[jira] [Commented] (HDFS-3059) ssl-server.xml causes NullPointer
[ https://issues.apache.org/jira/browse/HDFS-3059?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=14964710#comment-14964710 ] Hadoop QA commented on HDFS-3059: - \\ \\ | (x) *{color:red}-1 overall{color}* | \\ \\ || Vote || Subsystem || Runtime || Comment || | {color:red}-1{color} | pre-patch | 18m 20s | Pre-patch trunk has 1 extant Findbugs (version 3.0.0) warnings. | | {color:green}+1{color} | @author | 0m 0s | The patch does not contain any @author tags. | | {color:green}+1{color} | tests included | 0m 0s | The patch appears to include 1 new or modified test files. | | {color:green}+1{color} | javac | 7m 50s | There were no new javac warning messages. | | {color:green}+1{color} | javadoc | 10m 21s | There were no new javadoc warning messages. | | {color:green}+1{color} | release audit | 0m 23s | The applied patch does not increase the total number of release audit warnings. | | {color:red}-1{color} | checkstyle | 1m 24s | The applied patch generated 2 new checkstyle issues (total was 508, now 509). | | {color:green}+1{color} | whitespace | 0m 0s | The patch has no lines that end in whitespace. | | {color:green}+1{color} | install | 1m 28s | mvn install still works. | | {color:green}+1{color} | eclipse:eclipse | 0m 33s | The patch built with eclipse:eclipse. | | {color:green}+1{color} | findbugs | 2m 30s | The patch does not introduce any new Findbugs (version 3.0.0) warnings. | | {color:green}+1{color} | native | 3m 7s | Pre-build of native portion | | {color:red}-1{color} | hdfs tests | 49m 48s | Tests failed in hadoop-hdfs. | | | | 95m 49s | | \\ \\ || Reason || Tests || | Failed unit tests | hadoop.hdfs.server.namenode.ha.TestDNFencing | \\ \\ || Subsystem || Report/Notes || | Patch URL | http://issues.apache.org/jira/secure/attachment/12767547/HDFS-3059.08.patch | | Optional Tests | javadoc javac unit findbugs checkstyle | | git revision | trunk / 9cb5d35 | | Pre-patch Findbugs warnings | https://builds.apache.org/job/PreCommit-HDFS-Build/13076/artifact/patchprocess/trunkFindbugsWarningshadoop-hdfs.html | | checkstyle | https://builds.apache.org/job/PreCommit-HDFS-Build/13076/artifact/patchprocess/diffcheckstylehadoop-hdfs.txt | | hadoop-hdfs test log | https://builds.apache.org/job/PreCommit-HDFS-Build/13076/artifact/patchprocess/testrun_hadoop-hdfs.txt | | Test Results | https://builds.apache.org/job/PreCommit-HDFS-Build/13076/testReport/ | | Java | 1.7.0_55 | | uname | Linux asf902.gq1.ygridcore.net 3.13.0-36-lowlatency #63-Ubuntu SMP PREEMPT Wed Sep 3 21:56:12 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux | | Console output | https://builds.apache.org/job/PreCommit-HDFS-Build/13076/console | This message was automatically generated. > ssl-server.xml causes NullPointer > - > > Key: HDFS-3059 > URL: https://issues.apache.org/jira/browse/HDFS-3059 > Project: Hadoop HDFS > Issue Type: Bug > Components: datanode, security >Affects Versions: 2.7.1 > Environment: in core-site.xml: > {code:xml} > > hadoop.security.authentication > kerberos > > > hadoop.security.authorization > true > > {code} > in hdfs-site.xml: > {code:xml} > > dfs.https.server.keystore.resource > /etc/hadoop/conf/ssl-server.xml > > > dfs.https.enable > true > > > ...other security props > > {code} >Reporter: Evert Lammerts >Assignee: Xiao Chen >Priority: Minor > Labels: BB2015-05-TBR > Attachments: HDFS-3059.02.patch, HDFS-3059.03.patch, > HDFS-3059.04.patch, HDFS-3059.05.patch, HDFS-3059.06.patch, > HDFS-3059.07.patch, HDFS-3059.08.patch, HDFS-3059.patch, HDFS-3059.patch.2 > > > If ssl is enabled (dfs.https.enable) but ssl-server.xml is not available, a > DN will crash during startup while setting up an SSL socket with a > NullPointerException: > {noformat}12/03/07 17:08:36 DEBUG security.Krb5AndCertsSslSocketConnector: > useKerb = false, useCerts = true > jetty.ssl.password : jetty.ssl.keypassword : 12/03/07 17:08:36 INFO > mortbay.log: jetty-6.1.26.cloudera.1 > 12/03/07 17:08:36 INFO mortbay.log: Started > selectchannelconnec...@p-worker35.alley.sara.nl:1006 > 12/03/07 17:08:36 DEBUG security.Krb5AndCertsSslSocketConnector: Creating new > KrbServerSocket for: 0.0.0.0 > 12/03/07 17:08:36 WARN mortbay.log: java.lang.NullPointerException > 12/03/07 17:08:36 WARN mortbay.log: failed > Krb5AndCertsSslSocketConnector@0.0.0.0:50475: java.io.IOException: > !JsseListener: java.lang.NullPointerException > 12/03/07 17:08:36 WARN mortbay.log: failed Server@604788d5: > java.io.IOException: !JsseListener: java.lang.NullPointerException > 12/03/07 17:08:36 INFO mortbay.log: Stopped > Krb5AndCertsSslSocketConnector@0.0.0.0:50475 > 12/03/07 17:08:36 INFO mortbay.log: Stopped >
[jira] [Commented] (HDFS-3059) ssl-server.xml causes NullPointer
