 3.5.1, 3.5.2
>Reporter: Patrick Hunt
>Assignee: Michael Han
>Priority: Blocker
> Fix For: 3.4.10, 3.5.3
>
>
> The wchp/wchc four letter words can be exploited in a DOS attack on the ZK 
> client port - typically 2181. The following POC attack was recently published 
> on the web:
> https://webcache.googleusercontent.com/search?q=cache:_CNGIz10PRYJ:https://www.exploit-db.com/exploits/41277/+=14=en=clnk=us
> The most straightforward way to block this attack is to not allow access to 
> the client port to non-trusted clients - i.e. firewall the ZooKeeper service 
> and only allow access to trusted applications using it for coordination.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Commented] (ZOOKEEPER-2693) DOS attack on wchp/wchc four letter words (4lw)

[ASF GitHub Bot (JIRA)]

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2693?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15870415#comment-15870415
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2693:
---

Github user eribeiro commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101587208
  
--- Diff: 
src/java/main/org/apache/zookeeper/server/command/FourLetterCommands.java ---
@@ -153,13 +155,33 @@
  */
 public final static int telnetCloseCmd = 0xfff4fffd;
 
-final static HashMap cmd2String =
-new HashMap();
+private static final String ZOOKEEPER_4LW_COMMANDS_WHITELIST = 
"zookeeper.4lw.commands.whitelist";
+
+final static Map cmd2String = new HashMap();
+
+final static Set whiteListedCommands = new HashSet();
 
 public static Map getCmdMapView() {
 return Collections.unmodifiableMap(cmd2String);
 }
 
+// ZOOKEEPER-2693: Only allow white listed commands.
+public static Set getWhiteListedCmdView() {
+if (!whiteListedCommands.isEmpty()) {
+return Collections.unmodifiableSet(whiteListedCommands);
+}
+
+String commands = 
System.getProperty(ZOOKEEPER_4LW_COMMANDS_WHITELIST);
+if (commands != null) {
+String[] list = commands.split(",");
+for (String cmd : list) {
+whiteListedCommands.add(cmd.trim());
--- End diff --

I guess we if we have "ruok, ,cons", it will insert an empty string in the 
collection, that is, need to check `if (!cmd.trim().isEmpty())`, right?


> DOS attack on wchp/wchc four letter words (4lw)
> ---
>
> Key: ZOOKEEPER-2693
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2693
> Project: ZooKeeper
>  Issue Type: Bug
>  Components: security, server
>Affects Versions: 3.4.0, 3.5.1, 3.5.2
>Reporter: Patrick Hunt
>Assignee: Michael Han
>Priority: Blocker
> Fix For: 3.4.10, 3.5.3
>
>
> The wchp/wchc four letter words can be exploited in a DOS attack on the ZK 
> client port - typically 2181. The following POC attack was recently published 
> on the web:
> https://webcache.googleusercontent.com/search?q=cache:_CNGIz10PRYJ:https://www.exploit-db.com/exploits/41277/+=14=en=clnk=us
> The most straightforward way to block this attack is to not allow access to 
> the client port to non-trusted clients - i.e. firewall the ZooKeeper service 
> and only allow access to trusted applications using it for coordination.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[GitHub] zookeeper pull request #179: ZOOKEEPER-2693: DOS attack on wchp/wchc four le...

[eribeiro]

Github user eribeiro commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101587208
  
--- Diff: 
src/java/main/org/apache/zookeeper/server/command/FourLetterCommands.java ---
@@ -153,13 +155,33 @@
  */
 public final static int telnetCloseCmd = 0xfff4fffd;
 
-final static HashMap cmd2String =
-new HashMap();
+private static final String ZOOKEEPER_4LW_COMMANDS_WHITELIST = 
"zookeeper.4lw.commands.whitelist";
+
+final static Map cmd2String = new HashMap();
+
+final static Set whiteListedCommands = new HashSet();
 
 public static Map getCmdMapView() {
 return Collections.unmodifiableMap(cmd2String);
 }
 
+// ZOOKEEPER-2693: Only allow white listed commands.
+public static Set getWhiteListedCmdView() {
+if (!whiteListedCommands.isEmpty()) {
+return Collections.unmodifiableSet(whiteListedCommands);
+}
+
+String commands = 
System.getProperty(ZOOKEEPER_4LW_COMMANDS_WHITELIST);
+if (commands != null) {
+String[] list = commands.split(",");
+for (String cmd : list) {
+whiteListedCommands.add(cmd.trim());
--- End diff --

I guess we if we have "ruok, ,cons", it will insert an empty string in the 
collection, that is, need to check `if (!cmd.trim().isEmpty())`, right?


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[jira] [Commented] (ZOOKEEPER-2693) DOS attack on wchp/wchc four letter words (4lw)

[ASF GitHub Bot (JIRA)]

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2693?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15870410#comment-15870410
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2693:
---

Github user edwardoliveira commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101586810
  
--- Diff: 
src/java/main/org/apache/zookeeper/server/command/FourLetterCommands.java ---
@@ -153,13 +155,33 @@
  */
 public final static int telnetCloseCmd = 0xfff4fffd;
 
-final static HashMap cmd2String =
-new HashMap();
+private static final String ZOOKEEPER_4LW_COMMANDS_WHITELIST = 
"zookeeper.4lw.commands.whitelist";
+
+final static Map cmd2String = new HashMap();
+
+final static Set whiteListedCommands = new HashSet();
 
 public static Map getCmdMapView() {
 return Collections.unmodifiableMap(cmd2String);
 }
 
+// ZOOKEEPER-2693: Only allow white listed commands.
+public static Set getWhiteListedCmdView() {
+if (!whiteListedCommands.isEmpty()) {
+return Collections.unmodifiableSet(whiteListedCommands);
+}
+
+String commands = 
System.getProperty(ZOOKEEPER_4LW_COMMANDS_WHITELIST);
+if (commands != null) {
+String[] list = commands.split(",");
+for (String cmd : list) {
+whiteListedCommands.add(cmd.trim());
--- End diff --

I guess we if we have "ruok, ,cons", it will insert an empty string in the 
collection.


> DOS attack on wchp/wchc four letter words (4lw)
> ---
>
> Key: ZOOKEEPER-2693
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2693
> Project: ZooKeeper
>  Issue Type: Bug
>  Components: security, server
>Affects Versions: 3.4.0, 3.5.1, 3.5.2
>Reporter: Patrick Hunt
>Assignee: Michael Han
>Priority: Blocker
> Fix For: 3.4.10, 3.5.3
>
>
> The wchp/wchc four letter words can be exploited in a DOS attack on the ZK 
> client port - typically 2181. The following POC attack was recently published 
> on the web:
> https://webcache.googleusercontent.com/search?q=cache:_CNGIz10PRYJ:https://www.exploit-db.com/exploits/41277/+=14=en=clnk=us
> The most straightforward way to block this attack is to not allow access to 
> the client port to non-trusted clients - i.e. firewall the ZooKeeper service 
> and only allow access to trusted applications using it for coordination.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[GitHub] zookeeper pull request #179: ZOOKEEPER-2693: DOS attack on wchp/wchc four le...

[edwardoliveira]

Github user edwardoliveira commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101586810
  
--- Diff: 
src/java/main/org/apache/zookeeper/server/command/FourLetterCommands.java ---
@@ -153,13 +155,33 @@
  */
 public final static int telnetCloseCmd = 0xfff4fffd;
 
-final static HashMap cmd2String =
-new HashMap();
+private static final String ZOOKEEPER_4LW_COMMANDS_WHITELIST = 
"zookeeper.4lw.commands.whitelist";
+
+final static Map cmd2String = new HashMap();
+
+final static Set whiteListedCommands = new HashSet();
 
 public static Map getCmdMapView() {
 return Collections.unmodifiableMap(cmd2String);
 }
 
+// ZOOKEEPER-2693: Only allow white listed commands.
+public static Set getWhiteListedCmdView() {
+if (!whiteListedCommands.isEmpty()) {
+return Collections.unmodifiableSet(whiteListedCommands);
+}
+
+String commands = 
System.getProperty(ZOOKEEPER_4LW_COMMANDS_WHITELIST);
+if (commands != null) {
+String[] list = commands.split(",");
+for (String cmd : list) {
+whiteListedCommands.add(cmd.trim());
--- End diff --

I guess we if we have "ruok, ,cons", it will insert an empty string in the 
collection.


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[jira] [Commented] (ZOOKEEPER-2693) DOS attack on wchp/wchc four letter words (4lw)

[Michael Han (JIRA)]

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2693?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15870368#comment-15870368
 ] 

Michael Han commented on ZOOKEEPER-2693:


bq. If I get a +1 I'll request a CVE number from the Apache security list.
+1. Thanks [~phunt]!

