ZooKeeper-trunk-WinVS2008 - Build # 2439 - Still Failing
See https://builds.apache.org/job/ZooKeeper-trunk-WinVS2008/2439/ ### ## LAST 60 LINES OF THE CONSOLE ### [...truncated 9.76 KB...] [javacc] File "SimpleCharStream.java" does not exist. Will create one. [javacc] Parser generated successfully. jute: [javac] Compiling 39 source files to f:\jenkins\jenkins-slave\workspace\ZooKeeper-trunk-WinVS2008\build\classes [javac] warning: [options] bootstrap class path not set in conjunction with -source 1.7 [javac] 1 warning compile_jute_uptodate: compile_jute: [mkdir] Created dir: f:\jenkins\jenkins-slave\workspace\ZooKeeper-trunk-WinVS2008\src\java\generated [mkdir] Created dir: f:\jenkins\jenkins-slave\workspace\ZooKeeper-trunk-WinVS2008\src\c\generated [java] ../../zookeeper.jute Parsed Successfully [java] ../../zookeeper.jute Parsed Successfully [touch] Creating f:\jenkins\jenkins-slave\workspace\ZooKeeper-trunk-WinVS2008\src\java\generated\.generated BUILD SUCCESSFUL Total time: 6 seconds [ZooKeeper-trunk-WinVS2008] $ cmd /c call C:\Users\jenkins\AppData\Local\Temp\1\hudson6990959925147595464.bat f:\jenkins\jenkins-slave\workspace\ZooKeeper-trunk-WinVS2008>set ZOOKEEPER_HOME=f:\jenkins\jenkins-slave\workspace\ZooKeeper-trunk-WinVS2008 f:\jenkins\jenkins-slave\workspace\ZooKeeper-trunk-WinVS2008>set PATH=F:\\hudson\\tools\\java\\jdk1.8.0_92-unlimited-security/bin;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;F:\Program Files\CMake\bin;F:\Program Files (x86)\Subversion\bin;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files (x86)\Windows Kits\10\Windows Performance Toolkit\;C:\Program Files (x86)\nodejs\;C:\Users\jenkins\.dnx\bin;C:\Program Files\Microsoft DNX\Dnvm\;C:\Program Files (x86)\Microsoft Emulator Manager\1.0\;C:\Program Files (x86)\PuTTY\;F:\Program Files\Git\cmd;F:\\hudson\\tools\\java\\jdk1.8.0_92-unlimited-security/bin;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;F:\Program Files\CMake\bin;F:\Program Files (x86)\Subversion\bin;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files (x86)\Windows Kits\10\Windows Performance Toolkit\;C:\Program Files (x86)\nodejs\;C:\Windows\system32\config\systemprofile\.dnx\bin;C:\Program Files\Microsoft DNX\Dnvm\;C:\Program Files (x86)\Microsoft Emulator Manager\1.0\;C:\Program Files (x86)\PuTTY\;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;F:\Program Files\CMake\bin;F:\Program Files (x86)\Subversion\bin;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files (x86)\Windows Kits\10\Windows Performance Toolkit\;C:\Prog;C:/Windows/Microsoft.NET/Framework/v4.0.30319/ f:\jenkins\jenkins-slave\workspace\ZooKeeper-trunk-WinVS2008>msbuild src/c/zookeeper.sln /p:Configuration=Release Microsoft (R) Build Engine version 4.6.1087.0 [Microsoft .NET Framework, version 4.0.30319.42000] Copyright (C) Microsoft Corporation. All rights reserved. Building the projects in this solution one at a time. To enable parallel build, please add the "/m" switch. Build started 3/4/2017 5:22:18 AM. Project "f:\jenkins\jenkins-slave\workspace\ZooKeeper-trunk-WinVS2008\src\c\zookeeper.sln" on node 1 (default targets). ValidateSolutionConfiguration: Building solution configuration "Release|Win32". MSBUILD : error MSB3411: Could not load the Visual C++ component "VCBuild.exe". If the component is not installed, either 1) install the Microsoft Windows SDK for Windows Server 2008 and .NET Framework 3.5, or 2) install Microsoft Visual Studio 2008. [f:\jenkins\jenkins-slave\workspace\ZooKeeper-trunk-WinVS2008\src\c\zookeeper.sln] MSBUILD : error MSB3411: Could not load the Visual C++ component "VCBuild.exe". If the component is not installed, either 1) install the Microsoft Windows SDK for Windows Server 2008 and .NET Framework 3.5, or 2) install Microsoft Visual Studio 2008. [f:\jenkins\jenkins-slave\workspace\ZooKeeper-trunk-WinVS2008\src\c\zookeeper.sln] Done Building Project "f:\jenkins\jenkins-slave\workspace\ZooKeeper-trunk-WinVS2008\src\c\zookeeper.sln" (default targets) -- FAILED. Build FAILED. "f:\jenkins\jenkins-slave\workspace\ZooKeeper-trunk-WinVS2008\src\c\zookeeper.sln" (default target) (1) -> (zookeeper target) -> MSBUILD : error MSB3411: Could not load the Visual C++ component "VCBuild.exe". If the component is not installed, either 1) install the Microsoft Windows SDK for Windows Server 2008 and .NET Framework 3.5, or 2) install
ZooKeeper_branch34_jdk7 - Build # 1426 - Still Failing
See https://builds.apache.org/job/ZooKeeper_branch34_jdk7/1426/ ### ## LAST 60 LINES OF THE CONSOLE ### [...truncated 31.14 MB...] [junit] 2017-03-04 02:42:12,397 [myid:] - INFO [main:SessionTrackerImpl@225] - Shutting down [junit] 2017-03-04 02:42:12,397 [myid:] - INFO [main:PrepRequestProcessor@764] - Shutting down [junit] 2017-03-04 02:42:12,397 [myid:] - INFO [main:SyncRequestProcessor@208] - Shutting down [junit] 2017-03-04 02:42:12,398 [myid:] - INFO [ProcessThread(sid:0 cport:11221)::PrepRequestProcessor@143] - PrepRequestProcessor exited loop! [junit] 2017-03-04 02:42:12,398 [myid:] - INFO [SyncThread:0:SyncRequestProcessor@186] - SyncRequestProcessor exited! [junit] 2017-03-04 02:42:12,398 [myid:] - INFO [main:FinalRequestProcessor@402] - shutdown of request processor complete [junit] 2017-03-04 02:42:12,399 [myid:] - INFO [main:FourLetterWordMain@62] - connecting to 127.0.0.1 11221 [junit] 2017-03-04 02:42:12,399 [myid:] - INFO [main:JMXEnv@147] - ensureOnly:[] [junit] 2017-03-04 02:42:12,401 [myid:] - INFO [main:ClientBase@445] - STARTING server [junit] 2017-03-04 02:42:12,401 [myid:] - INFO [main:ClientBase@366] - CREATING server instance 127.0.0.1:11221 [junit] 2017-03-04 02:42:12,401 [myid:] - INFO [main:NIOServerCnxnFactory@89] - binding to port 0.0.0.0/0.0.0.0:11221 [junit] 2017-03-04 02:42:12,402 [myid:] - INFO [main:ClientBase@341] - STARTING server instance 127.0.0.1:11221 [junit] 2017-03-04 02:42:12,402 [myid:] - INFO [main:ZooKeeperServer@173] - Created server with tickTime 3000 minSessionTimeout 6000 maxSessionTimeout 6 datadir /home/jenkins/jenkins-slave/workspace/ZooKeeper_branch34_jdk7/build/test/tmp/test8900542880526232964.junit.dir/version-2 snapdir /home/jenkins/jenkins-slave/workspace/ZooKeeper_branch34_jdk7/build/test/tmp/test8900542880526232964.junit.dir/version-2 [junit] 2017-03-04 02:42:12,406 [myid:] - ERROR [main:ZooKeeperServer@472] - ZKShutdownHandler is not registered, so ZooKeeper server won't take any action on ERROR or SHUTDOWN server state changes [junit] 2017-03-04 02:42:12,406 [myid:] - INFO [main:FourLetterWordMain@62] - connecting to 127.0.0.1 11221 [junit] 2017-03-04 02:42:12,407 [myid:] - INFO [NIOServerCxn.Factory:0.0.0.0/0.0.0.0:11221:NIOServerCnxnFactory@192] - Accepted socket connection from /127.0.0.1:35022 [junit] 2017-03-04 02:42:12,407 [myid:] - INFO [NIOServerCxn.Factory:0.0.0.0/0.0.0.0:11221:NIOServerCnxn@838] - Processing stat command from /127.0.0.1:35022 [junit] 2017-03-04 02:42:12,408 [myid:] - INFO [Thread-4:NIOServerCnxn$StatCommand@674] - Stat command output [junit] 2017-03-04 02:42:12,408 [myid:] - INFO [Thread-4:NIOServerCnxn@1019] - Closed socket connection for client /127.0.0.1:35022 (no session established for client) [junit] 2017-03-04 02:42:12,409 [myid:] - INFO [main:JMXEnv@230] - ensureParent:[InMemoryDataTree, StandaloneServer_port] [junit] 2017-03-04 02:42:12,411 [myid:] - INFO [main:JMXEnv@247] - expect:InMemoryDataTree [junit] 2017-03-04 02:42:12,411 [myid:] - INFO [main:JMXEnv@251] - found:InMemoryDataTree org.apache.ZooKeeperService:name0=StandaloneServer_port11221,name1=InMemoryDataTree [junit] 2017-03-04 02:42:12,411 [myid:] - INFO [main:JMXEnv@247] - expect:StandaloneServer_port [junit] 2017-03-04 02:42:12,411 [myid:] - INFO [main:JMXEnv@251] - found:StandaloneServer_port org.apache.ZooKeeperService:name0=StandaloneServer_port11221 [junit] 2017-03-04 02:42:12,412 [myid:] - INFO [main:JUnit4ZKTestRunner$LoggedInvokeMethod@58] - Memory used 35675 [junit] 2017-03-04 02:42:12,412 [myid:] - INFO [main:JUnit4ZKTestRunner$LoggedInvokeMethod@63] - Number of threads 20 [junit] 2017-03-04 02:42:12,412 [myid:] - INFO [main:JUnit4ZKTestRunner$LoggedInvokeMethod@78] - FINISHED TEST METHOD testQuota [junit] 2017-03-04 02:42:12,412 [myid:] - INFO [main:ClientBase@522] - tearDown starting [junit] 2017-03-04 02:42:12,478 [myid:] - INFO [main:ZooKeeper@684] - Session: 0x15a97322c89 closed [junit] 2017-03-04 02:42:12,478 [myid:] - INFO [main:ClientBase@492] - STOPPING server [junit] 2017-03-04 02:42:12,479 [myid:] - INFO [main-EventThread:ClientCnxn$EventThread@519] - EventThread shut down for session: 0x15a97322c89 [junit] 2017-03-04 02:42:12,479 [myid:] - INFO [NIOServerCxn.Factory:0.0.0.0/0.0.0.0:11221:NIOServerCnxnFactory@219] - NIOServerCnxn factory exited run method [junit] 2017-03-04 02:42:12,479 [myid:] - INFO [main:ZooKeeperServer@505] - shutting down [junit] 2017-03-04 02:42:12,479 [myid:] - ERROR [main:ZooKeeperServer@472] - ZKShutdownHandler is not registered, so ZooKeeper server won't take any action on ERROR or SHUTDOWN server state changes [junit] 2017-03-04 02:42:12,480
[jira] [Commented] (ZOOKEEPER-2693) DOS attack on wchp/wchc four letter words (4lw)
[ https://issues.apache.org/jira/browse/ZOOKEEPER-2693?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15895394#comment-15895394 ] ASF GitHub Bot commented on ZOOKEEPER-2693: --- Github user arshadmohammad commented on the issue: https://github.com/apache/zookeeper/pull/179 Thanks @hanm for working on this issue. +1 LGTM. > DOS attack on wchp/wchc four letter words (4lw) > --- > > Key: ZOOKEEPER-2693 > URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2693 > Project: ZooKeeper > Issue Type: Bug > Components: security, server >Affects Versions: 3.4.0, 3.5.1, 3.5.2 >Reporter: Patrick Hunt >Assignee: Michael Han >Priority: Blocker > Fix For: 3.4.10, 3.5.3 > > Attachments: ZOOKEEPER-2693-01.patch > > > The wchp/wchc four letter words can be exploited in a DOS attack on the ZK > client port - typically 2181. The following POC attack was recently published > on the web: > https://webcache.googleusercontent.com/search?q=cache:_CNGIz10PRYJ:https://www.exploit-db.com/exploits/41277/+=14=en=clnk=us > The most straightforward way to block this attack is to not allow access to > the client port to non-trusted clients - i.e. firewall the ZooKeeper service > and only allow access to trusted applications using it for coordination. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[GitHub] zookeeper issue #179: ZOOKEEPER-2693: DOS attack on wchp/wchc four letter wo...