[ https://issues.apache.org/jira/browse/HDFS-3059?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=14965815#comment-14965815 ] Hudson commented on HDFS-3059: -- FAILURE: Integrated in Hadoop-Yarn-trunk-Java8 #574 (See [https://builds.apache.org/job/Hadoop-Yarn-trunk-Java8/574/]) HDFS-3059. ssl-server.xml causes NullPointer. Contributed by Xiao Chen. (wang: rev 6c8b6f3646b31a3e028704bc7fd78bf319f89f0a) * hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/DFSUtil.java * hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/TestHDFSServerPorts.java * hadoop-hdfs-project/hadoop-hdfs/CHANGES.txt * hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/DFSConfigKeys.java * hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/SecondaryNameNode.java > ssl-server.xml causes NullPointer > - > > Key: HDFS-3059 > URL: https://issues.apache.org/jira/browse/HDFS-3059 > Project: Hadoop HDFS > Issue Type: Bug > Components: datanode, security >Affects Versions: 2.7.1 > Environment: in core-site.xml: > {code:xml} > > hadoop.security.authentication > kerberos > > > hadoop.security.authorization > true > > {code} > in hdfs-site.xml: > {code:xml} > > dfs.https.server.keystore.resource > /etc/hadoop/conf/ssl-server.xml > > > dfs.https.enable > true > > > ...other security props > > {code} >Reporter: Evert Lammerts >Assignee: Xiao Chen >Priority: Minor > Labels: BB2015-05-TBR > Fix For: 3.0.0 > > Attachments: HDFS-3059.02.patch, HDFS-3059.03.patch, > HDFS-3059.04.patch, HDFS-3059.05.patch, HDFS-3059.06.patch, > HDFS-3059.07.patch, HDFS-3059.08.patch, HDFS-3059.patch, HDFS-3059.patch.2 > > > If ssl is enabled (dfs.https.enable) but ssl-server.xml is not available, a > DN will crash during startup while setting up an SSL socket with a > NullPointerException: > {noformat}12/03/07 17:08:36 DEBUG security.Krb5AndCertsSslSocketConnector: > useKerb = false, useCerts = true > jetty.ssl.password : jetty.ssl.keypassword : 12/03/07 17:08:36 INFO > mortbay.log: jetty-6.1.26.cloudera.1 > 12/03/07 17:08:36 INFO mortbay.log: Started > selectchannelconnec...@p-worker35.alley.sara.nl:1006 > 12/03/07 17:08:36 DEBUG security.Krb5AndCertsSslSocketConnector: Creating new > KrbServerSocket for: 0.0.0.0 > 12/03/07 17:08:36 WARN mortbay.log: java.lang.NullPointerException > 12/03/07 17:08:36 WARN mortbay.log: failed > Krb5AndCertsSslSocketConnector@0.0.0.0:50475: java.io.IOException: > !JsseListener: java.lang.NullPointerException > 12/03/07 17:08:36 WARN mortbay.log: failed Server@604788d5: > java.io.IOException: !JsseListener: java.lang.NullPointerException > 12/03/07 17:08:36 INFO mortbay.log: Stopped > Krb5AndCertsSslSocketConnector@0.0.0.0:50475 > 12/03/07 17:08:36 INFO mortbay.log: Stopped > selectchannelconnec...@p-worker35.alley.sara.nl:1006 > 12/03/07 17:08:37 INFO datanode.DataNode: Waiting for threadgroup to exit, > active threads is 0{noformat} > The same happens if I set an absolute path to an existing > dfs.https.server.keystore.resource - in this case the file cannot be found > but not even a WARN is given. > Since in dfs.https.server.keystore.resource we know we need to have 4 > properties specified (ssl.server.truststore.location, > ssl.server.keystore.location, ssl.server.keystore.password, and > ssl.server.keystore.keypassword) we should check if they are set and throw an > IOException if they are not. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (HDFS-3059) ssl-server.xml causes NullPointer
[ https://issues.apache.org/jira/browse/HDFS-3059?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=14965714#comment-14965714 ] Andrew Wang commented on HDFS-3059: --- LGTM +1 will commit shortly, I ran the failed test locally okay. > ssl-server.xml causes NullPointer > - > > Key: HDFS-3059 > URL: https://issues.apache.org/jira/browse/HDFS-3059 > Project: Hadoop HDFS > Issue Type: Bug > Components: datanode, security >Affects Versions: 2.7.1 > Environment: in core-site.xml: > {code:xml} > > hadoop.security.authentication > kerberos > > > hadoop.security.authorization > true > > {code} > in hdfs-site.xml: > {code:xml} > > dfs.https.server.keystore.resource > /etc/hadoop/conf/ssl-server.xml > > > dfs.https.enable > true > > > ...other security props > > {code} >Reporter: Evert Lammerts >Assignee: Xiao Chen >Priority: Minor > Labels: BB2015-05-TBR > Attachments: HDFS-3059.02.patch, HDFS-3059.03.patch, > HDFS-3059.04.patch, HDFS-3059.05.patch, HDFS-3059.06.patch, > HDFS-3059.07.patch, HDFS-3059.08.patch, HDFS-3059.patch, HDFS-3059.patch.2 > > > If ssl is enabled (dfs.https.enable) but ssl-server.xml is not available, a > DN will crash during startup while setting up an SSL socket with a > NullPointerException: > {noformat}12/03/07 17:08:36 DEBUG security.Krb5AndCertsSslSocketConnector: > useKerb = false, useCerts = true > jetty.ssl.password : jetty.ssl.keypassword : 12/03/07 17:08:36 INFO > mortbay.log: jetty-6.1.26.cloudera.1 > 12/03/07 17:08:36 INFO mortbay.log: Started > selectchannelconnec...@p-worker35.alley.sara.nl:1006 > 12/03/07 17:08:36 DEBUG security.Krb5AndCertsSslSocketConnector: Creating new > KrbServerSocket for: 0.0.0.0 > 12/03/07 17:08:36 WARN mortbay.log: java.lang.NullPointerException > 12/03/07 17:08:36 WARN mortbay.log: failed > Krb5AndCertsSslSocketConnector@0.0.0.0:50475: java.io.IOException: > !JsseListener: java.lang.NullPointerException > 12/03/07 17:08:36 WARN mortbay.log: failed Server@604788d5: > java.io.IOException: !JsseListener: java.lang.NullPointerException > 12/03/07 17:08:36 INFO mortbay.log: Stopped > Krb5AndCertsSslSocketConnector@0.0.0.0:50475 > 12/03/07 17:08:36 INFO mortbay.log: Stopped > selectchannelconnec...@p-worker35.alley.sara.nl:1006 > 12/03/07 17:08:37 INFO datanode.DataNode: Waiting for threadgroup to exit, > active threads is 0{noformat} > The same happens if I set an absolute path to an existing > dfs.https.server.keystore.resource - in this case the file cannot be found > but not even a WARN is given. > Since in dfs.https.server.keystore.resource we know we need to have 4 > properties specified (ssl.server.truststore.location, > ssl.server.keystore.location, ssl.server.keystore.password, and > ssl.server.keystore.keypassword) we should check if they are set and throw an > IOException if they are not. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (HDFS-3059) ssl-server.xml causes NullPointer