> DOS attack on wchp/wchc four letter words (4lw)
> ---
>
> Key: ZOOKEEPER-2693
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2693
> Project: ZooKeeper
>  Issue Type: Bug
>  Components: security, server
>Affects Versions: 3.4.0, 3.5.1, 3.5.2
>Reporter: Patrick Hunt
>Assignee: Michael Han
>Priority: Blocker
> Fix For: 3.4.10, 3.5.3
>
>
> The wchp/wchc four letter words can be exploited in a DOS attack on the ZK 
> client port - typically 2181. The following POC attack was recently published 
> on the web:
> https://webcache.googleusercontent.com/search?q=cache:_CNGIz10PRYJ:https://www.exploit-db.com/exploits/41277/+=14=en=clnk=us
> The most straightforward way to block this attack is to not allow access to 
> the client port to non-trusted clients - i.e. firewall the ZooKeeper service 
> and only allow access to trusted applications using it for coordination.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Commented] (ZOOKEEPER-2693) DOS attack on wchp/wchc four letter words (4lw)

[ASF GitHub Bot (JIRA)]

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2693?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15870352#comment-15870352
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2693:
---

Github user rakeshadr commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101582350
  
--- Diff: src/docs/src/documentation/content/xdocs/zookeeperAdmin.xml ---
@@ -1155,6 +1155,30 @@ server.3=zoo3:2888:3888
 
   
 
+  
+4lw.commands.whitelist
+
+
+  (Java system property:  DOS attack on wchp/wchc four letter words (4lw)
> ---
>
> Key: ZOOKEEPER-2693
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2693
> Project: ZooKeeper
>  Issue Type: Bug
>  Components: security, server
>Affects Versions: 3.4.0, 3.5.1, 3.5.2
>Reporter: Patrick Hunt
>Assignee: Michael Han
>Priority: Blocker
> Fix For: 3.4.10, 3.5.3
>
>
> The wchp/wchc four letter words can be exploited in a DOS attack on the ZK 
> client port - typically 2181. The following POC attack was recently published 
> on the web:
> https://webcache.googleusercontent.com/search?q=cache:_CNGIz10PRYJ:https://www.exploit-db.com/exploits/41277/+=14=en=clnk=us
> The most straightforward way to block this attack is to not allow access to 
> the client port to non-trusted clients - i.e. firewall the ZooKeeper service 
> and only allow access to trusted applications using it for coordination.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[GitHub] zookeeper pull request #179: ZOOKEEPER-2693: DOS attack on wchp/wchc four le...

[rakeshadr]

Github user rakeshadr commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101582350
  
--- Diff: src/docs/src/documentation/content/xdocs/zookeeperAdmin.xml ---
@@ -1155,6 +1155,30 @@ server.3=zoo3:2888:3888
 
   
 
+  
+4lw.commands.whitelist
+
+
+  (Java system property: 

Failed: ZOOKEEPER- PreCommit Build #339

[Apache Jenkins Server]

Build: https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/339/

###
## LAST 60 LINES OF THE CONSOLE 
###
[...truncated 479723 lines...]
 [exec] 
 [exec] +1 javadoc.  The javadoc tool did not generate any warning 
messages.
 [exec] 
 [exec] +1 javac.  The applied patch does not increase the total number 
of javac compiler warnings.
 [exec] 
 [exec] +1 findbugs.  The patch does not introduce any new Findbugs 
(version 3.0.1) warnings.
 [exec] 
 [exec] +1 release audit.  The applied patch does not increase the 
total number of release audit warnings.
 [exec] 
 [exec] -1 core tests.  The patch failed core unit tests.
 [exec] 
 [exec] +1 contrib tests.  The patch passed contrib unit tests.
 [exec] 
 [exec] Test results: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/339//testReport/
 [exec] Findbugs warnings: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/339//artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html
 [exec] Console output: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/339//console
 [exec] 
 [exec] This message is automatically generated.
 [exec] 
 [exec] 
 [exec] 
==
 [exec] 
==
 [exec] Adding comment to Jira.
 [exec] 
==
 [exec] 
==
 [exec] 
 [exec] 
 [exec] Comment added.
 [exec] 57049f1a3b6594350232417bff00d1dde2a05a73 logged out
 [exec] 
 [exec] 
 [exec] 
==
 [exec] 
==
 [exec] Finished build.
 [exec] 
==
 [exec] 
==
 [exec] 
 [exec] 
 [exec] mv: 
‘/home/jenkins/jenkins-slave/workspace/PreCommit-ZOOKEEPER-github-pr-build/patchprocess’
 and 
‘/home/jenkins/jenkins-slave/workspace/PreCommit-ZOOKEEPER-github-pr-build/patchprocess’
 are the same file

BUILD FAILED
/home/jenkins/jenkins-slave/workspace/PreCommit-ZOOKEEPER-github-pr-build/build.xml:1635:
 exec returned: 1

Total time: 13 minutes 52 seconds
Build step 'Execute shell' marked build as failure
Archiving artifacts
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Compressed 575.58 KB of artifacts by 44.5% relative to #337
Recording test results
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
[description-setter] Description set: ZOOKEEPER-2693
Putting comment on the pull request
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Email was triggered for: Failure - Any
Sending email for trigger: Failure - Any
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7



###
## FAILED TESTS (if any) 
##
11 tests failed.
FAILED:  org.apache.zookeeper.test.FourLetterWordsTest.testFourLetterWords

Error Message:
null

Stack Trace:
junit.framework.AssertionFailedError
at 
org.apache.zookeeper.test.FourLetterWordsTest.verify(FourLetterWordsTest.java:140)
at 
org.apache.zookeeper.test.FourLetterWordsTest.testFourLetterWords(FourLetterWordsTest.java:62)
at 
org.apache.zookeeper.JUnit4ZKTestRunner$LoggedInvokeMethod.evaluate(JUnit4ZKTestRunner.java:79)
at java.util.concurrent.FutureTask.run(FutureTask.java:262)
at java.lang.Thread.run(Thread.java:745)


FAILED:  org.apache.zookeeper.test.FourLetterWordsTest.testSetTraceMask

Error Message:
null

Stack Trace:
junit.framework.AssertionFailedError
at 
org.apache.zookeeper.test.FourLetterWordsTest.testSetTraceMask(FourLetterWordsTest.java:222)
at 
org.apache.zookeeper.JUnit4ZKTestRunner$LoggedInvokeMethod.evaluate(JUnit4ZKTestRunner.java:79)
at java.util.concurrent.FutureTask.run(FutureTask.java:262)
at java.lang.Thread.run(Thread.java:745)


FAILED:  org.apache.zookeeper.test.FourLetterWordsTest.testValidateConsOutput

Error Message:
null

Stack Trace:
junit.framework.AssertionFailedError
at 
org.apache.zookeeper.test.FourLetterWordsTest.testValidateConsOutput(FourLetterWordsTest.java:201)
at 

[jira] [Commented] (ZOOKEEPER-2693) DOS attack on wchp/wchc four letter words (4lw)

[Patrick Hunt (JIRA)]

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2693?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15870348#comment-15870348
 ] 

Patrick Hunt commented on ZOOKEEPER-2693:
-

I wasn't very clear on my prior CVE comment. Clarification:

Please review my suggestion for the summary of the CVE and comment here whether 
you think it's good or not. If I get a +1 I'll request a CVE number from the 
Apache security list.

https://issues.apache.org/jira/browse/ZOOKEEPER-2693?focusedCommentId=15868897=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-15868897

> DOS attack on wchp/wchc four letter words (4lw)
> ---
>
> Key: ZOOKEEPER-2693
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2693
> Project: ZooKeeper
>  Issue Type: Bug
>  Components: security, server
>Affects Versions: 3.4.0, 3.5.1, 3.5.2
>Reporter: Patrick Hunt
>Assignee: Michael Han
>Priority: Blocker
> Fix For: 3.4.10, 3.5.3
>
>
> The wchp/wchc four letter words can be exploited in a DOS attack on the ZK 
> client port - typically 2181. The following POC attack was recently published 
> on the web:
> https://webcache.googleusercontent.com/search?q=cache:_CNGIz10PRYJ:https://www.exploit-db.com/exploits/41277/+=14=en=clnk=us
> The most straightforward way to block this attack is to not allow access to 
> the client port to non-trusted clients - i.e. firewall the ZooKeeper service 
> and only allow access to trusted applications using it for coordination.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Commented] (ZOOKEEPER-2693) DOS attack on wchp/wchc four letter words (4lw)

[Hadoop QA (JIRA)]

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2693?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15870349#comment-15870349
 ] 

Hadoop QA commented on ZOOKEEPER-2693:
--

-1 overall.  GitHub Pull Request  Build
  

+1 @author.  The patch does not contain any @author tags.