Github user arshadmohammad commented on the issue: https://github.com/apache/zookeeper/pull/179 Thanks @hanm for working on this issue. +1 LGTM. --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
ZooKeeper_branch34 - Build # 1855 - Still Failing
See https://builds.apache.org/job/ZooKeeper_branch34/1855/ ### ## LAST 60 LINES OF THE CONSOLE ### [...truncated 3.18 KB...] collisions:0 txqueuelen:0 RX bytes:6492935974472 (6.4 TB) TX bytes:6492935974472 (6.4 TB) core file size (blocks, -c) 0 data seg size (kbytes, -d) unlimited scheduling priority (-e) 0 file size (blocks, -f) unlimited pending signals (-i) 386177 max locked memory (kbytes, -l) 64 max memory size (kbytes, -m) unlimited open files (-n) 6 pipe size(512 bytes, -p) 8 POSIX message queues (bytes, -q) 819200 real-time priority (-r) 0 stack size (kbytes, -s) 8192 cpu time (seconds, -t) unlimited max user processes (-u) 10240 virtual memory (kbytes, -v) unlimited file locks (-x) unlimited 6 /home/jenkins/tools/ant/latest/bin/ant clean Exception in thread "main" java.lang.UnsupportedClassVersionError: org/apache/tools/ant/launch/Launcher : Unsupported major.minor version 52.0 at java.lang.ClassLoader.defineClass1(Native Method) at java.lang.ClassLoader.defineClass(ClassLoader.java:800) at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:142) at java.net.URLClassLoader.defineClass(URLClassLoader.java:449) at java.net.URLClassLoader.access$100(URLClassLoader.java:71) at java.net.URLClassLoader$1.run(URLClassLoader.java:361) at java.net.URLClassLoader$1.run(URLClassLoader.java:355) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(URLClassLoader.java:354) at java.lang.ClassLoader.loadClass(ClassLoader.java:425) at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:308) at java.lang.ClassLoader.loadClass(ClassLoader.java:358) at sun.launcher.LauncherHelper.checkAndLoadMain(LauncherHelper.java:482) Exception in thread "main" java.lang.UnsupportedClassVersionError: org/apache/tools/ant/launch/Launcher : Unsupported major.minor version 52.0 at java.lang.ClassLoader.defineClass1(Native Method) at java.lang.ClassLoader.defineClass(ClassLoader.java:800) at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:142) at java.net.URLClassLoader.defineClass(URLClassLoader.java:449) at java.net.URLClassLoader.access$100(URLClassLoader.java:71) at java.net.URLClassLoader$1.run(URLClassLoader.java:361) at java.net.URLClassLoader$1.run(URLClassLoader.java:355) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(URLClassLoader.java:354) at java.lang.ClassLoader.loadClass(ClassLoader.java:425) at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:308) at java.lang.ClassLoader.loadClass(ClassLoader.java:358) at sun.launcher.LauncherHelper.checkAndLoadMain(LauncherHelper.java:482) mv: cannot stat ‘build/*.tar.gz’: No such file or directory mv: cannot stat ‘build/*.jar’: No such file or directory mv: cannot stat ‘build/test/findbugs’: No such file or directory mv: cannot stat ‘build/docs/api’: No such file or directory Build Failed Build step 'Execute shell' marked build as failure Recording test results ERROR: Step ‘Publish JUnit test result report’ failed: No test report files were found. Configuration error? Email was triggered for: Failure - Any Sending email for trigger: Failure - Any ### ## FAILED TESTS (if any) ## No tests ran.
ZooKeeper-trunk - Build # 3298 - Still Failing
See https://builds.apache.org/job/ZooKeeper-trunk/3298/ ### ## LAST 60 LINES OF THE CONSOLE ### [...truncated 3.80 KB...] stack size (kbytes, -s) 8192 cpu time (seconds, -t) unlimited max user processes (-u) 10240 virtual memory (kbytes, -v) unlimited file locks (-x) unlimited 6 /home/jenkins/tools/ant/latest/bin/ant clean Exception in thread "main" java.lang.UnsupportedClassVersionError: org/apache/tools/ant/launch/Launcher : Unsupported major.minor version 52.0 at java.lang.ClassLoader.defineClass1(Native Method) at java.lang.ClassLoader.defineClass(ClassLoader.java:800) at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:142) at java.net.URLClassLoader.defineClass(URLClassLoader.java:449) at java.net.URLClassLoader.access$100(URLClassLoader.java:71) at java.net.URLClassLoader$1.run(URLClassLoader.java:361) at java.net.URLClassLoader$1.run(URLClassLoader.java:355) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(URLClassLoader.java:354) at java.lang.ClassLoader.loadClass(ClassLoader.java:425) at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:308) at java.lang.ClassLoader.loadClass(ClassLoader.java:358) at sun.launcher.LauncherHelper.checkAndLoadMain(LauncherHelper.java:482) Exception in thread "main" java.lang.UnsupportedClassVersionError: org/apache/tools/ant/launch/Launcher : Unsupported major.minor version 52.0 at java.lang.ClassLoader.defineClass1(Native Method) at java.lang.ClassLoader.defineClass(ClassLoader.java:800) at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:142) at java.net.URLClassLoader.defineClass(URLClassLoader.java:449) at java.net.URLClassLoader.access$100(URLClassLoader.java:71) at java.net.URLClassLoader$1.run(URLClassLoader.java:361) at java.net.URLClassLoader$1.run(URLClassLoader.java:355) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(URLClassLoader.java:354) at java.lang.ClassLoader.loadClass(ClassLoader.java:425) at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:308) at java.lang.ClassLoader.loadClass(ClassLoader.java:358) at sun.launcher.LauncherHelper.checkAndLoadMain(LauncherHelper.java:482) mv: cannot stat 'build/*.tar.gz': No such file or directory mv: cannot stat 'build/*.jar': No such file or directory mv: cannot stat 'build/test/findbugs': No such file or directory mv: cannot stat 'build/docs/api': No such file or directory Build Failed Build step 'Execute shell' marked build as failure [FINDBUGS] Skipping publisher since build result is FAILURE [WARNINGS] Skipping publisher since build result is FAILURE Archiving artifacts Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7 ERROR: Could not install JDK_1_7_LATEST__HOME java.lang.NullPointerException Recording fingerprints Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7 Recording test results Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7 ERROR: Step ?Publish JUnit test result report? failed: No test report files were found. Configuration error? Publishing Javadoc Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7 Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7 Email was triggered for: Failure - Any Sending email for trigger: Failure - Any Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7 Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7 ### ## FAILED TESTS (if any) ## No tests ran.