[ https://issues.apache.org/jira/browse/HDFS-3059?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=14965805#comment-14965805 ] Hudson commented on HDFS-3059: -- FAILURE: Integrated in Hadoop-Mapreduce-trunk-Java8 #559 (See [https://builds.apache.org/job/Hadoop-Mapreduce-trunk-Java8/559/]) HDFS-3059. ssl-server.xml causes NullPointer. Contributed by Xiao Chen. (wang: rev 6c8b6f3646b31a3e028704bc7fd78bf319f89f0a) * hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/DFSConfigKeys.java * hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/SecondaryNameNode.java * hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/DFSUtil.java * hadoop-hdfs-project/hadoop-hdfs/CHANGES.txt * hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/TestHDFSServerPorts.java > ssl-server.xml causes NullPointer > - > > Key: HDFS-3059 > URL: https://issues.apache.org/jira/browse/HDFS-3059 > Project: Hadoop HDFS > Issue Type: Bug > Components: datanode, security >Affects Versions: 2.7.1 > Environment: in core-site.xml: > {code:xml} > > hadoop.security.authentication > kerberos > > > hadoop.security.authorization > true > > {code} > in hdfs-site.xml: > {code:xml} > > dfs.https.server.keystore.resource > /etc/hadoop/conf/ssl-server.xml > > > dfs.https.enable > true > > > ...other security props > > {code} >Reporter: Evert Lammerts >Assignee: Xiao Chen >Priority: Minor > Labels: BB2015-05-TBR > Fix For: 3.0.0 > > Attachments: HDFS-3059.02.patch, HDFS-3059.03.patch, > HDFS-3059.04.patch, HDFS-3059.05.patch, HDFS-3059.06.patch, > HDFS-3059.07.patch, HDFS-3059.08.patch, HDFS-3059.patch, HDFS-3059.patch.2 > > > If ssl is enabled (dfs.https.enable) but ssl-server.xml is not available, a > DN will crash during startup while setting up an SSL socket with a > NullPointerException: > {noformat}12/03/07 17:08:36 DEBUG security.Krb5AndCertsSslSocketConnector: > useKerb = false, useCerts = true > jetty.ssl.password : jetty.ssl.keypassword : 12/03/07 17:08:36 INFO > mortbay.log: jetty-6.1.26.cloudera.1 > 12/03/07 17:08:36 INFO mortbay.log: Started > selectchannelconnec...@p-worker35.alley.sara.nl:1006 > 12/03/07 17:08:36 DEBUG security.Krb5AndCertsSslSocketConnector: Creating new > KrbServerSocket for: 0.0.0.0 > 12/03/07 17:08:36 WARN mortbay.log: java.lang.NullPointerException > 12/03/07 17:08:36 WARN mortbay.log: failed > Krb5AndCertsSslSocketConnector@0.0.0.0:50475: java.io.IOException: > !JsseListener: java.lang.NullPointerException > 12/03/07 17:08:36 WARN mortbay.log: failed Server@604788d5: > java.io.IOException: !JsseListener: java.lang.NullPointerException > 12/03/07 17:08:36 INFO mortbay.log: Stopped > Krb5AndCertsSslSocketConnector@0.0.0.0:50475 > 12/03/07 17:08:36 INFO mortbay.log: Stopped > selectchannelconnec...@p-worker35.alley.sara.nl:1006 > 12/03/07 17:08:37 INFO datanode.DataNode: Waiting for threadgroup to exit, > active threads is 0{noformat} > The same happens if I set an absolute path to an existing > dfs.https.server.keystore.resource - in this case the file cannot be found > but not even a WARN is given. > Since in dfs.https.server.keystore.resource we know we need to have 4 > properties specified (ssl.server.truststore.location, > ssl.server.keystore.location, ssl.server.keystore.password, and > ssl.server.keystore.keypassword) we should check if they are set and throw an > IOException if they are not. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (HDFS-3059) ssl-server.xml causes NullPointer
[ https://issues.apache.org/jira/browse/HDFS-3059?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=14965791#comment-14965791 ] Hudson commented on HDFS-3059: -- FAILURE: Integrated in Hadoop-trunk-Commit #8672 (See [https://builds.apache.org/job/Hadoop-trunk-Commit/8672/]) HDFS-3059. ssl-server.xml causes NullPointer. Contributed by Xiao Chen. (wang: rev 6c8b6f3646b31a3e028704bc7fd78bf319f89f0a) * hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/TestHDFSServerPorts.java * hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/DFSUtil.java * hadoop-hdfs-project/hadoop-hdfs/CHANGES.txt * hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/SecondaryNameNode.java * hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/DFSConfigKeys.java > ssl-server.xml causes NullPointer > - > > Key: HDFS-3059 > URL: https://issues.apache.org/jira/browse/HDFS-3059 > Project: Hadoop HDFS > Issue Type: Bug > Components: datanode, security >Affects Versions: 2.7.1 > Environment: in core-site.xml: > {code:xml} > > hadoop.security.authentication > kerberos > > > hadoop.security.authorization > true > > {code} > in hdfs-site.xml: > {code:xml} > > dfs.https.server.keystore.resource > /etc/hadoop/conf/ssl-server.xml > > > dfs.https.enable > true > > > ...other security props > > {code} >Reporter: Evert Lammerts >Assignee: Xiao Chen >Priority: Minor > Labels: BB2015-05-TBR > Fix For: 3.0.0 > > Attachments: HDFS-3059.02.patch, HDFS-3059.03.patch, > HDFS-3059.04.patch, HDFS-3059.05.patch, HDFS-3059.06.patch, > HDFS-3059.07.patch, HDFS-3059.08.patch, HDFS-3059.patch, HDFS-3059.patch.2 > > > If ssl is enabled (dfs.https.enable) but ssl-server.xml is not available, a > DN will crash during startup while setting up an SSL socket with a > NullPointerException: > {noformat}12/03/07 17:08:36 DEBUG security.Krb5AndCertsSslSocketConnector: > useKerb = false, useCerts = true > jetty.ssl.password : jetty.ssl.keypassword : 12/03/07 17:08:36 INFO > mortbay.log: jetty-6.1.26.cloudera.1 > 12/03/07 17:08:36 INFO mortbay.log: Started > selectchannelconnec...