+1 tests included.  The patch appears to include 17 new or modified tests.

+1 javadoc.  The javadoc tool did not generate any warning messages.

+1 javac.  The applied patch does not increase the total number of javac 
compiler warnings.

+1 findbugs.  The patch does not introduce any new Findbugs (version 3.0.1) 
warnings.

+1 release audit.  The applied patch does not increase the total number of 
release audit warnings.

-1 core tests.  The patch failed core unit tests.

+1 contrib tests.  The patch passed contrib unit tests.

Test results: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/339//testReport/
Findbugs warnings: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/339//artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html
Console output: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/339//console

This message is automatically generated.

> DOS attack on wchp/wchc four letter words (4lw)
> ---
>
> Key: ZOOKEEPER-2693
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2693
> Project: ZooKeeper
>  Issue Type: Bug
>  Components: security, server
>Affects Versions: 3.4.0, 3.5.1, 3.5.2
>Reporter: Patrick Hunt
>Assignee: Michael Han
>Priority: Blocker
> Fix For: 3.4.10, 3.5.3
>
>
> The wchp/wchc four letter words can be exploited in a DOS attack on the ZK 
> client port - typically 2181. The following POC attack was recently published 
> on the web:
> https://webcache.googleusercontent.com/search?q=cache:_CNGIz10PRYJ:https://www.exploit-db.com/exploits/41277/+=14=en=clnk=us
> The most straightforward way to block this attack is to not allow access to 
> the client port to non-trusted clients - i.e. firewall the ZooKeeper service 
> and only allow access to trusted applications using it for coordination.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Commented] (ZOOKEEPER-2693) DOS attack on wchp/wchc four letter words (4lw)

[ASF GitHub Bot (JIRA)]

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2693?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15870320#comment-15870320
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2693:
---

Github user hanm commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101579781
  
--- Diff: src/docs/src/documentation/content/xdocs/zookeeperAdmin.xml ---
@@ -1155,6 +1155,30 @@ server.3=zoo3:2888:3888
 
   
 
+  
+4lw.commands.whitelist
+
+
+  (Java system property: https://github.com/apache/zookeeper/blob/master/src/java/main/org/apache/zookeeper/server/quorum/QuorumPeerConfig.java#L296).


> DOS attack on wchp/wchc four letter words (4lw)
> ---
>
> Key: ZOOKEEPER-2693
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2693
> Project: ZooKeeper
>  Issue Type: Bug
>  Components: security, server
>Affects Versions: 3.4.0, 3.5.1, 3.5.2
>Reporter: Patrick Hunt
>Assignee: Michael Han
>Priority: Blocker
> Fix For: 3.4.10, 3.5.3
>
>
> The wchp/wchc four letter words can be exploited in a DOS attack on the ZK 
> client port - typically 2181. The following POC attack was recently published 
> on the web:
> https://webcache.googleusercontent.com/search?q=cache:_CNGIz10PRYJ:https://www.exploit-db.com/exploits/41277/+=14=en=clnk=us
> The most straightforward way to block this attack is to not allow access to 
> the client port to non-trusted clients - i.e. firewall the ZooKeeper service 
> and only allow access to trusted applications using it for coordination.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[GitHub] zookeeper pull request #179: ZOOKEEPER-2693: DOS attack on wchp/wchc four le...

[hanm]

Github user hanm commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101579781
  
--- Diff: src/docs/src/documentation/content/xdocs/zookeeperAdmin.xml ---
@@ -1155,6 +1155,30 @@ server.3=zoo3:2888:3888
 
   
 
+  
+4lw.commands.whitelist
+
+
+  (Java system property: https://github.com/apache/zookeeper/blob/master/src/java/main/org/apache/zookeeper/server/quorum/QuorumPeerConfig.java#L296).


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[jira] [Commented] (ZOOKEEPER-2693) DOS attack on wchp/wchc four letter words (4lw)

[ASF GitHub Bot (JIRA)]

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2693?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15870316#comment-15870316
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2693:
---

Github user rakeshadr commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101576900
  
--- Diff: src/docs/src/documentation/content/xdocs/zookeeperAdmin.xml ---
@@ -1155,6 +1155,30 @@ server.3=zoo3:2888:3888
 
   
 
+  
+4lw.commands.whitelist
+
+
+  (Java system property: >This new configuration option is provided as both zoo.cfg option and 
system properties so users can encode the white list in zoo.cfg and that is the 
recommended approach as documented in the admin manual

Do you meant, you are supporting both options - users can either configure 
the list in `zoo.cfg` or set as `system properties`? If yes, I'm OK to this 
approach.  But in the code I could see that server reads the value from 
`System.getProperty(ZOOKEEPER_4LW_COMMANDS_WHITELIST)` and it is not reading 
the value from `zoo.cfg`


> DOS attack on wchp/wchc four letter words (4lw)
> ---
>
> Key: ZOOKEEPER-2693
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2693
> Project: ZooKeeper
>  Issue Type: Bug
>  Components: security, server
>Affects Versions: 3.4.0, 3.5.1, 3.5.2
>Reporter: Patrick Hunt
>Assignee: Michael Han
>Priority: Blocker
> Fix For: 3.4.10, 3.5.3
>
>
> The wchp/wchc four letter words can be exploited in a DOS attack on the ZK 
> client port - typically 2181. The following POC attack was recently published 
> on the web:
> https://webcache.googleusercontent.com/search?q=cache:_CNGIz10PRYJ:https://www.exploit-db.com/exploits/41277/+=14=en=clnk=us
> The most straightforward way to block this attack is to not allow access to 
> the client port to non-trusted clients - i.e. firewall the ZooKeeper service 
> and only allow access to trusted applications using it for coordination.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[GitHub] zookeeper pull request #179: ZOOKEEPER-2693: DOS attack on wchp/wchc four le...

[rakeshadr]

Github user rakeshadr commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101576900
  
--- Diff: src/docs/src/documentation/content/xdocs/zookeeperAdmin.xml ---
@@ -1155,6 +1155,30 @@ server.3=zoo3:2888:3888
 
   
 
+  
+4lw.commands.whitelist
+
+
+  (Java system property: >This new configuration option is provided as both zoo.cfg option and 
system properties so users can encode the white list in zoo.cfg and that is the 
recommended approach as documented in the admin manual

Do you meant, you are supporting both options - users can either configure 
the list in `zoo.cfg` or set as `system properties`? If yes, I'm OK to this 
approach.  But in the code I could see that server reads the value from 
`System.getProperty(ZOOKEEPER_4LW_COMMANDS_WHITELIST)` and it is not reading 
the value from `zoo.cfg`


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[jira] [Commented] (ZOOKEEPER-2693) DOS attack on wchp/wchc four letter words (4lw)

[ASF GitHub Bot (JIRA)]

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2693?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15870287#comment-15870287
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2693:
---

Github user hanm commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101572954
  
--- Diff: src/docs/src/documentation/content/xdocs/zookeeperAdmin.xml ---
@@ -1650,7 +1674,16 @@ server.3=zoo3:2888:3888
 while "srvr" and "cons" give extended details on server and
 connections respectively.
 
-
+New in 3.5.3:
+  Four Letter Words need to be explicitly white listed before 
using.
+  Please refer 4lw.commands.whitelist
+   described in 
+cluster configuration section for details.
+  Moving forward, Four Letter Words will be deprecated, please use
--- End diff --

Will do.


> DOS attack on wchp/wchc four letter words (4lw)
> ---
>
> Key: ZOOKEEPER-2693
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2693
> Project: ZooKeeper
>  Issue Type: Bug
>  Components: security, server
>Affects Versions: 3.4.0, 3.5.1, 3.5.2
>Reporter: Patrick Hunt
>Assignee: Michael Han
>Priority: Blocker
> Fix For: 3.4.10, 3.5.3
>
>
> The wchp/wchc four letter words can be exploited in a DOS attack on the ZK 
> client port - typically 2181. The following POC attack was recently published 
> on the web:
> https://webcache.googleusercontent.com/search?q=cache:_CNGIz10PRYJ:https://www.exploit-db.com/exploits/41277/+=14=en=clnk=us
> The most straightforward way to block this attack is to not allow access to 
> the client port to non-trusted clients - i.e. firewall the ZooKeeper service 
> and only allow access to trusted applications using it for coordination.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[GitHub] zookeeper pull request #179: ZOOKEEPER-2693: DOS attack on wchp/wchc four le...