ZooKeeper_branch34_jdk8 - Build # 903 - Still Failing
See https://builds.apache.org/job/ZooKeeper_branch34_jdk8/903/ ### ## LAST 60 LINES OF THE CONSOLE ### [...truncated 31.38 MB...] [junit] 2017-03-03 22:58:19,586 [myid:] - INFO [main:SessionTrackerImpl@225] - Shutting down [junit] 2017-03-03 22:58:19,586 [myid:] - INFO [main:PrepRequestProcessor@764] - Shutting down [junit] 2017-03-03 22:58:19,587 [myid:] - INFO [main:SyncRequestProcessor@208] - Shutting down [junit] 2017-03-03 22:58:19,587 [myid:] - INFO [ProcessThread(sid:0 cport:11221)::PrepRequestProcessor@143] - PrepRequestProcessor exited loop! [junit] 2017-03-03 22:58:19,587 [myid:] - INFO [SyncThread:0:SyncRequestProcessor@186] - SyncRequestProcessor exited! [junit] 2017-03-03 22:58:19,587 [myid:] - INFO [main:FinalRequestProcessor@402] - shutdown of request processor complete [junit] 2017-03-03 22:58:19,587 [myid:] - INFO [main:FourLetterWordMain@62] - connecting to 127.0.0.1 11221 [junit] 2017-03-03 22:58:19,588 [myid:] - INFO [main:JMXEnv@147] - ensureOnly:[] [junit] 2017-03-03 22:58:19,589 [myid:] - INFO [main:ClientBase@445] - STARTING server [junit] 2017-03-03 22:58:19,589 [myid:] - INFO [main:ClientBase@366] - CREATING server instance 127.0.0.1:11221 [junit] 2017-03-03 22:58:19,590 [myid:] - INFO [main:NIOServerCnxnFactory@89] - binding to port 0.0.0.0/0.0.0.0:11221 [junit] 2017-03-03 22:58:19,590 [myid:] - INFO [main:ClientBase@341] - STARTING server instance 127.0.0.1:11221 [junit] 2017-03-03 22:58:19,590 [myid:] - INFO [main:ZooKeeperServer@173] - Created server with tickTime 3000 minSessionTimeout 6000 maxSessionTimeout 6 datadir /home/jenkins/jenkins-slave/workspace/ZooKeeper_branch34_jdk8/build/test/tmp/test2892786380594243.junit.dir/version-2 snapdir /home/jenkins/jenkins-slave/workspace/ZooKeeper_branch34_jdk8/build/test/tmp/test2892786380594243.junit.dir/version-2 [junit] 2017-03-03 22:58:19,592 [myid:] - ERROR [main:ZooKeeperServer@472] - ZKShutdownHandler is not registered, so ZooKeeper server won't take any action on ERROR or SHUTDOWN server state changes [junit] 2017-03-03 22:58:19,593 [myid:] - INFO [main:FourLetterWordMain@62] - connecting to 127.0.0.1 11221 [junit] 2017-03-03 22:58:19,593 [myid:] - INFO [NIOServerCxn.Factory:0.0.0.0/0.0.0.0:11221:NIOServerCnxnFactory@192] - Accepted socket connection from /127.0.0.1:35548 [junit] 2017-03-03 22:58:19,593 [myid:] - INFO [NIOServerCxn.Factory:0.0.0.0/0.0.0.0:11221:NIOServerCnxn@838] - Processing stat command from /127.0.0.1:35548 [junit] 2017-03-03 22:58:19,594 [myid:] - INFO [Thread-4:NIOServerCnxn$StatCommand@674] - Stat command output [junit] 2017-03-03 22:58:19,594 [myid:] - INFO [Thread-4:NIOServerCnxn@1019] - Closed socket connection for client /127.0.0.1:35548 (no session established for client) [junit] 2017-03-03 22:58:19,594 [myid:] - INFO [main:JMXEnv@230] - ensureParent:[InMemoryDataTree, StandaloneServer_port] [junit] 2017-03-03 22:58:19,596 [myid:] - INFO [main:JMXEnv@247] - expect:InMemoryDataTree [junit] 2017-03-03 22:58:19,596 [myid:] - INFO [main:JMXEnv@251] - found:InMemoryDataTree org.apache.ZooKeeperService:name0=StandaloneServer_port11221,name1=InMemoryDataTree [junit] 2017-03-03 22:58:19,596 [myid:] - INFO [main:JMXEnv@247] - expect:StandaloneServer_port [junit] 2017-03-03 22:58:19,596 [myid:] - INFO [main:JMXEnv@251] - found:StandaloneServer_port org.apache.ZooKeeperService:name0=StandaloneServer_port11221 [junit] 2017-03-03 22:58:19,597 [myid:] - INFO [main:JUnit4ZKTestRunner$LoggedInvokeMethod@58] - Memory used 35518 [junit] 2017-03-03 22:58:19,597 [myid:] - INFO [main:JUnit4ZKTestRunner$LoggedInvokeMethod@63] - Number of threads 20 [junit] 2017-03-03 22:58:19,597 [myid:] - INFO [main:JUnit4ZKTestRunner$LoggedInvokeMethod@78] - FINISHED TEST METHOD testQuota [junit] 2017-03-03 22:58:19,597 [myid:] - INFO [main:ClientBase@522] - tearDown starting [junit] 2017-03-03 22:58:19,674 [myid:] - INFO [main:ZooKeeper@684] - Session: 0x15a966534c1 closed [junit] 2017-03-03 22:58:19,674 [myid:] - INFO [main-EventThread:ClientCnxn$EventThread@519] - EventThread shut down for session: 0x15a966534c1 [junit] 2017-03-03 22:58:19,674 [myid:] - INFO [main:ClientBase@492] - STOPPING server [junit] 2017-03-03 22:58:19,675 [myid:] - INFO [NIOServerCxn.Factory:0.0.0.0/0.0.0.0:11221:NIOServerCnxnFactory@219] - NIOServerCnxn factory exited run method [junit] 2017-03-03 22:58:19,675 [myid:] - INFO [main:ZooKeeperServer@505] - shutting down [junit] 2017-03-03 22:58:19,675 [myid:] - ERROR [main:ZooKeeperServer@472] - ZKShutdownHandler is not registered, so ZooKeeper server won't take any action on ERROR or SHUTDOWN server state changes [junit] 2017-03-03 22:58:19,675 [myid:] -
[jira] [Commented] (ZOOKEEPER-2709) Clarify documentation around "auth" ACL scheme
[ https://issues.apache.org/jira/browse/ZOOKEEPER-2709?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15895083#comment-15895083 ] Hadoop QA commented on ZOOKEEPER-2709: -- +1 overall. GitHub Pull Request Build +1 @author. The patch does not contain any @author tags. +0 tests included. The patch appears to be a documentation patch that doesn't require tests. +1 javadoc. The javadoc tool did not generate any warning messages. +1 javac. The applied patch does not increase the total number of javac compiler warnings. +1 findbugs. The patch does not introduce any new Findbugs (version 3.0.1) warnings. +1 release audit. The applied patch does not increase the total number of release audit warnings. +1 core tests. The patch passed core unit tests. +1 contrib tests. The patch passed contrib unit tests. Test results: https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/375//testReport/ Findbugs warnings: https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/375//artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html Console output: https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/375//console This message is automatically generated. > Clarify documentation around "auth" ACL scheme > -- > > Key: ZOOKEEPER-2709 > URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2709 > Project: ZooKeeper > Issue Type: Task > Components: documentation >Reporter: Josh Elser >Priority: Minor > > We recently found up in HBASE-17717 that we were incorrectly setting an ACL > on our "sensitive" znodes after the output of {{getACL}} on these nodes > didn't match what was expected. > In referencing the documentation about how the {{auth}} ACL scheme was > supposed to work, it was unclear if it was a ZooKeeper bug or an HBase bug. > After reading some ZooKeeper code, we found that it was an HBase bug, but it > would be nice to clarify the docs around this ACL scheme. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
Success: ZOOKEEPER- PreCommit Build #375