@p-worker35.alley.sara.nl:1006 > 12/03/07 17:08:36 DEBUG security.Krb5AndCertsSslSocketConnector: Creating new > KrbServerSocket for: 0.0.0.0 > 12/03/07 17:08:36 WARN mortbay.log: java.lang.NullPointerException > 12/03/07 17:08:36 WARN mortbay.log: failed > Krb5AndCertsSslSocketConnector@0.0.0.0:50475: java.io.IOException: > !JsseListener: java.lang.NullPointerException > 12/03/07 17:08:36 WARN mortbay.log: failed Server@604788d5: > java.io.IOException: !JsseListener: java.lang.NullPointerException > 12/03/07 17:08:36 INFO mortbay.log: Stopped > Krb5AndCertsSslSocketConnector@0.0.0.0:50475 > 12/03/07 17:08:36 INFO mortbay.log: Stopped > selectchannelconnec...@p-worker35.alley.sara.nl:1006 > 12/03/07 17:08:37 INFO datanode.DataNode: Waiting for threadgroup to exit, > active threads is 0{noformat} > The same happens if I set an absolute path to an existing > dfs.https.server.keystore.resource - in this case the file cannot be found > but not even a WARN is given. > Since in dfs.https.server.keystore.resource we know we need to have 4 > properties specified (ssl.server.truststore.location, > ssl.server.keystore.location, ssl.server.keystore.password, and > ssl.server.keystore.keypassword) we should check if they are set and throw an > IOException if they are not. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (HDFS-3059) ssl-server.xml causes NullPointer
[ https://issues.apache.org/jira/browse/HDFS-3059?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=14966064#comment-14966064 ] Xiao Chen commented on HDFS-3059: - Thank you Andrew! > ssl-server.xml causes NullPointer > - > > Key: HDFS-3059 > URL: https://issues.apache.org/jira/browse/HDFS-3059 > Project: Hadoop HDFS > Issue Type: Bug > Components: datanode, security >Affects Versions: 2.7.1 > Environment: in core-site.xml: > {code:xml} > > hadoop.security.authentication > kerberos > > > hadoop.security.authorization > true > > {code} > in hdfs-site.xml: > {code:xml} > > dfs.https.server.keystore.resource > /etc/hadoop/conf/ssl-server.xml > > > dfs.https.enable > true > > > ...other security props > > {code} >Reporter: Evert Lammerts >Assignee: Xiao Chen >Priority: Minor > Labels: BB2015-05-TBR > Fix For: 2.8.0 > > Attachments: HDFS-3059-branch2.patch, HDFS-3059.02.patch, > HDFS-3059.03.patch, HDFS-3059.04.patch, HDFS-3059.05.patch, > HDFS-3059.06.patch, HDFS-3059.07.patch, HDFS-3059.08.patch, HDFS-3059.patch, > HDFS-3059.patch.2 > > > If ssl is enabled (dfs.https.enable) but ssl-server.xml is not available, a > DN will crash during startup while setting up an SSL socket with a > NullPointerException: > {noformat}12/03/07 17:08:36 DEBUG security.Krb5AndCertsSslSocketConnector: > useKerb = false, useCerts = true > jetty.ssl.password : jetty.ssl.keypassword : 12/03/07 17:08:36 INFO > mortbay.log: jetty-6.1.26.cloudera.1 > 12/03/07 17:08:36 INFO mortbay.log: Started > selectchannelconnec...@p-worker35.alley.sara.nl:1006 > 12/03/07 17:08:36 DEBUG security.Krb5AndCertsSslSocketConnector: Creating new > KrbServerSocket for: 0.0.0.0 > 12/03/07 17:08:36 WARN mortbay.log: java.lang.NullPointerException > 12/03/07 17:08:36 WARN mortbay.log: failed > Krb5AndCertsSslSocketConnector@0.0.0.0:50475: java.io.IOException: > !JsseListener: java.lang.NullPointerException > 12/03/07 17:08:36 WARN mortbay.log: failed Server@604788d5: > java.io.IOException: !JsseListener: java.lang.NullPointerException > 12/03/07 17:08:36 INFO mortbay.log: Stopped > Krb5AndCertsSslSocketConnector@0.0.0.0:50475 > 12/03/07 17:08:36 INFO mortbay.log: Stopped > selectchannelconnec...@p-worker35.alley.sara.nl:1006 > 12/03/07 17:08:37 INFO datanode.DataNode: Waiting for threadgroup to exit, > active threads is 0{noformat} > The same happens if I set an absolute path to an existing > dfs.https.server.keystore.resource - in this case the file cannot be found > but not even a WARN is given. > Since in dfs.https.server.keystore.resource we know we need to have 4 > properties specified (ssl.server.truststore.location, > ssl.server.keystore.location, ssl.server.keystore.password, and > ssl.server.keystore.keypassword) we should check if they are set and throw an > IOException if they are not. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (HDFS-3059) ssl-server.xml causes NullPointer
[ https://issues.apache.org/jira/browse/HDFS-3059?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=14965948#comment-14965948 ] Hudson commented on HDFS-3059: -- SUCCESS: Integrated in Hadoop-Yarn-trunk #1294 (See [https://builds.apache.org/job/Hadoop-Yarn-trunk/1294/]) HDFS-3059. ssl-server.xml causes NullPointer. Contributed by Xiao Chen. (wang: rev 6c8b6f3646b31a3e028704bc7fd78bf319f89f0a) * hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/DFSUtil.java * hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/SecondaryNameNode.java * hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/TestHDFSServerPorts.java * hadoop-hdfs-project/hadoop-hdfs/CHANGES.txt * hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/DFSConfigKeys.java > ssl-server.xml causes NullPointer > - > > Key: HDFS-3059 > URL: https://issues.apache.org/jira/browse/HDFS-3059 > Project: Hadoop HDFS > Issue Type: Bug > Components: datanode, security >Affects Versions: 2.7.1 > Environment: in core-site.xml: > {code:xml} > > hadoop.security.authentication > kerberos > > > hadoop.security.authorization > true > > {code} > in hdfs-site.xml: > {code:xml} > > dfs.https.server.keystore.resource > /etc/hadoop/conf/ssl-server.xml > > > dfs.https.enable > true > > > ...other security props > > {code} >Reporter: Evert Lammerts >Assignee: Xiao Chen >Priority: Minor > Labels: BB2015-05-TBR > Fix For: 3.0.0 > > Attachments: HDFS-3059.02.patch, HDFS-3059.03.patch, > HDFS-3059.04.patch, HDFS-3059.05.patch, HDFS-3059.06.patch, > HDFS-3059.07.patch, HDFS-3059.08.patch, HDFS-3059.patch, HDFS-3059.patch.2 > > > If ssl is enabled (dfs.https.enable) but ssl-server.xml is not available, a > DN will crash during startup while setting up an SSL socket with a > NullPointerException: > {noformat}12/03/07 17:08:36 DEBUG security.Krb5AndCertsSslSocketConnector: > useKerb = false, useCerts = true > jetty.ssl.password : jetty.ssl.keypassword : 12/03/07 17:08:36 INFO > mortbay.log: jetty-6.1.26.cloudera.1 > 12/03/07 17:08:36 INFO mortbay.log: Started > selectchannelconnec...