[hanm]

Github user hanm commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101572954
  
--- Diff: src/docs/src/documentation/content/xdocs/zookeeperAdmin.xml ---
@@ -1650,7 +1674,16 @@ server.3=zoo3:2888:3888
 while "srvr" and "cons" give extended details on server and
 connections respectively.
 
-
+New in 3.5.3:
+  Four Letter Words need to be explicitly white listed before 
using.
+  Please refer 4lw.commands.whitelist
+   described in 
+cluster configuration section for details.
+  Moving forward, Four Letter Words will be deprecated, please use
--- End diff --

Will do.


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[jira] [Commented] (ZOOKEEPER-2693) DOS attack on wchp/wchc four letter words (4lw)

[ASF GitHub Bot (JIRA)]

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2693?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15870288#comment-15870288
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2693:
---

Github user hanm commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101572993
  
--- Diff: 
src/java/main/org/apache/zookeeper/server/command/FourLetterCommands.java ---
@@ -153,13 +155,33 @@
  */
 public final static int telnetCloseCmd = 0xfff4fffd;
 
-final static HashMap cmd2String =
-new HashMap();
+private static final String ZOOKEEPER_4LW_COMMANDS_WHITELIST = 
"zookeeper.4lw.commands.whitelist";
+
+final static Map cmd2String = new HashMap();
+
+final static Set whiteListedCommands = new HashSet();
 
 public static Map getCmdMapView() {
 return Collections.unmodifiableMap(cmd2String);
 }
 
+// ZOOKEEPER-2693: Only allow white listed commands.
+public static Set getWhiteListedCmdView() {
+if (!whiteListedCommands.isEmpty()) {
+return Collections.unmodifiableSet(whiteListedCommands);
+}
+
+String commands = 
System.getProperty(ZOOKEEPER_4LW_COMMANDS_WHITELIST);
+if (commands != null) {
+String[] list = commands.split(",");
+for (String cmd : list) {
+whiteListedCommands.add(cmd.trim());
+}
+}
+
+return Collections.unmodifiableSet(whiteListedCommands);
--- End diff --

Sounds good to me.


> DOS attack on wchp/wchc four letter words (4lw)
> ---
>
> Key: ZOOKEEPER-2693
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2693
> Project: ZooKeeper
>  Issue Type: Bug
>  Components: security, server
>Affects Versions: 3.4.0, 3.5.1, 3.5.2
>Reporter: Patrick Hunt
>Assignee: Michael Han
>Priority: Blocker
> Fix For: 3.4.10, 3.5.3
>
>
> The wchp/wchc four letter words can be exploited in a DOS attack on the ZK 
> client port - typically 2181. The following POC attack was recently published 
> on the web:
> https://webcache.googleusercontent.com/search?q=cache:_CNGIz10PRYJ:https://www.exploit-db.com/exploits/41277/+=14=en=clnk=us
> The most straightforward way to block this attack is to not allow access to 
> the client port to non-trusted clients - i.e. firewall the ZooKeeper service 
> and only allow access to trusted applications using it for coordination.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[GitHub] zookeeper pull request #179: ZOOKEEPER-2693: DOS attack on wchp/wchc four le...

[hanm]

Github user hanm commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101572993
  
--- Diff: 
src/java/main/org/apache/zookeeper/server/command/FourLetterCommands.java ---
@@ -153,13 +155,33 @@
  */
 public final static int telnetCloseCmd = 0xfff4fffd;
 
-final static HashMap cmd2String =
-new HashMap();
+private static final String ZOOKEEPER_4LW_COMMANDS_WHITELIST = 
"zookeeper.4lw.commands.whitelist";
+
+final static Map cmd2String = new HashMap();
+
+final static Set whiteListedCommands = new HashSet();
 
 public static Map getCmdMapView() {
 return Collections.unmodifiableMap(cmd2String);
 }
 
+// ZOOKEEPER-2693: Only allow white listed commands.
+public static Set getWhiteListedCmdView() {
+if (!whiteListedCommands.isEmpty()) {
+return Collections.unmodifiableSet(whiteListedCommands);
+}
+
+String commands = 
System.getProperty(ZOOKEEPER_4LW_COMMANDS_WHITELIST);
+if (commands != null) {
+String[] list = commands.split(",");
+for (String cmd : list) {
+whiteListedCommands.add(cmd.trim());
+}
+}
+
+return Collections.unmodifiableSet(whiteListedCommands);
--- End diff --

Sounds good to me.


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[GitHub] zookeeper pull request #179: ZOOKEEPER-2693: DOS attack on wchp/wchc four le...

[hanm]

Github user hanm commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101572026
  
--- Diff: src/docs/src/documentation/content/xdocs/zookeeperAdmin.xml ---
@@ -1155,6 +1155,30 @@ server.3=zoo3:2888:3888
 
   
 
+  
+4lw.commands.whitelist
+
+
+  (Java system property: 

[jira] [Commented] (ZOOKEEPER-2693) DOS attack on wchp/wchc four letter words (4lw)

[ASF GitHub Bot (JIRA)]

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2693?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15870285#comment-15870285
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2693:
---

Github user hanm commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101572026
  
--- Diff: src/docs/src/documentation/content/xdocs/zookeeperAdmin.xml ---
@@ -1155,6 +1155,30 @@ server.3=zoo3:2888:3888
 
   
 
+  
+4lw.commands.whitelist
+
+
+  (Java system property:  DOS attack on wchp/wchc four letter words (4lw)
> ---
>
> Key: ZOOKEEPER-2693
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2693
> Project: ZooKeeper
>  Issue Type: Bug
>  Components: security, server
>Affects Versions: 3.4.0, 3.5.1, 3.5.2
>Reporter: Patrick Hunt
>Assignee: Michael Han
>Priority: Blocker
> Fix For: 3.4.10, 3.5.3
>
>
> The wchp/wchc four letter words can be exploited in a DOS attack on the ZK 
> client port - typically 2181. The following POC attack was recently published 
> on the web:
> https://webcache.googleusercontent.com/search?q=cache:_CNGIz10PRYJ:https://www.exploit-db.com/exploits/41277/+=14=en=clnk=us
> The most straightforward way to block this attack is to not allow access to 
> the client port to non-trusted clients - i.e. firewall the ZooKeeper service 
> and only allow access to trusted applications using it for coordination.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Graceful close of ZooKeeper client

[Enrico Olivelli]

Hi ZooKeepers,
I have just created this and issue to improve client-side "close"

https://issues.apache.org/jira/browse/ZOOKEEPER-2697 Handle graceful stop
of ZookKeeper client

If the idea is acceptable for you I can write a patch and file a PR.

Thanks
-- Enrico

ZooKeeper_branch34_openjdk7 - Build # 1395 - Still Failing

[Apache Jenkins Server]

See https://builds.apache.org/job/ZooKeeper_branch34_openjdk7/1395/

###
## LAST 60 LINES OF THE CONSOLE 
###
Started by timer
[EnvInject] - Loading node environment variables.
Building remotely on ubuntu-5 (Ubuntu yahoo-not-h2 ubuntu ubuntu5 docker) in 
workspace /home/jenkins/jenkins-slave/workspace/ZooKeeper_branch34_openjdk7
 > git rev-parse --is-inside-work-tree # timeout=10
Fetching changes from the remote Git repository
 > git config remote.origin.url git://git.apache.org/zookeeper.git # timeout=10
Cleaning workspace
 > git rev-parse --verify HEAD # timeout=10
Resetting working tree
 > git reset --hard # timeout=10
 > git clean -fdx # timeout=10
Fetching upstream changes from git://git.apache.org/zookeeper.git
 > git --version # timeout=10
 > git -c core.askpass=true fetch --tags --progress 
 > git://git.apache.org/zookeeper.git +refs/heads/*:refs/remotes/origin/*
 > git rev-parse refs/remotes/origin/branch-3.4^{commit} # timeout=10
 > git rev-parse refs/remotes/origin/origin/branch-3.4^{commit} # timeout=10
Checking out Revision 373b82bab843cc84c22b99f6511f8fea974fd2b4 
(refs/remotes/origin/branch-3.4)
 > git config core.sparsecheckout # timeout=10
 > git checkout -f 373b82bab843cc84c22b99f6511f8fea974fd2b4
 > git rev-list 373b82bab843cc84c22b99f6511f8fea974fd2b4 # timeout=10
No emails were triggered.
[ZooKeeper_branch34_openjdk7] $ /home/jenkins/tools/ant/latest/bin/ant 
-Dtest.output=yes -Dtest.junit.threads=8 -Dtest.junit.output.format=xml 
-Djavac.target=1.7 clean test-core-java
Exception in thread "main" java.lang.UnsupportedClassVersionError: 
org/apache/tools/ant/launch/Launcher : Unsupported major.minor version 52.0
at java.lang.ClassLoader.defineClass1(Native Method)
at java.lang.ClassLoader.defineClass(ClassLoader.java:803)
at 
java.security.SecureClassLoader.defineClass(SecureClassLoader.java:142)
at java.net.URLClassLoader.defineClass(URLClassLoader.java:442)
at java.net.URLClassLoader.access$100(URLClassLoader.java:64)
at java.net.URLClassLoader$1.run(URLClassLoader.java:354)
at java.net.URLClassLoader$1.run(URLClassLoader.java:348)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.java:347)
at java.lang.ClassLoader.loadClass(ClassLoader.java:425)
at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:308)
at java.lang.ClassLoader.loadClass(ClassLoader.java:358)
at sun.launcher.LauncherHelper.checkAndLoadMain(LauncherHelper.java:482)
Build step 'Invoke Ant' marked build as failure
Recording test results
ERROR: Step ?Publish JUnit test result report? failed: No test report files 
were found. Configuration error?
Email was triggered for: Failure - Any
Sending email for trigger: Failure - Any