Build: https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/375/ ### ## LAST 60 LINES OF THE CONSOLE ### [...truncated 68.20 MB...] [exec] [exec] +1 @author. The patch does not contain any @author tags. [exec] [exec] +0 tests included. The patch appears to be a documentation patch that doesn't require tests. [exec] [exec] +1 javadoc. The javadoc tool did not generate any warning messages. [exec] [exec] +1 javac. The applied patch does not increase the total number of javac compiler warnings. [exec] [exec] +1 findbugs. The patch does not introduce any new Findbugs (version 3.0.1) warnings. [exec] [exec] +1 release audit. The applied patch does not increase the total number of release audit warnings. [exec] [exec] +1 core tests. The patch passed core unit tests. [exec] [exec] +1 contrib tests. The patch passed contrib unit tests. [exec] [exec] Test results: https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/375//testReport/ [exec] Findbugs warnings: https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/375//artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html [exec] Console output: https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/375//console [exec] [exec] This message is automatically generated. [exec] [exec] [exec] == [exec] == [exec] Adding comment to Jira. [exec] == [exec] == [exec] [exec] [exec] Comment added. [exec] 105db2a37ae94e429ff1a5b2e7c15bb784f949d7 logged out [exec] [exec] [exec] == [exec] mv: '/home/jenkins/jenkins-slave/workspace/PreCommit-ZOOKEEPER-github-pr-build/patchprocess' and '/home/jenkins/jenkins-slave/workspace/PreCommit-ZOOKEEPER-github-pr-build/patchprocess' are the same file [exec] == [exec] Finished build. [exec] == [exec] == [exec] [exec] BUILD SUCCESSFUL Total time: 18 minutes 45 seconds Archiving artifacts Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7 Recording test results Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7 Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7 [description-setter] Description set: ZOOKEEPER-2709 Putting comment on the pull request Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7 Email was triggered for: Success Sending email for trigger: Success Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7 Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7 Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7 ### ## FAILED TESTS (if any) ## All tests passed
[jira] [Commented] (ZOOKEEPER-2709) Clarify documentation around "auth" ACL scheme
[ https://issues.apache.org/jira/browse/ZOOKEEPER-2709?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15895080#comment-15895080 ] Hadoop QA commented on ZOOKEEPER-2709: -- -1 overall. GitHub Pull Request Build +1 @author. The patch does not contain any @author tags. +0 tests included. The patch appears to be a documentation patch that doesn't require tests. +1 javadoc. The javadoc tool did not generate any warning messages. +1 javac. The applied patch does not increase the total number of javac compiler warnings. +1 findbugs. The patch does not introduce any new Findbugs (version 3.0.1) warnings. +1 release audit. The applied patch does not increase the total number of release audit warnings. -1 core tests. The patch failed core unit tests. +1 contrib tests. The patch passed contrib unit tests. Test results: https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/376//testReport/ Findbugs warnings: https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/376//artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html Console output: https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/376//console This message is automatically generated. > Clarify documentation around "auth" ACL scheme > -- > > Key: ZOOKEEPER-2709 > URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2709 > Project: ZooKeeper > Issue Type: Task > Components: documentation >Reporter: Josh Elser >Priority: Minor > > We recently found up in HBASE-17717 that we were incorrectly setting an ACL > on our "sensitive" znodes after the output of {{getACL}} on these nodes > didn't match what was expected. > In referencing the documentation about how the {{auth}} ACL scheme was > supposed to work, it was unclear if it was a ZooKeeper bug or an HBase bug. > After reading some ZooKeeper code, we found that it was an HBase bug, but it > would be nice to clarify the docs around this ACL scheme. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
Failed: ZOOKEEPER- PreCommit Build #376
Build: https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/376/ ### ## LAST 60 LINES OF THE CONSOLE ### [...truncated 68.04 MB...] [exec] [exec] +1 javadoc. The javadoc tool did not generate any warning messages. [exec] [exec] +1 javac. The applied patch does not increase the total number of javac compiler warnings. [exec] [exec] +1 findbugs. The patch does not introduce any new Findbugs (version 3.0.1) warnings. [exec] [exec] +1 release audit. The applied patch does not increase the total number of release audit warnings. [exec] [exec] -1 core tests. The patch failed core unit tests. [exec] [exec] +1 contrib tests. The patch passed contrib unit tests. [exec] [exec] Test results: https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/376//testReport/ [exec] Findbugs warnings: https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/376//artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html [exec] Console output: https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/376//console [exec] [exec] This message is automatically generated. [exec] [exec] [exec] == [exec] == [exec] Adding comment to Jira. [exec] == [exec] == [exec] [exec] [exec] Comment added. [exec] fccf1624cd071942fca86ef085b8424009b1124a logged out [exec] [exec] [exec] == [exec] == [exec] Finished build. [exec] == [exec] == [exec] [exec] [exec] mv: '/home/jenkins/jenkins-slave/workspace/PreCommit-ZOOKEEPER-github-pr-build/patchprocess' and '/home/jenkins/jenkins-slave/workspace/PreCommit-ZOOKEEPER-github-pr-build/patchprocess' are the same file BUILD FAILED /home/jenkins/jenkins-slave/workspace/PreCommit-ZOOKEEPER-github-pr-build/build.xml:1635: exec returned: 1 Total time: 14 minutes 35 seconds Build step 'Execute shell' marked build as failure Archiving artifacts Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7 Compressed 575.40 KB of artifacts by 27.8% relative to #374 Recording test results Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7 Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7 [description-setter] Description set: ZOOKEEPER-2709 Putting comment on the pull request Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7 Email was triggered for: Failure - Any Sending email for trigger: Failure - Any Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7 Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7 Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7 ### ## FAILED TESTS (if any) ## 1 tests failed. FAILED: org.apache.zookeeper.test.ReadOnlyModeTest.testSessionEstablishment Error Message: KeeperErrorCode = ConnectionLoss for /test Stack Trace: org.apache.zookeeper.KeeperException$ConnectionLossException: KeeperErrorCode = ConnectionLoss for /test at org.apache.zookeeper.KeeperException.create(KeeperException.java:99) at org.apache.zookeeper.KeeperException.create(KeeperException.java:51) at org.apache.zookeeper.ZooKeeper.create(ZooKeeper.java:1424) at org.apache.zookeeper.test.ReadOnlyModeTest.testSessionEstablishment(ReadOnlyModeTest.java:238) at org.apache.zookeeper.JUnit4ZKTestRunner$LoggedInvokeMethod.evaluate(JUnit4ZKTestRunner.java:79) at java.util.concurrent.FutureTask.run(FutureTask.java:262) at java.lang.Thread.run(Thread.java:745)
[GitHub] zookeeper pull request #182: ZOOKEEPER-2709 Clarify documentation around the...