@p-worker35.alley.sara.nl:1006 > 12/03/07 17:08:36 DEBUG security.Krb5AndCertsSslSocketConnector: Creating new > KrbServerSocket for: 0.0.0.0 > 12/03/07 17:08:36 WARN mortbay.log: java.lang.NullPointerException > 12/03/07 17:08:36 WARN mortbay.log: failed > Krb5AndCertsSslSocketConnector@0.0.0.0:50475: java.io.IOException: > !JsseListener: java.lang.NullPointerException > 12/03/07 17:08:36 WARN mortbay.log: failed Server@604788d5: > java.io.IOException: !JsseListener: java.lang.NullPointerException > 12/03/07 17:08:36 INFO mortbay.log: Stopped > Krb5AndCertsSslSocketConnector@0.0.0.0:50475 > 12/03/07 17:08:36 INFO mortbay.log: Stopped > selectchannelconnec...@p-worker35.alley.sara.nl:1006 > 12/03/07 17:08:37 INFO datanode.DataNode: Waiting for threadgroup to exit, > active threads is 0{noformat} > The same happens if I set an absolute path to an existing > dfs.https.server.keystore.resource - in this case the file cannot be found > but not even a WARN is given. > Since in dfs.https.server.keystore.resource we know we need to have 4 > properties specified (ssl.server.truststore.location, > ssl.server.keystore.location, ssl.server.keystore.password, and > ssl.server.keystore.keypassword) we should check if they are set and throw an > IOException if they are not. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (HDFS-3059) ssl-server.xml causes NullPointer
[ https://issues.apache.org/jira/browse/HDFS-3059?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=14965984#comment-14965984 ] Hudson commented on HDFS-3059: -- FAILURE: Integrated in Hadoop-Hdfs-trunk-Java8 #519 (See [https://builds.apache.org/job/Hadoop-Hdfs-trunk-Java8/519/]) HDFS-3059. ssl-server.xml causes NullPointer. Contributed by Xiao Chen. (wang: rev 6c8b6f3646b31a3e028704bc7fd78bf319f89f0a) * hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/SecondaryNameNode.java * hadoop-hdfs-project/hadoop-hdfs/CHANGES.txt * hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/TestHDFSServerPorts.java * hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/DFSUtil.java * hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/DFSConfigKeys.java > ssl-server.xml causes NullPointer > - > > Key: HDFS-3059 > URL: https://issues.apache.org/jira/browse/HDFS-3059 > Project: Hadoop HDFS > Issue Type: Bug > Components: datanode, security >Affects Versions: 2.7.1 > Environment: in core-site.xml: > {code:xml} > > hadoop.security.authentication > kerberos > > > hadoop.security.authorization > true > > {code} > in hdfs-site.xml: > {code:xml} > > dfs.https.server.keystore.resource > /etc/hadoop/conf/ssl-server.xml > > > dfs.https.enable > true > > > ...other security props > > {code} >Reporter: Evert Lammerts >Assignee: Xiao Chen >Priority: Minor > Labels: BB2015-05-TBR > Fix For: 3.0.0 > > Attachments: HDFS-3059.02.patch, HDFS-3059.03.patch, > HDFS-3059.04.patch, HDFS-3059.05.patch, HDFS-3059.06.patch, > HDFS-3059.07.patch, HDFS-3059.08.patch, HDFS-3059.patch, HDFS-3059.patch.2 > > > If ssl is enabled (dfs.https.enable) but ssl-server.xml is not available, a > DN will crash during startup while setting up an SSL socket with a > NullPointerException: > {noformat}12/03/07 17:08:36 DEBUG security.Krb5AndCertsSslSocketConnector: > useKerb = false, useCerts = true > jetty.ssl.password : jetty.ssl.keypassword : 12/03/07 17:08:36 INFO > mortbay.log: jetty-6.1.26.cloudera.1 > 12/03/07 17:08:36 INFO mortbay.log: Started > selectchannelconnec...@p-worker35.alley.sara.nl:1006 > 12/03/07 17:08:36 DEBUG security.Krb5AndCertsSslSocketConnector: Creating new > KrbServerSocket for: 0.0.0.0 > 12/03/07 17:08:36 WARN mortbay.log: java.lang.NullPointerException > 12/03/07 17:08:36 WARN mortbay.log: failed > Krb5AndCertsSslSocketConnector@0.0.0.0:50475: java.io.IOException: > !JsseListener: java.lang.NullPointerException > 12/03/07 17:08:36 WARN mortbay.log: failed Server@604788d5: > java.io.IOException: !JsseListener: java.lang.NullPointerException > 12/03/07 17:08:36 INFO mortbay.log: Stopped > Krb5AndCertsSslSocketConnector@0.0.0.0:50475 > 12/03/07 17:08:36 INFO mortbay.log: Stopped > selectchannelconnec...@p-worker35.alley.sara.nl:1006 > 12/03/07 17:08:37 INFO datanode.DataNode: Waiting for threadgroup to exit, > active threads is 0{noformat} > The same happens if I set an absolute path to an existing > dfs.https.server.keystore.resource - in this case the file cannot be found > but not even a WARN is given. > Since in dfs.https.server.keystore.resource we know we need to have 4 > properties specified (ssl.server.truststore.location, > ssl.server.keystore.location, ssl.server.keystore.password, and > ssl.server.keystore.keypassword) we should check if they are set and throw an > IOException if they are not. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (HDFS-3059) ssl-server.xml causes NullPointer