###
## FAILED TESTS (if any) 
##
No tests ran.

ZooKeeper_branch34_solaris - Build # 1476 - Still Failing

[Apache Jenkins Server]

See https://builds.apache.org/job/ZooKeeper_branch34_solaris/1476/

###
## LAST 60 LINES OF THE CONSOLE 
###
[...truncated 198868 lines...]
[junit] 2017-02-16 13:57:34,456 [myid:] - INFO  
[main:PrepRequestProcessor@764] - Shutting down
[junit] 2017-02-16 13:57:34,456 [myid:] - INFO  
[main:SyncRequestProcessor@208] - Shutting down
[junit] 2017-02-16 13:57:34,456 [myid:] - INFO  [ProcessThread(sid:0 
cport:11221)::PrepRequestProcessor@143] - PrepRequestProcessor exited loop!
[junit] 2017-02-16 13:57:34,456 [myid:] - INFO  
[SyncThread:0:SyncRequestProcessor@186] - SyncRequestProcessor exited!
[junit] 2017-02-16 13:57:34,456 [myid:] - INFO  
[main:FinalRequestProcessor@402] - shutdown of request processor complete
[junit] 2017-02-16 13:57:34,457 [myid:] - INFO  
[main:FourLetterWordMain@62] - connecting to 127.0.0.1 11221
[junit] 2017-02-16 13:57:34,457 [myid:] - INFO  [main:JMXEnv@147] - 
ensureOnly:[]
[junit] 2017-02-16 13:57:34,458 [myid:] - INFO  [main:ClientBase@445] - 
STARTING server
[junit] 2017-02-16 13:57:34,458 [myid:] - INFO  [main:ClientBase@366] - 
CREATING server instance 127.0.0.1:11221
[junit] 2017-02-16 13:57:34,459 [myid:] - INFO  
[main:NIOServerCnxnFactory@89] - binding to port 0.0.0.0/0.0.0.0:11221
[junit] 2017-02-16 13:57:34,459 [myid:] - INFO  [main:ClientBase@341] - 
STARTING server instance 127.0.0.1:11221
[junit] 2017-02-16 13:57:34,459 [myid:] - INFO  [main:ZooKeeperServer@173] 
- Created server with tickTime 3000 minSessionTimeout 6000 maxSessionTimeout 
6 datadir 
/zonestorage/hudson_solaris/home/hudson/hudson-slave/workspace/ZooKeeper_branch34_solaris/build/test/tmp/test4886073594453752273.junit.dir/version-2
 snapdir 
/zonestorage/hudson_solaris/home/hudson/hudson-slave/workspace/ZooKeeper_branch34_solaris/build/test/tmp/test4886073594453752273.junit.dir/version-2
[junit] 2017-02-16 13:57:34,462 [myid:] - ERROR [main:ZooKeeperServer@472] 
- ZKShutdownHandler is not registered, so ZooKeeper server won't take any 
action on ERROR or SHUTDOWN server state changes
[junit] 2017-02-16 13:57:34,462 [myid:] - INFO  
[main:FourLetterWordMain@62] - connecting to 127.0.0.1 11221
[junit] 2017-02-16 13:57:34,463 [myid:] - INFO  
[NIOServerCxn.Factory:0.0.0.0/0.0.0.0:11221:NIOServerCnxnFactory@192] - 
Accepted socket connection from /127.0.0.1:55703
[junit] 2017-02-16 13:57:34,463 [myid:] - INFO  
[NIOServerCxn.Factory:0.0.0.0/0.0.0.0:11221:NIOServerCnxn@838] - Processing 
stat command from /127.0.0.1:55703
[junit] 2017-02-16 13:57:34,464 [myid:] - INFO  
[Thread-5:NIOServerCnxn$StatCommand@674] - Stat command output
[junit] 2017-02-16 13:57:34,465 [myid:] - INFO  
[Thread-5:NIOServerCnxn@1019] - Closed socket connection for client 
/127.0.0.1:55703 (no session established for client)
[junit] 2017-02-16 13:57:34,465 [myid:] - INFO  [main:JMXEnv@230] - 
ensureParent:[InMemoryDataTree, StandaloneServer_port]
[junit] 2017-02-16 13:57:34,466 [myid:] - INFO  [main:JMXEnv@247] - 
expect:InMemoryDataTree
[junit] 2017-02-16 13:57:34,467 [myid:] - INFO  [main:JMXEnv@251] - 
found:InMemoryDataTree 
org.apache.ZooKeeperService:name0=StandaloneServer_port11221,name1=InMemoryDataTree
[junit] 2017-02-16 13:57:34,467 [myid:] - INFO  [main:JMXEnv@247] - 
expect:StandaloneServer_port
[junit] 2017-02-16 13:57:34,467 [myid:] - INFO  [main:JMXEnv@251] - 
found:StandaloneServer_port 
org.apache.ZooKeeperService:name0=StandaloneServer_port11221
[junit] 2017-02-16 13:57:34,467 [myid:] - INFO  
[main:JUnit4ZKTestRunner$LoggedInvokeMethod@58] - Memory used 9360
[junit] 2017-02-16 13:57:34,467 [myid:] - INFO  
[main:JUnit4ZKTestRunner$LoggedInvokeMethod@63] - Number of threads 20
[junit] 2017-02-16 13:57:34,468 [myid:] - INFO  
[main:JUnit4ZKTestRunner$LoggedInvokeMethod@78] - FINISHED TEST METHOD testQuota
[junit] 2017-02-16 13:57:34,468 [myid:] - INFO  [main:ClientBase@522] - 
tearDown starting
[junit] 2017-02-16 13:57:34,542 [myid:] - INFO  [main:ZooKeeper@684] - 
Session: 0x15a4736bb36 closed
[junit] 2017-02-16 13:57:34,542 [myid:] - INFO  [main:ClientBase@492] - 
STOPPING server
[junit] 2017-02-16 13:57:34,542 [myid:] - INFO  
[main-EventThread:ClientCnxn$EventThread@519] - EventThread shut down for 
session: 0x15a4736bb36
[junit] 2017-02-16 13:57:34,543 [myid:] - INFO  [main:ZooKeeperServer@505] 
- shutting down
[junit] 2017-02-16 13:57:34,543 [myid:] - ERROR [main:ZooKeeperServer@472] 
- ZKShutdownHandler is not registered, so ZooKeeper server won't take any 
action on ERROR or SHUTDOWN server state changes
[junit] 2017-02-16 13:57:34,543 [myid:] - INFO  
[main:SessionTrackerImpl@225] - Shutting down
[junit] 2017-02-16 13:57:34,544 [myid:] - INFO  
[main:PrepRequestProcessor@764] - Shutting down
[junit] 2017-02-16 13:57:34,544 

[jira] [Created] (ZOOKEEPER-2697) Handle graceful stop of ZookKeeper client

[Enrico Olivelli (JIRA)]

Enrico Olivelli created ZOOKEEPER-2697:
--

 Summary: Handle graceful stop of ZookKeeper client
 Key: ZOOKEEPER-2697
 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2697
 Project: ZooKeeper
  Issue Type: Improvement
  Components: java client
Affects Versions: 3.4.9
Reporter: Enrico Olivelli
Priority: Critical


As seen in ZOOKEEPER-1394 I would like to have the "close"  which waits for all 
background activities to  finish.

In tests the method "testableWaitForShutdown" is used.