GitHub user joshelser opened a pull request: https://github.com/apache/zookeeper/pull/182 ZOOKEEPER-2709 Clarify documentation around the "auth" ACL scheme Not sure if I should include the modified files from the result of `ant docs`. Happy to do so if expected :) You can merge this pull request into a Git repository by running: $ git pull https://github.com/joshelser/zookeeper ZOOKEEPER-2709 Alternatively you can review and apply these changes as the patch at: https://github.com/apache/zookeeper/pull/182.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #182 commit 207146e8df26d3a22199725e2f36c04d473f7e37 Author: Josh ElserDate: 2017-03-03T21:28:50Z ZOOKEEPER-2709 Clarify documentation around the "auth" ACL scheme --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
[jira] [Commented] (ZOOKEEPER-2709) Clarify documentation around "auth" ACL scheme
[ https://issues.apache.org/jira/browse/ZOOKEEPER-2709?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15895058#comment-15895058 ] ASF GitHub Bot commented on ZOOKEEPER-2709: --- GitHub user joshelser opened a pull request: https://github.com/apache/zookeeper/pull/182 ZOOKEEPER-2709 Clarify documentation around the "auth" ACL scheme Not sure if I should include the modified files from the result of `ant docs`. Happy to do so if expected :) You can merge this pull request into a Git repository by running: $ git pull https://github.com/joshelser/zookeeper ZOOKEEPER-2709 Alternatively you can review and apply these changes as the patch at: https://github.com/apache/zookeeper/pull/182.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #182 commit 207146e8df26d3a22199725e2f36c04d473f7e37 Author: Josh ElserDate: 2017-03-03T21:28:50Z ZOOKEEPER-2709 Clarify documentation around the "auth" ACL scheme > Clarify documentation around "auth" ACL scheme > -- > > Key: ZOOKEEPER-2709 > URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2709 > Project: ZooKeeper > Issue Type: Task > Components: documentation >Reporter: Josh Elser >Priority: Minor > > We recently found up in HBASE-17717 that we were incorrectly setting an ACL > on our "sensitive" znodes after the output of {{getACL}} on these nodes > didn't match what was expected. > In referencing the documentation about how the {{auth}} ACL scheme was > supposed to work, it was unclear if it was a ZooKeeper bug or an HBase bug. > After reading some ZooKeeper code, we found that it was an HBase bug, but it > would be nice to clarify the docs around this ACL scheme. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Created] (ZOOKEEPER-2709) Clarify documentation around "auth" ACL scheme
Josh Elser created ZOOKEEPER-2709: - Summary: Clarify documentation around "auth" ACL scheme Key: ZOOKEEPER-2709 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2709 Project: ZooKeeper Issue Type: Task Components: documentation Reporter: Josh Elser Priority: Minor We recently found up in HBASE-17717 that we were incorrectly setting an ACL on our "sensitive" znodes after the output of {{getACL}} on these nodes didn't match what was expected. In referencing the documentation about how the {{auth}} ACL scheme was supposed to work, it was unclear if it was a ZooKeeper bug or an HBase bug. After reading some ZooKeeper code, we found that it was an HBase bug, but it would be nice to clarify the docs around this ACL scheme. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (ZOOKEEPER-2693) DOS attack on wchp/wchc four letter words (4lw)
[ https://issues.apache.org/jira/browse/ZOOKEEPER-2693?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15895054#comment-15895054 ] ASF GitHub Bot commented on ZOOKEEPER-2693: --- Github user hanm commented on a diff in the pull request: https://github.com/apache/zookeeper/pull/179#discussion_r104245364 --- Diff: src/java/test/org/apache/zookeeper/ZKTestCase.java --- @@ -51,6 +51,12 @@ public void starting(FrameworkMethod method) { // accidentally attempting to start multiple admin servers on the // same port. System.setProperty("zookeeper.admin.enableServer", "false"); +// ZOOKEEPER-2693 disables all 4lw by default. +// Here we enable the 4lw which ZooKeeper tests depends. +System.setProperty("zookeeper.4lw.commands.whitelist", +"ruok, envi, conf, stat, srvr, cons, dump," + --- End diff -- updated tests to address the concern of using explicit list in base test case. > DOS attack on wchp/wchc four letter words (4lw) > --- > > Key: ZOOKEEPER-2693 > URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2693 > Project: ZooKeeper > Issue Type: Bug > Components: security, server >Affects Versions: 3.4.0, 3.5.1, 3.5.2 >Reporter: Patrick Hunt >Assignee: Michael Han >Priority: Blocker > Fix For: 3.4.10, 3.5.3 > > Attachments: ZOOKEEPER-2693-01.patch > > > The wchp/wchc four letter words can be exploited in a DOS attack on the ZK > client port - typically 2181. The following POC attack was recently published > on the web: > https://webcache.googleusercontent.com/search?q=cache:_CNGIz10PRYJ:https://www.exploit-db.com/exploits/41277/+=14=en=clnk=us > The most straightforward way to block this attack is to not allow access to > the client port to non-trusted clients - i.e. firewall the ZooKeeper service > and only allow access to trusted applications using it for coordination. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[GitHub] zookeeper pull request #179: ZOOKEEPER-2693: DOS attack on wchp/wchc four le...