[ https://issues.apache.org/jira/browse/HDFS-3059?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=14966009#comment-14966009 ] Hudson commented on HDFS-3059: -- FAILURE: Integrated in Hadoop-Mapreduce-trunk #2507 (See [https://builds.apache.org/job/Hadoop-Mapreduce-trunk/2507/]) HDFS-3059. ssl-server.xml causes NullPointer. Contributed by Xiao Chen. (wang: rev 6c8b6f3646b31a3e028704bc7fd78bf319f89f0a) * hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/SecondaryNameNode.java * hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/DFSConfigKeys.java * hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/TestHDFSServerPorts.java * hadoop-hdfs-project/hadoop-hdfs/CHANGES.txt * hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/DFSUtil.java > ssl-server.xml causes NullPointer > - > > Key: HDFS-3059 > URL: https://issues.apache.org/jira/browse/HDFS-3059 > Project: Hadoop HDFS > Issue Type: Bug > Components: datanode, security >Affects Versions: 2.7.1 > Environment: in core-site.xml: > {code:xml} > > hadoop.security.authentication > kerberos > > > hadoop.security.authorization > true > > {code} > in hdfs-site.xml: > {code:xml} > > dfs.https.server.keystore.resource > /etc/hadoop/conf/ssl-server.xml > > > dfs.https.enable > true > > > ...other security props > > {code} >Reporter: Evert Lammerts >Assignee: Xiao Chen >Priority: Minor > Labels: BB2015-05-TBR > Fix For: 3.0.0 > > Attachments: HDFS-3059.02.patch, HDFS-3059.03.patch, > HDFS-3059.04.patch, HDFS-3059.05.patch, HDFS-3059.06.patch, > HDFS-3059.07.patch, HDFS-3059.08.patch, HDFS-3059.patch, HDFS-3059.patch.2 > > > If ssl is enabled (dfs.https.enable) but ssl-server.xml is not available, a > DN will crash during startup while setting up an SSL socket with a > NullPointerException: > {noformat}12/03/07 17:08:36 DEBUG security.Krb5AndCertsSslSocketConnector: > useKerb = false, useCerts = true > jetty.ssl.password : jetty.ssl.keypassword : 12/03/07 17:08:36 INFO > mortbay.log: jetty-6.1.26.cloudera.1 > 12/03/07 17:08:36 INFO mortbay.log: Started > selectchannelconnec...@p-worker35.alley.sara.nl:1006 > 12/03/07 17:08:36 DEBUG security.Krb5AndCertsSslSocketConnector: Creating new > KrbServerSocket for: 0.0.0.0 > 12/03/07 17:08:36 WARN mortbay.log: java.lang.NullPointerException > 12/03/07 17:08:36 WARN mortbay.log: failed > Krb5AndCertsSslSocketConnector@0.0.0.0:50475: java.io.IOException: > !JsseListener: java.lang.NullPointerException > 12/03/07 17:08:36 WARN mortbay.log: failed Server@604788d5: > java.io.IOException: !JsseListener: java.lang.NullPointerException > 12/03/07 17:08:36 INFO mortbay.log: Stopped > Krb5AndCertsSslSocketConnector@0.0.0.0:50475 > 12/03/07 17:08:36 INFO mortbay.log: Stopped > selectchannelconnec...@p-worker35.alley.sara.nl:1006 > 12/03/07 17:08:37 INFO datanode.DataNode: Waiting for threadgroup to exit, > active threads is 0{noformat} > The same happens if I set an absolute path to an existing > dfs.https.server.keystore.resource - in this case the file cannot be found > but not even a WARN is given. > Since in dfs.https.server.keystore.resource we know we need to have 4 > properties specified (ssl.server.truststore.location, > ssl.server.keystore.location, ssl.server.keystore.password, and > ssl.server.keystore.keypassword) we should check if they are set and throw an > IOException if they are not. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (HDFS-3059) ssl-server.xml causes NullPointer
[ https://issues.apache.org/jira/browse/HDFS-3059?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=14966097#comment-14966097 ] Hudson commented on HDFS-3059: -- FAILURE: Integrated in Hadoop-Hdfs-trunk #2456 (See [https://builds.apache.org/job/Hadoop-Hdfs-trunk/2456/]) HDFS-3059. ssl-server.xml causes NullPointer. Contributed by Xiao Chen. (wang: rev 6c8b6f3646b31a3e028704bc7fd78bf319f89f0a) * hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/DFSConfigKeys.java * hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/DFSUtil.java * hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/TestHDFSServerPorts.java * hadoop-hdfs-project/hadoop-hdfs/CHANGES.txt * hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/SecondaryNameNode.java > ssl-server.xml causes NullPointer > - > > Key: HDFS-3059 > URL: https://issues.apache.org/jira/browse/HDFS-3059 > Project: Hadoop HDFS > Issue Type: Bug > Components: datanode, security >Affects Versions: 2.7.1 > Environment: in core-site.xml: > {code:xml} > > hadoop.security.authentication > kerberos > > > hadoop.security.authorization > true > > {code} > in hdfs-site.xml: > {code:xml} > > dfs.https.server.keystore.resource > /etc/hadoop/conf/ssl-server.xml > > > dfs.https.enable > true > > > ...other security props > > {code} >Reporter: Evert Lammerts >Assignee: Xiao Chen >Priority: Minor > Labels: BB2015-05-TBR > Fix For: 2.8.0 > > Attachments: HDFS-3059-branch2.patch, HDFS-3059.02.patch, > HDFS-3059.03.patch, HDFS-3059.04.patch, HDFS-3059.05.patch, > HDFS-3059.06.patch, HDFS-3059.07.patch, HDFS-3059.08.patch, HDFS-3059.patch, > HDFS-3059.patch.2 > > > If ssl is enabled (dfs.https.enable) but ssl-server.xml is not available, a > DN will crash during startup while setting up an SSL socket with a > NullPointerException: > {noformat}12/03/07 17:08:36 DEBUG security.Krb5AndCertsSslSocketConnector: > useKerb = false, useCerts = true > jetty.ssl.password : jetty.ssl.keypassword : 12/03/07 17:08:36 INFO > mortbay.log: jetty-6.1.26.cloudera.1 > 12/03/07 17:08:36 INFO mortbay.log: Started > selectchannelconnec...