My proposal is to add a new boolean configuration options "gracefulClose" 
(defaults to "false") which adds a logic similar to testableWaitForShutdown at 
the end of "close" methd.

I would like to add a new configuration property in order to make third party 
libraries which only call "close" but have a "configurabile" ZooKeeper instance 
to leverage this new feature



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

ZooKeeper-trunk-jdk8 - Build # 946 - Still Failing

[Apache Jenkins Server]

See https://builds.apache.org/job/ZooKeeper-trunk-jdk8/946/

###
## LAST 60 LINES OF THE CONSOLE 
###
[...truncated 526618 lines...]
[junit] java.net.ConnectException: Connection refused
[junit] at sun.nio.ch.SocketChannelImpl.checkConnect(Native Method)
[junit] at 
sun.nio.ch.SocketChannelImpl.finishConnect(SocketChannelImpl.java:717)
[junit] at 
org.apache.zookeeper.ClientCnxnSocketNIO.doTransport(ClientCnxnSocketNIO.java:357)
[junit] at 
org.apache.zookeeper.ClientCnxn$SendThread.run(ClientCnxn.java:1214)
[junit] 2017-02-16 11:57:07,309 [myid:127.0.0.1:14038] - INFO  
[main-SendThread(127.0.0.1:14038):ClientCnxn$SendThread@1113] - Opening socket 
connection to server 127.0.0.1/127.0.0.1:14038. Will not attempt to 
authenticate using SASL (unknown error)
[junit] 2017-02-16 11:57:07,310 [myid:127.0.0.1:14038] - WARN  
[main-SendThread(127.0.0.1:14038):ClientCnxn$SendThread@1235] - Session 
0x1025e50312f for server 127.0.0.1/127.0.0.1:14038, unexpected error, 
closing socket connection and attempting reconnect
[junit] java.net.ConnectException: Connection refused
[junit] at sun.nio.ch.SocketChannelImpl.checkConnect(Native Method)
[junit] at 
sun.nio.ch.SocketChannelImpl.finishConnect(SocketChannelImpl.java:717)
[junit] at 
org.apache.zookeeper.ClientCnxnSocketNIO.doTransport(ClientCnxnSocketNIO.java:357)
[junit] at 
org.apache.zookeeper.ClientCnxn$SendThread.run(ClientCnxn.java:1214)
[junit] 2017-02-16 11:57:07,316 [myid:127.0.0.1:13915] - INFO  
[main-SendThread(127.0.0.1:13915):ClientCnxn$SendThread@1113] - Opening socket 
connection to server 127.0.0.1/127.0.0.1:13915. Will not attempt to 
authenticate using SASL (unknown error)
[junit] 2017-02-16 11:57:07,316 [myid:127.0.0.1:13915] - WARN  
[main-SendThread(127.0.0.1:13915):ClientCnxn$SendThread@1235] - Session 
0x1025e4b95a2 for server 127.0.0.1/127.0.0.1:13915, unexpected error, 
closing socket connection and attempting reconnect
[junit] java.net.ConnectException: Connection refused
[junit] at sun.nio.ch.SocketChannelImpl.checkConnect(Native Method)
[junit] at 
sun.nio.ch.SocketChannelImpl.finishConnect(SocketChannelImpl.java:717)
[junit] at 
org.apache.zookeeper.ClientCnxnSocketNIO.doTransport(ClientCnxnSocketNIO.java:357)
[junit] at 
org.apache.zookeeper.ClientCnxn$SendThread.run(ClientCnxn.java:1214)
[junit] 2017-02-16 11:57:07,659 [myid:] - INFO  [ProcessThread(sid:0 
cport:14161)::PrepRequestProcessor@617] - Processed session termination for 
sessionid: 0x1025e53419c
[junit] 2017-02-16 11:57:07,680 [myid:] - INFO  [main:ZooKeeper@1324] - 
Session: 0x1025e53419c closed
[junit] 2017-02-16 11:57:07,680 [myid:] - INFO  
[main-EventThread:ClientCnxn$EventThread@513] - EventThread shut down for 
session: 0x1025e53419c
[junit] 2017-02-16 11:57:07,680 [myid:] - INFO  
[SyncThread:0:MBeanRegistry@128] - Unregister MBean 
[org.apache.ZooKeeperService:name0=StandaloneServer_port14161,name1=Connections,name2=127.0.0.1,name3=0x1025e53419c]
[junit] 2017-02-16 11:57:07,681 [myid:] - INFO  
[main:JUnit4ZKTestRunner$LoggedInvokeMethod@82] - Memory used 166607
[junit] 2017-02-16 11:57:07,681 [myid:] - INFO  
[main:JUnit4ZKTestRunner$LoggedInvokeMethod@87] - Number of threads 1644
[junit] 2017-02-16 11:57:07,681 [myid:] - INFO  
[main:JUnit4ZKTestRunner$LoggedInvokeMethod@102] - FINISHED TEST METHOD 
testWatcherAutoResetWithLocal
[junit] 2017-02-16 11:57:07,681 [myid:] - INFO  [main:ClientBase@558] - 
tearDown starting
[junit] 2017-02-16 11:57:07,681 [myid:] - INFO  [main:ClientBase@528] - 
STOPPING server
[junit] 2017-02-16 11:57:07,681 [myid:] - INFO  
[main:NettyServerCnxnFactory@464] - shutdown called 0.0.0.0/0.0.0.0:14161
[junit] 2017-02-16 11:57:07,685 [myid:] - INFO  [main:ZooKeeperServer@542] 
- shutting down
[junit] 2017-02-16 11:57:07,685 [myid:] - ERROR [main:ZooKeeperServer@506] 
- ZKShutdownHandler is not registered, so ZooKeeper server won't take any 
action on ERROR or SHUTDOWN server state changes
[junit] 2017-02-16 11:57:07,685 [myid:] - INFO  
[main:SessionTrackerImpl@232] - Shutting down
[junit] 2017-02-16 11:57:07,685 [myid:] - INFO  
[main:PrepRequestProcessor@1008] - Shutting down
[junit] 2017-02-16 11:57:07,686 [myid:] - INFO  
[main:SyncRequestProcessor@191] - Shutting down
[junit] 2017-02-16 11:57:07,686 [myid:] - INFO  [ProcessThread(sid:0 
cport:14161)::PrepRequestProcessor@157] - PrepRequestProcessor exited loop!
[junit] 2017-02-16 11:57:07,686 [myid:] - INFO  
[SyncThread:0:SyncRequestProcessor@169] - SyncRequestProcessor exited!
[junit] 2017-02-16 11:57:07,686 [myid:] - INFO  
[main:FinalRequestProcessor@481] - shutdown of request processor complete
[junit] 2017-02-16 11:57:07,686 [myid:] 

[GitHub] zookeeper pull request #179: ZOOKEEPER-2693: DOS attack on wchp/wchc four le...

[rakeshadr]

Github user rakeshadr commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101489533
  
--- Diff: src/docs/src/documentation/content/xdocs/zookeeperAdmin.xml ---
@@ -1650,7 +1674,16 @@ server.3=zoo3:2888:3888
 while "srvr" and "cons" give extended details on server and
 connections respectively.
 
-
+New in 3.5.3:
+  Four Letter Words need to be explicitly white listed before 
using.
+  Please refer 4lw.commands.whitelist
+   described in 
+cluster configuration section for details.
+  Moving forward, Four Letter Words will be deprecated, please use
--- End diff --

I hope, you are planning to deprecate in 3.5.x upcoming releases and may 
stop supporting this in 3.6.x onwards, right? If yes, then can we create(if not 
yet created) a jira task to discuss the 4lws deprecation and makes the idea 
more visible to all.


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[jira] [Commented] (ZOOKEEPER-2693) DOS attack on wchp/wchc four letter words (4lw)

[ASF GitHub Bot (JIRA)]

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2693?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15869745#comment-15869745
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2693:
---

Github user rakeshadr commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101492640
  
--- Diff: 
src/java/main/org/apache/zookeeper/server/command/FourLetterCommands.java ---
@@ -153,13 +155,33 @@
  */
 public final static int telnetCloseCmd = 0xfff4fffd;
 
-final static HashMap cmd2String =
-new HashMap();
+private static final String ZOOKEEPER_4LW_COMMANDS_WHITELIST = 
"zookeeper.4lw.commands.whitelist";
+
+final static Map cmd2String = new HashMap();
+
+final static Set whiteListedCommands = new HashSet();
 
 public static Map getCmdMapView() {
 return Collections.unmodifiableMap(cmd2String);
 }
 
+// ZOOKEEPER-2693: Only allow white listed commands.
+public static Set getWhiteListedCmdView() {
+if (!whiteListedCommands.isEmpty()) {
+return Collections.unmodifiableSet(whiteListedCommands);
+}
+
+String commands = 
System.getProperty(ZOOKEEPER_4LW_COMMANDS_WHITELIST);
+if (commands != null) {
+String[] list = commands.split(",");
+for (String cmd : list) {
+whiteListedCommands.add(cmd.trim());
+}
+}
+
+return Collections.unmodifiableSet(whiteListedCommands);
--- End diff --

Please add an INFO log message about the acceptable and configured 
`4lwords`. The log message will be printed only once during startup or first 
cmd invocation.