Github user hanm commented on a diff in the pull request: https://github.com/apache/zookeeper/pull/179#discussion_r104245364 --- Diff: src/java/test/org/apache/zookeeper/ZKTestCase.java --- @@ -51,6 +51,12 @@ public void starting(FrameworkMethod method) { // accidentally attempting to start multiple admin servers on the // same port. System.setProperty("zookeeper.admin.enableServer", "false"); +// ZOOKEEPER-2693 disables all 4lw by default. +// Here we enable the 4lw which ZooKeeper tests depends. +System.setProperty("zookeeper.4lw.commands.whitelist", +"ruok, envi, conf, stat, srvr, cons, dump," + --- End diff -- updated tests to address the concern of using explicit list in base test case. --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
Success: ZOOKEEPER- PreCommit Build #374
Build: https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/374/ ### ## LAST 60 LINES OF THE CONSOLE ### [...truncated 67.80 MB...] [exec] [exec] +1 @author. The patch does not contain any @author tags. [exec] [exec] +1 tests included. The patch appears to include 5 new or modified tests. [exec] [exec] +1 javadoc. The javadoc tool did not generate any warning messages. [exec] [exec] +1 javac. The applied patch does not increase the total number of javac compiler warnings. [exec] [exec] +1 findbugs. The patch does not introduce any new Findbugs (version 3.0.1) warnings. [exec] [exec] +1 release audit. The applied patch does not increase the total number of release audit warnings. [exec] [exec] +1 core tests. The patch passed core unit tests. [exec] [exec] +1 contrib tests. The patch passed contrib unit tests. [exec] [exec] Test results: https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/374//testReport/ [exec] Findbugs warnings: https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/374//artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html [exec] Console output: https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/374//console [exec] [exec] This message is automatically generated. [exec] [exec] [exec] == [exec] == [exec] Adding comment to Jira. [exec] == [exec] == [exec] [exec] [exec] Comment added. [exec] 02a08897c42febe1ed7ef1244319fe0b7df0da20 logged out [exec] [exec] [exec] == [exec] == [exec] Finished build. [exec] == [exec] == [exec] [exec] [exec] mv: ‘/home/jenkins/jenkins-slave/workspace/PreCommit-ZOOKEEPER-github-pr-build/patchprocess’ and ‘/home/jenkins/jenkins-slave/workspace/PreCommit-ZOOKEEPER-github-pr-build/patchprocess’ are the same file BUILD SUCCESSFUL Total time: 18 minutes 54 seconds Archiving artifacts Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7 Recording test results Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7 Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7 [description-setter] Description set: ZOOKEEPER-2693 Putting comment on the pull request Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7 Email was triggered for: Success Sending email for trigger: Success Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7 Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7 Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7 ### ## FAILED TESTS (if any) ## All tests passed
[jira] [Commented] (ZOOKEEPER-2693) DOS attack on wchp/wchc four letter words (4lw)
[ https://issues.apache.org/jira/browse/ZOOKEEPER-2693?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15895024#comment-15895024 ] Hadoop QA commented on ZOOKEEPER-2693: -- +1 overall. GitHub Pull Request Build +1 @author. The patch does not contain any @author tags. +1 tests included. The patch appears to include 5 new or modified tests. +1 javadoc. The javadoc tool did not generate any warning messages. +1 javac. The applied patch does not increase the total number of javac compiler warnings. +1 findbugs. The patch does not introduce any new Findbugs (version 3.0.1) warnings. +1 release audit. The applied patch does not increase the total number of release audit warnings. +1 core tests. The patch passed core unit tests. +1 contrib tests. The patch passed contrib unit tests. Test results: https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/374//testReport/ Findbugs warnings: https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/374//artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html Console output: https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/374//console This message is automatically generated. > DOS attack on wchp/wchc four letter words (4lw) > --- > > Key: ZOOKEEPER-2693 > URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2693 > Project: ZooKeeper > Issue Type: Bug > Components: security, server >Affects Versions: 3.4.0, 3.5.1, 3.5.2 >Reporter: Patrick Hunt >Assignee: Michael Han >Priority: Blocker > Fix For: 3.4.10, 3.5.3 > > Attachments: ZOOKEEPER-2693-01.patch > > > The wchp/wchc four letter words can be exploited in a DOS attack on the ZK > client port - typically 2181. The following POC attack was recently published > on the web: > https://webcache.googleusercontent.com/search?q=cache:_CNGIz10PRYJ:https://www.exploit-db.com/exploits/41277/+=14=en=clnk=us > The most straightforward way to block this attack is to not allow access to > the client port to non-trusted clients - i.e. firewall the ZooKeeper service > and only allow access to trusted applications using it for coordination. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Created] (ZOOKEEPER-2708) TracelogFile not being created.
Angelo Esquivel created ZOOKEEPER-2708: -- Summary: TracelogFile not being created. Key: ZOOKEEPER-2708 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2708 Project: ZooKeeper Issue Type: Bug Affects Versions: 3.4.6 Environment: Windows 10 64bit Reporter: Angelo Esquivel Priority: Minor We are configuring Zookeeper with log4j to create a tracelog file separated from the zookeeper.log. We have test using the following java properties: call %JAVA% "-DrequestTraceFile" "-Dzookeeper.log.dir=%ZOO_LOG_DIR%" "-Dzookeeper.root.logger=%ZOO_LOG4J_PROP%" -cp "%CLASSPATH%" %ZOOMAIN% "%ZOOCFG%" %* Is there a way to set this in a separate file? If not, can this be included in the zookeeper.log content? Please let us know if there is a way. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (ZOOKEEPER-2693) DOS attack on wchp/wchc four letter words (4lw)
[ https://issues.apache.org/jira/browse/ZOOKEEPER-2693?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15894718#comment-15894718 ] ASF GitHub Bot commented on ZOOKEEPER-2693: --- Github user arshadmohammad commented on a diff in the pull request: https://github.com/apache/zookeeper/pull/179#discussion_r104198451 --- Diff: src/java/test/org/apache/zookeeper/ZKTestCase.java --- @@ -51,6 +51,12 @@ public void starting(FrameworkMethod method) { // accidentally attempting to start multiple admin servers on the // same port. System.setProperty("zookeeper.admin.enableServer", "false"); +// ZOOKEEPER-2693 disables all 4lw by default. +// Here we enable the 4lw which ZooKeeper tests depends. +System.setProperty("zookeeper.4lw.commands.whitelist", +"ruok, envi, conf, stat, srvr, cons, dump," + --- End diff -- ZKTestCase is base test class, covering a test scenario from this class should be avoided. May be you can add more test case in FourLetterWordsWhiteListTest to increase the coverage. > DOS attack on wchp/wchc four letter words (4lw) > --- > > Key: ZOOKEEPER-2693 > URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2693 > Project: ZooKeeper > Issue Type: Bug > Components: security, server >Affects Versions: 3.4.0, 3.5.1, 3.5.2 >Reporter: Patrick Hunt >Assignee: Michael Han >Priority: Blocker > Fix For: 3.4.10, 3.5.3 > > Attachments: ZOOKEEPER-2693-01.patch > > > The wchp/wchc four letter words can be exploited in a DOS attack on the ZK > client port - typically 2181. The following POC attack was recently published > on the web: > https://webcache.googleusercontent.com/search?q=cache:_CNGIz10PRYJ:https://www.exploit-db.com/exploits/41277/+=14=en=clnk=us > The most straightforward way to block this attack is to not allow access to > the client port to non-trusted clients - i.e. firewall the ZooKeeper service > and only allow access to trusted applications using it for coordination. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[GitHub] zookeeper pull request #179: ZOOKEEPER-2693: DOS attack on wchp/wchc four le...