> DOS attack on wchp/wchc four letter words (4lw)
> ---
>
> Key: ZOOKEEPER-2693
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2693
> Project: ZooKeeper
>  Issue Type: Bug
>  Components: security, server
>Affects Versions: 3.4.0, 3.5.1, 3.5.2
>Reporter: Patrick Hunt
>Assignee: Michael Han
>Priority: Blocker
> Fix For: 3.4.10, 3.5.3
>
>
> The wchp/wchc four letter words can be exploited in a DOS attack on the ZK 
> client port - typically 2181. The following POC attack was recently published 
> on the web:
> https://webcache.googleusercontent.com/search?q=cache:_CNGIz10PRYJ:https://www.exploit-db.com/exploits/41277/+=14=en=clnk=us
> The most straightforward way to block this attack is to not allow access to 
> the client port to non-trusted clients - i.e. firewall the ZooKeeper service 
> and only allow access to trusted applications using it for coordination.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Commented] (ZOOKEEPER-2693) DOS attack on wchp/wchc four letter words (4lw)

[ASF GitHub Bot (JIRA)]

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2693?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15869746#comment-15869746
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2693:
---

Github user rakeshadr commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101491680
  
--- Diff: src/docs/src/documentation/content/xdocs/zookeeperAdmin.xml ---
@@ -1155,6 +1155,30 @@ server.3=zoo3:2888:3888
 
   
 
+  
+4lw.commands.whitelist
+
+
+  (Java system property:  DOS attack on wchp/wchc four letter words (4lw)
> ---
>
> Key: ZOOKEEPER-2693
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2693
> Project: ZooKeeper
>  Issue Type: Bug
>  Components: security, server
>Affects Versions: 3.4.0, 3.5.1, 3.5.2
>Reporter: Patrick Hunt
>Assignee: Michael Han
>Priority: Blocker
> Fix For: 3.4.10, 3.5.3
>
>
> The wchp/wchc four letter words can be exploited in a DOS attack on the ZK 
> client port - typically 2181. The following POC attack was recently published 
> on the web:
> https://webcache.googleusercontent.com/search?q=cache:_CNGIz10PRYJ:https://www.exploit-db.com/exploits/41277/+=14=en=clnk=us
> The most straightforward way to block this attack is to not allow access to 
> the client port to non-trusted clients - i.e. firewall the ZooKeeper service 
> and only allow access to trusted applications using it for coordination.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[GitHub] zookeeper pull request #179: ZOOKEEPER-2693: DOS attack on wchp/wchc four le...

[rakeshadr]

Github user rakeshadr commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101492640
  
--- Diff: 
src/java/main/org/apache/zookeeper/server/command/FourLetterCommands.java ---
@@ -153,13 +155,33 @@
  */
 public final static int telnetCloseCmd = 0xfff4fffd;
 
-final static HashMap cmd2String =
-new HashMap();
+private static final String ZOOKEEPER_4LW_COMMANDS_WHITELIST = 
"zookeeper.4lw.commands.whitelist";
+
+final static Map cmd2String = new HashMap();
+
+final static Set whiteListedCommands = new HashSet();
 
 public static Map getCmdMapView() {
 return Collections.unmodifiableMap(cmd2String);
 }
 
+// ZOOKEEPER-2693: Only allow white listed commands.
+public static Set getWhiteListedCmdView() {
+if (!whiteListedCommands.isEmpty()) {
+return Collections.unmodifiableSet(whiteListedCommands);
+}
+
+String commands = 
System.getProperty(ZOOKEEPER_4LW_COMMANDS_WHITELIST);
+if (commands != null) {
+String[] list = commands.split(",");
+for (String cmd : list) {
+whiteListedCommands.add(cmd.trim());
+}
+}
+
+return Collections.unmodifiableSet(whiteListedCommands);
--- End diff --

Please add an INFO log message about the acceptable and configured 
`4lwords`. The log message will be printed only once during startup or first 
cmd invocation.


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[jira] [Commented] (ZOOKEEPER-2693) DOS attack on wchp/wchc four letter words (4lw)

[ASF GitHub Bot (JIRA)]

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2693?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15869744#comment-15869744
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2693:
---

Github user rakeshadr commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101489533
  
--- Diff: src/docs/src/documentation/content/xdocs/zookeeperAdmin.xml ---
@@ -1650,7 +1674,16 @@ server.3=zoo3:2888:3888
 while "srvr" and "cons" give extended details on server and
 connections respectively.
 
-
+New in 3.5.3:
+  Four Letter Words need to be explicitly white listed before 
using.
+  Please refer 4lw.commands.whitelist
+   described in 
+cluster configuration section for details.
+  Moving forward, Four Letter Words will be deprecated, please use
--- End diff --

I hope, you are planning to deprecate in 3.5.x upcoming releases and may 
stop supporting this in 3.6.x onwards, right? If yes, then can we create(if not 
yet created) a jira task to discuss the 4lws deprecation and makes the idea 
more visible to all.


> DOS attack on wchp/wchc four letter words (4lw)
> ---
>
> Key: ZOOKEEPER-2693
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2693
> Project: ZooKeeper
>  Issue Type: Bug
>  Components: security, server
>Affects Versions: 3.4.0, 3.5.1, 3.5.2
>Reporter: Patrick Hunt
>Assignee: Michael Han
>Priority: Blocker
> Fix For: 3.4.10, 3.5.3
>
>
> The wchp/wchc four letter words can be exploited in a DOS attack on the ZK 
> client port - typically 2181. The following POC attack was recently published 
> on the web:
> https://webcache.googleusercontent.com/search?q=cache:_CNGIz10PRYJ:https://www.exploit-db.com/exploits/41277/+=14=en=clnk=us
> The most straightforward way to block this attack is to not allow access to 
> the client port to non-trusted clients - i.e. firewall the ZooKeeper service 
> and only allow access to trusted applications using it for coordination.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[GitHub] zookeeper pull request #179: ZOOKEEPER-2693: DOS attack on wchp/wchc four le...

[rakeshadr]

Github user rakeshadr commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101491680
  
--- Diff: src/docs/src/documentation/content/xdocs/zookeeperAdmin.xml ---
@@ -1155,6 +1155,30 @@ server.3=zoo3:2888:3888
 
   
 
+  
+4lw.commands.whitelist
+
+
+  (Java system property: 

ZooKeeper_branch35_jdk7 - Build # 854 - Still Failing

[Apache Jenkins Server]