Github user arshadmohammad commented on a diff in the pull request: https://github.com/apache/zookeeper/pull/179#discussion_r104198451 --- Diff: src/java/test/org/apache/zookeeper/ZKTestCase.java --- @@ -51,6 +51,12 @@ public void starting(FrameworkMethod method) { // accidentally attempting to start multiple admin servers on the // same port. System.setProperty("zookeeper.admin.enableServer", "false"); +// ZOOKEEPER-2693 disables all 4lw by default. +// Here we enable the 4lw which ZooKeeper tests depends. +System.setProperty("zookeeper.4lw.commands.whitelist", +"ruok, envi, conf, stat, srvr, cons, dump," + --- End diff -- ZKTestCase is base test class, covering a test scenario from this class should be avoided. May be you can add more test case in FourLetterWordsWhiteListTest to increase the coverage. --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
ZooKeeper_branch34_openjdk7 - Build # 1411 - Still Failing
See https://builds.apache.org/job/ZooKeeper_branch34_openjdk7/1411/ ### ## LAST 60 LINES OF THE CONSOLE ### Started by timer [EnvInject] - Loading node environment variables. Building remotely on H15 (ubuntu) in workspace /home/jenkins/jenkins-slave/workspace/ZooKeeper_branch34_openjdk7 > git rev-parse --is-inside-work-tree # timeout=10 Fetching changes from the remote Git repository > git config remote.origin.url git://git.apache.org/zookeeper.git # timeout=10 Cleaning workspace > git rev-parse --verify HEAD # timeout=10 Resetting working tree > git reset --hard # timeout=10 > git clean -fdx # timeout=10 Fetching upstream changes from git://git.apache.org/zookeeper.git > git --version # timeout=10 > git fetch --tags --progress git://git.apache.org/zookeeper.git > +refs/heads/*:refs/remotes/origin/* > git rev-parse refs/remotes/origin/branch-3.4^{commit} # timeout=10 > git rev-parse refs/remotes/origin/origin/branch-3.4^{commit} # timeout=10 Checking out Revision b26eaf3492a43821f648d8a8f87d8ac3488f1cef (refs/remotes/origin/branch-3.4) > git config core.sparsecheckout # timeout=10 > git checkout -f b26eaf3492a43821f648d8a8f87d8ac3488f1cef > git rev-list b26eaf3492a43821f648d8a8f87d8ac3488f1cef # timeout=10 No emails were triggered. [ZooKeeper_branch34_openjdk7] $ /home/jenkins/tools/ant/latest/bin/ant -Dtest.output=yes -Dtest.junit.threads=8 -Dtest.junit.output.format=xml -Djavac.target=1.7 clean test-core-java Error: JAVA_HOME is not defined correctly. We cannot execute /usr/lib/jvm/java-7-openjdk-amd64//bin/java Build step 'Invoke Ant' marked build as failure Recording test results ERROR: Step ?Publish JUnit test result report? failed: No test report files were found. Configuration error? Email was triggered for: Failure - Any Sending email for trigger: Failure - Any ### ## FAILED TESTS (if any) ## No tests ran.
ZooKeeper_branch35_jdk7 - Build # 869 - Still Failing
See https://builds.apache.org/job/ZooKeeper_branch35_jdk7/869/ ### ## LAST 60 LINES OF THE CONSOLE ### Started by timer [EnvInject] - Loading node environment variables. Building remotely on H15 (ubuntu) in workspace /home/jenkins/jenkins-slave/workspace/ZooKeeper_branch35_jdk7 > git rev-parse --is-inside-work-tree # timeout=10 Fetching changes from the remote Git repository > git config remote.origin.url git://git.apache.org/zookeeper.git # timeout=10 Cleaning workspace > git rev-parse --verify HEAD # timeout=10 Resetting working tree > git reset --hard # timeout=10 > git clean -fdx # timeout=10 Fetching upstream changes from git://git.apache.org/zookeeper.git > git --version # timeout=10 > git fetch --tags --progress git://git.apache.org/zookeeper.git > +refs/heads/*:refs/remotes/origin/* > git rev-parse refs/remotes/origin/branch-3.5^{commit} # timeout=10 > git rev-parse refs/remotes/origin/origin/branch-3.5^{commit} # timeout=10 Checking out Revision 1912fa8d63e6bbfdb5bb96bec85efa7c94e131e9 (refs/remotes/origin/branch-3.5) > git config core.sparsecheckout # timeout=10 > git checkout -f 1912fa8d63e6bbfdb5bb96bec85efa7c94e131e9 > git rev-list 1912fa8d63e6bbfdb5bb96bec85efa7c94e131e9 # timeout=10 No emails were triggered. [ZooKeeper_branch35_jdk7] $ /home/jenkins/tools/ant/latest/bin/ant -Dtest.output=yes -Dtest.junit.threads=8 -Dtest.junit.output.format=xml -Djavac.target=1.7 clean test-core-java Exception in thread "main" java.lang.UnsupportedClassVersionError: org/apache/tools/ant/launch/Launcher : Unsupported major.minor version 52.0 at java.lang.ClassLoader.defineClass1(Native Method) at java.lang.ClassLoader.defineClass(ClassLoader.java:800) at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:142) at java.net.URLClassLoader.defineClass(URLClassLoader.java:449) at java.net.URLClassLoader.access$100(URLClassLoader.java:71) at java.net.URLClassLoader$1.run(URLClassLoader.java:361) at java.net.URLClassLoader$1.run(URLClassLoader.java:355) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(URLClassLoader.java:354) at java.lang.ClassLoader.loadClass(ClassLoader.java:425) at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:308) at java.lang.ClassLoader.loadClass(ClassLoader.java:358) at sun.launcher.LauncherHelper.checkAndLoadMain(LauncherHelper.java:482) Build step 'Invoke Ant' marked build as failure Recording test results ERROR: Step ?Publish JUnit test result report? failed: No test report files were found. Configuration error? Email was triggered for: Failure - Any Sending email for trigger: Failure - Any ### ## FAILED TESTS (if any) ## No tests ran.