See https://builds.apache.org/job/ZooKeeper_branch35_jdk7/854/

###
## LAST 60 LINES OF THE CONSOLE 
###
Started by timer
[EnvInject] - Loading node environment variables.
Building remotely on ubuntu-6 (ubuntu) in workspace 
/home/jenkins/jenkins-slave/workspace/ZooKeeper_branch35_jdk7
Cloning the remote Git repository
Cloning repository git://git.apache.org/zookeeper.git
 > git init /home/jenkins/jenkins-slave/workspace/ZooKeeper_branch35_jdk7 # 
 > timeout=10
Fetching upstream changes from git://git.apache.org/zookeeper.git
 > git --version # timeout=10
 > git -c core.askpass=true fetch --tags --progress 
 > git://git.apache.org/zookeeper.git +refs/heads/*:refs/remotes/origin/*
 > git config remote.origin.url git://git.apache.org/zookeeper.git # timeout=10
 > git config --add remote.origin.fetch +refs/heads/*:refs/remotes/origin/* # 
 > timeout=10
 > git config remote.origin.url git://git.apache.org/zookeeper.git # timeout=10
Cleaning workspace
 > git rev-parse --verify HEAD # timeout=10
No valid HEAD. Skipping the resetting
 > git clean -fdx # timeout=10
Fetching upstream changes from git://git.apache.org/zookeeper.git
 > git -c core.askpass=true fetch --tags --progress 
 > git://git.apache.org/zookeeper.git +refs/heads/*:refs/remotes/origin/*
 > git rev-parse refs/remotes/origin/branch-3.5^{commit} # timeout=10
 > git rev-parse refs/remotes/origin/origin/branch-3.5^{commit} # timeout=10
Checking out Revision 1912fa8d63e6bbfdb5bb96bec85efa7c94e131e9 
(refs/remotes/origin/branch-3.5)
 > git config core.sparsecheckout # timeout=10
 > git checkout -f 1912fa8d63e6bbfdb5bb96bec85efa7c94e131e9
 > git rev-list 1912fa8d63e6bbfdb5bb96bec85efa7c94e131e9 # timeout=10
No emails were triggered.
[ZooKeeper_branch35_jdk7] $ /home/jenkins/tools/ant/latest/bin/ant 
-Dtest.output=yes -Dtest.junit.threads=8 -Dtest.junit.output.format=xml 
-Djavac.target=1.7 clean test-core-java
Exception in thread "main" java.lang.UnsupportedClassVersionError: 
org/apache/tools/ant/launch/Launcher : Unsupported major.minor version 52.0
at java.lang.ClassLoader.defineClass1(Native Method)
at java.lang.ClassLoader.defineClass(ClassLoader.java:800)
at 
java.security.SecureClassLoader.defineClass(SecureClassLoader.java:142)
at java.net.URLClassLoader.defineClass(URLClassLoader.java:449)
at java.net.URLClassLoader.access$100(URLClassLoader.java:71)
at java.net.URLClassLoader$1.run(URLClassLoader.java:361)
at java.net.URLClassLoader$1.run(URLClassLoader.java:355)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.java:354)
at java.lang.ClassLoader.loadClass(ClassLoader.java:425)
at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:308)
at java.lang.ClassLoader.loadClass(ClassLoader.java:358)
at sun.launcher.LauncherHelper.checkAndLoadMain(LauncherHelper.java:482)
Build step 'Invoke Ant' marked build as failure
Recording test results
ERROR: Step ?Publish JUnit test result report? failed: No test report files 
were found. Configuration error?
Email was triggered for: Failure - Any
Sending email for trigger: Failure - Any



###
## FAILED TESTS (if any) 
##
No tests ran.

ZooKeeper-trunk-solaris - Build # 1510 - Still Failing

[Apache Jenkins Server]

See https://builds.apache.org/job/ZooKeeper-trunk-solaris/1510/

###
## LAST 60 LINES OF THE CONSOLE 
###
[...truncated 466546 lines...]
[junit] 2017-02-16 08:37:11,250 [myid:] - INFO  [main:ClientBase@376] - 
STARTING server instance 127.0.0.1:11222
[junit] 2017-02-16 08:37:11,250 [myid:] - INFO  [main:ZooKeeperServer@908] 
- minSessionTimeout set to 6000
[junit] 2017-02-16 08:37:11,251 [myid:] - INFO  [main:ZooKeeperServer@917] 
- maxSessionTimeout set to 6
[junit] 2017-02-16 08:37:11,251 [myid:] - INFO  [main:ZooKeeperServer@160] 
- Created server with tickTime 3000 minSessionTimeout 6000 maxSessionTimeout 
6 datadir 
/zonestorage/hudson_solaris/home/hudson/hudson-slave/workspace/ZooKeeper-trunk-solaris/build/test/tmp/test7873774018192078359.junit.dir/version-2
 snapdir 
/zonestorage/hudson_solaris/home/hudson/hudson-slave/workspace/ZooKeeper-trunk-solaris/build/test/tmp/test7873774018192078359.junit.dir/version-2
[junit] 2017-02-16 08:37:11,251 [myid:] - INFO  [main:FileSnap@83] - 
Reading snapshot 
/zonestorage/hudson_solaris/home/hudson/hudson-slave/workspace/ZooKeeper-trunk-solaris/build/test/tmp/test7873774018192078359.junit.dir/version-2/snapshot.b
[junit] 2017-02-16 08:37:11,253 [myid:] - INFO  [main:FileTxnSnapLog@346] - 
Snapshotting: 0xb to 
/zonestorage/hudson_solaris/home/hudson/hudson-slave/workspace/ZooKeeper-trunk-solaris/build/test/tmp/test7873774018192078359.junit.dir/version-2/snapshot.b
[junit] 2017-02-16 08:37:11,255 [myid:] - ERROR [main:ZooKeeperServer@506] 
- ZKShutdownHandler is not registered, so ZooKeeper server won't take any 
action on ERROR or SHUTDOWN server state changes
[junit] 2017-02-16 08:37:11,255 [myid:] - INFO  
[main:FourLetterWordMain@85] - connecting to 127.0.0.1 11222
[junit] 2017-02-16 08:37:11,255 [myid:] - INFO  
[NIOServerCxnFactory.AcceptThread:0.0.0.0/0.0.0.0:11222:NIOServerCnxnFactory$AcceptThread@296]
 - Accepted socket connection from /127.0.0.1:47133
[junit] 2017-02-16 08:37:11,256 [myid:] - INFO  
[NIOWorkerThread-1:NIOServerCnxn@485] - Processing stat command from 
/127.0.0.1:47133
[junit] 2017-02-16 08:37:11,256 [myid:] - INFO  
[NIOWorkerThread-1:StatCommand@49] - Stat command output
[junit] 2017-02-16 08:37:11,256 [myid:] - INFO  
[NIOWorkerThread-1:NIOServerCnxn@614] - Closed socket connection for client 
/127.0.0.1:47133 (no session established for client)
[junit] 2017-02-16 08:37:11,257 [myid:] - INFO  [main:JMXEnv@228] - 
ensureParent:[InMemoryDataTree, StandaloneServer_port]
[junit] 2017-02-16 08:37:11,258 [myid:] - INFO  [main:JMXEnv@245] - 
expect:InMemoryDataTree
[junit] 2017-02-16 08:37:11,258 [myid:] - INFO  [main:JMXEnv@249] - 
found:InMemoryDataTree 
org.apache.ZooKeeperService:name0=StandaloneServer_port11222,name1=InMemoryDataTree
[junit] 2017-02-16 08:37:11,258 [myid:] - INFO  [main:JMXEnv@245] - 
expect:StandaloneServer_port
[junit] 2017-02-16 08:37:11,258 [myid:] - INFO  [main:JMXEnv@249] - 
found:StandaloneServer_port 
org.apache.ZooKeeperService:name0=StandaloneServer_port11222
[junit] 2017-02-16 08:37:11,259 [myid:] - INFO  
[main:JUnit4ZKTestRunner$LoggedInvokeMethod@82] - Memory used 17909
[junit] 2017-02-16 08:37:11,259 [myid:] - INFO  
[main:JUnit4ZKTestRunner$LoggedInvokeMethod@87] - Number of threads 24
[junit] 2017-02-16 08:37:11,259 [myid:] - INFO  
[main:JUnit4ZKTestRunner$LoggedInvokeMethod@102] - FINISHED TEST METHOD 
testQuota
[junit] 2017-02-16 08:37:11,259 [myid:] - INFO  [main:ClientBase@558] - 
tearDown starting
[junit] 2017-02-16 08:37:11,332 [myid:] - INFO  [main:ZooKeeper@1324] - 
Session: 0x126c30a51d2 closed
[junit] 2017-02-16 08:37:11,332 [myid:] - INFO  
[main-EventThread:ClientCnxn$EventThread@513] - EventThread shut down for 
session: 0x126c30a51d2
[junit] 2017-02-16 08:37:11,332 [myid:] - INFO  [main:ClientBase@528] - 
STOPPING server
[junit] 2017-02-16 08:37:11,332 [myid:] - INFO  
[ConnnectionExpirer:NIOServerCnxnFactory$ConnectionExpirerThread@583] - 
ConnnectionExpirerThread interrupted
[junit] 2017-02-16 08:37:11,332 [myid:] - INFO  
[NIOServerCxnFactory.SelectorThread-1:NIOServerCnxnFactory$SelectorThread@420] 
- selector thread exitted run method
[junit] 2017-02-16 08:37:11,332 [myid:] - INFO  
[NIOServerCxnFactory.AcceptThread:0.0.0.0/0.0.0.0:11222:NIOServerCnxnFactory$AcceptThread@219]
 - accept thread exitted run method
[junit] 2017-02-16 08:37:11,332 [myid:] - INFO  
[NIOServerCxnFactory.SelectorThread-0:NIOServerCnxnFactory$SelectorThread@420] 
- selector thread exitted run method
[junit] 2017-02-16 08:37:11,333 [myid:] - INFO  [main:ZooKeeperServer@542] 
- shutting down
[junit] 2017-02-16 08:37:11,333 [myid:] - ERROR [main:ZooKeeperServer@506] 
- ZKShutdownHandler is not registered, so ZooKeeper server won't take any 
action on