@p-worker35.alley.sara.nl:1006 > 12/03/07 17:08:36 DEBUG security.Krb5AndCertsSslSocketConnector: Creating new > KrbServerSocket for: 0.0.0.0 > 12/03/07 17:08:36 WARN mortbay.log: java.lang.NullPointerException > 12/03/07 17:08:36 WARN mortbay.log: failed > Krb5AndCertsSslSocketConnector@0.0.0.0:50475: java.io.IOException: > !JsseListener: java.lang.NullPointerException > 12/03/07 17:08:36 WARN mortbay.log: failed Server@604788d5: > java.io.IOException: !JsseListener: java.lang.NullPointerException > 12/03/07 17:08:36 INFO mortbay.log: Stopped > Krb5AndCertsSslSocketConnector@0.0.0.0:50475 > 12/03/07 17:08:36 INFO mortbay.log: Stopped > selectchannelconnec...@p-worker35.alley.sara.nl:1006 > 12/03/07 17:08:37 INFO datanode.DataNode: Waiting for threadgroup to exit, > active threads is 0{noformat} > The same happens if I set an absolute path to an existing > dfs.https.server.keystore.resource - in this case the file cannot be found > but not even a WARN is given. > Since in dfs.https.server.keystore.resource we know we need to have 4 > properties specified (ssl.server.truststore.location, > ssl.server.keystore.location, ssl.server.keystore.password, and > ssl.server.keystore.keypassword) we should check if they are set and throw an > IOException if they are not. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (HDFS-3059) ssl-server.xml causes NullPointer
[ https://issues.apache.org/jira/browse/HDFS-3059?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=14964321#comment-14964321 ] Andrew Wang commented on HDFS-3059: --- Hi Xiao, code-wise looks functionally good, only stylistic comments: * I'm not a fan of this conditional behavior buried in {{initialize}}; how do you feel about moving starting infoServer to a new function, and calling it before we do startCheckpointThread in main? This makes this behavior difference more explicit. * The new DFSConfigKeys constants should end in _KEY like the other variables in this file. > ssl-server.xml causes NullPointer > - > > Key: HDFS-3059 > URL: https://issues.apache.org/jira/browse/HDFS-3059 > Project: Hadoop HDFS > Issue Type: Bug > Components: datanode, security >Affects Versions: 2.7.1 > Environment: in core-site.xml: > {code:xml} > > hadoop.security.authentication > kerberos > > > hadoop.security.authorization > true > > {code} > in hdfs-site.xml: > {code:xml} > > dfs.https.server.keystore.resource > /etc/hadoop/conf/ssl-server.xml > > > dfs.https.enable > true > > > ...other security props > > {code} >Reporter: Evert Lammerts >Assignee: Xiao Chen >Priority: Minor > Labels: BB2015-05-TBR > Attachments: HDFS-3059.02.patch, HDFS-3059.03.patch, > HDFS-3059.04.patch, HDFS-3059.05.patch, HDFS-3059.06.patch, HDFS-3059.patch, > HDFS-3059.patch.2 > > > If ssl is enabled (dfs.https.enable) but ssl-server.xml is not available, a > DN will crash during startup while setting up an SSL socket with a > NullPointerException: > {noformat}12/03/07 17:08:36 DEBUG security.Krb5AndCertsSslSocketConnector: > useKerb = false, useCerts = true > jetty.ssl.password : jetty.ssl.keypassword : 12/03/07 17:08:36 INFO > mortbay.log: jetty-6.1.26.cloudera.1 > 12/03/07 17:08:36 INFO mortbay.log: Started > selectchannelconnec...@p-worker35.alley.sara.nl:1006 > 12/03/07 17:08:36 DEBUG security.Krb5AndCertsSslSocketConnector: Creating new > KrbServerSocket for: 0.0.0.0 > 12/03/07 17:08:36 WARN mortbay.log: java.lang.NullPointerException > 12/03/07 17:08:36 WARN mortbay.log: failed > Krb5AndCertsSslSocketConnector@0.0.0.0:50475: java.io.IOException: > !JsseListener: java.lang.NullPointerException > 12/03/07 17:08:36 WARN mortbay.log: failed Server@604788d5: > java.io.IOException: !JsseListener: java.lang.NullPointerException > 12/03/07 17:08:36 INFO mortbay.log: Stopped > Krb5AndCertsSslSocketConnector@0.0.0.0:50475 > 12/03/07 17:08:36 INFO mortbay.log: Stopped > selectchannelconnec...@p-worker35.alley.sara.nl:1006 > 12/03/07 17:08:37 INFO datanode.DataNode: Waiting for threadgroup to exit, > active threads is 0{noformat} > The same happens if I set an absolute path to an existing > dfs.https.server.keystore.resource - in this case the file cannot be found > but not even a WARN is given. > Since in dfs.https.server.keystore.resource we know we need to have 4 > properties specified (ssl.server.truststore.location, > ssl.server.keystore.location, ssl.server.keystore.password, and > ssl.server.keystore.keypassword) we should check if they are set and throw an > IOException if they are not. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (HDFS-3059) ssl-server.xml causes NullPointer
[ https://issues.apache.org/jira/browse/HDFS-3059?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=14964458#comment-14964458 ] Hadoop QA commented on HDFS-3059: - \\ \\ | (x) *{color:red}-1 overall{color}* | \\ \\ || Vote || Subsystem || Runtime || Comment || | {color:red}-1{color} | pre-patch | 18m 17s | Pre-patch trunk has 1 extant Findbugs (version 3.0.0) warnings. | | {color:green}+1{color} | @author | 0m 0s | The patch does not contain any @author tags. | | {color:red}-1{color} | tests included | 0m 0s | The patch doesn't appear to include any new or modified tests. Please justify why no new tests are needed for this patch. Also please list what manual steps were performed to verify this patch. | | {color:green}+1{color} | javac | 8m 1s | There were no new javac warning messages. | | {color:green}+1{color} | javadoc | 10m 29s | There were no new javadoc warning messages. | | {color:green}+1{color} | release audit | 0m 23s | The applied patch does not increase the total number of release audit warnings. | | {color:red}-1{color} | checkstyle | 1m 26s | The applied patch generated 2 new checkstyle issues (total was 508, now 509). | | {color:green}+1{color} | whitespace | 0m 0s | The patch has no lines that end in whitespace. | | {color:green}+1{color} | install | 1m 32s | mvn install still works. | | {color:green}+1{color} | eclipse:eclipse | 0m 34s | The patch built with eclipse:eclipse. | | {color:green}+1{color} | findbugs | 2m 32s | The patch does not introduce any new Findbugs (version 3.0.0) warnings. | | {color:green}+1{color} | native | 3m 21s | Pre-build of native portion | | {color:red}-1{color} | hdfs tests | 49m 55s | Tests failed in hadoop-hdfs. | | | | 96m 33s | | \\ \\ || Reason || Tests || | Failed unit tests | hadoop.hdfs.server.datanode.TestDirectoryScanner | | | hadoop.hdfs.TestHDFSServerPorts | \\ \\ || Subsystem || Report/Notes || | Patch URL | http://issues.apache.org/jira/secure/attachment/12767510/HDFS-3059.07.patch | | Optional Tests | javadoc javac unit findbugs checkstyle | | git revision | trunk / ded012e | | Pre-patch Findbugs warnings | https://builds.apache.org/job/PreCommit-HDFS-Build/13067/artifact/patchprocess/trunkFindbugsWarningshadoop-hdfs.html | | checkstyle | https://builds.apache.org/job/PreCommit-HDFS-Build/13067/artifact/patchprocess/diffcheckstylehadoop-hdfs.txt | | hadoop-hdfs test log | https://builds.apache.org/job/PreCommit-HDFS-Build/13067/artifact/patchprocess/testrun_hadoop-hdfs.txt | | Test Results | https://builds.apache.org/job/PreCommit-HDFS-Build/13067/testReport/ | | Java | 1.7.0_55 | | uname | Linux asf904.gq1.ygridcore.net 3.13.0-36-lowlatency #63-Ubuntu SMP PREEMPT Wed Sep 3 21:56:12 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux | | Console output | https://builds.apache.org/job/PreCommit-HDFS-Build/13067/console | This message was automatically generated. > ssl-server.xml causes NullPointer > - > > Key: HDFS-3059 > URL: https://issues.apache.org/jira/browse/HDFS-3059 > Project: Hadoop HDFS > Issue Type: Bug > Components: datanode, security >Affects Versions: 2.7.1 > Environment: in core-site.xml: > {code:xml} > > hadoop.security.authentication > kerberos > > > hadoop.security.authorization > true > > {code} > in hdfs-site.xml: > {code:xml} > > dfs.https.server.keystore.resource > /etc/hadoop/conf/ssl-server.xml > > > dfs.https.enable > true > > > ...other security props > > {code} >Reporter: Evert Lammerts >Assignee: Xiao Chen >Priority: Minor > Labels: BB2015-05-TBR > Attachments: HDFS-3059.02.patch, HDFS-3059.03.patch, > HDFS-3059.04.patch, HDFS-3059.05.patch, HDFS-3059.06.patch, > HDFS-3059.07.patch, HDFS-3059.patch, HDFS-3059.patch.2 > > > If ssl is enabled (dfs.https.enable) but ssl-server.xml is not available, a > DN will crash during startup while setting up an SSL socket with a > NullPointerException: > {noformat}12/03/07 17:08:36 DEBUG security.Krb5AndCertsSslSocketConnector: > useKerb = false, useCerts = true > jetty.ssl.password : jetty.ssl.keypassword : 12/03/07 17:08:36 INFO > mortbay.log: jetty-6.1.26.cloudera.1 > 12/03/07 17:08:36 INFO mortbay.log: Started > selectchannelconnec...@p-worker35.alley.sara.nl:1006 > 12/03/07 17:08:36 DEBUG security.Krb5AndCertsSslSocketConnector: Creating new > KrbServerSocket for: 0.0.0.0 > 12/03/07 17:08:36 WARN mortbay.log: java.lang.NullPointerException > 12/03/07 17:08:36 WARN mortbay.log: failed > Krb5AndCertsSslSocketConnector@0.0.0.0:50475: java.io.IOException: > !JsseListener: java.lang.NullPointerException > 12/03/07 17:08:36 WARN mortbay.log: failed Server@604788d5: > java.io.IOException: !JsseListener: java.lang.NullPointerException >
[jira] [Commented] (HDFS-3059) ssl-server.xml causes NullPointer
[ https://issues.apache.org/jira/browse/HDFS-3059?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=14964376#comment-14964376 ] Xiao Chen commented on HDFS-3059: - Hi Andrew, Thanks a lot for the review. {quote} I'm not a fan of this conditional behavior buried in initialize; how do you feel about moving starting infoServer to a new function, and calling it before we do startCheckpointThread in main? This makes this behavior difference more explicit. {quote} Great idea! Fixed. I think this should be the way to go - it's more straightforward, and we can save the nullity check for ops in main. {quote} The new DFSConfigKeys constants should end in _KEY like the other variables in this file. {quote} Good catch. Fixed. Patch 07 was uploaded. > ssl-server.xml causes NullPointer > - > > Key: HDFS-3059 > URL: https://issues.apache.org/jira/browse/HDFS-3059 > Project: Hadoop HDFS > Issue Type: Bug > Components: datanode, security >Affects Versions: 2.7.1 > Environment: in core-site.xml: > {code:xml} > > hadoop.security.authentication > kerberos > > > hadoop.security.authorization > true > > {code} > in hdfs-site.xml: > {code:xml} > > dfs.https.server.keystore.resource > /etc/hadoop/conf/ssl-server.xml > > > dfs.https.enable > true > > > ...other security props > > {code} >Reporter: Evert Lammerts >Assignee: Xiao Chen >Priority: Minor > Labels: BB2015-05-TBR > Attachments: HDFS-3059.02.patch, HDFS-3059.03.patch, > HDFS-3059.04.patch, HDFS-3059.05.patch, HDFS-3059.06.patch, > HDFS-3059.07.patch, HDFS-3059.patch, HDFS-3059.patch.2 > > > If ssl is enabled (dfs.https.enable) but ssl-server.xml is not available, a > DN will crash during startup while setting up an SSL socket with a > NullPointerException: > {noformat}12/03/07 17:08:36 DEBUG security.Krb5AndCertsSslSocketConnector: > useKerb = false, useCerts = true > jetty.ssl.password : jetty.ssl.keypassword : 12/03/07 17:08:36 INFO > mortbay.log: jetty-6.1.26.cloudera.1 > 12/03/07 17:08:36 INFO mortbay.log: Started > selectchannelconnec...@p-worker35.alley.sara.nl:1006 > 12/03/07 17:08:36 DEBUG security.Krb5AndCertsSslSocketConnector: Creating new > KrbServerSocket for: 0.0.0.0 > 12/03/07 17:08:36 WARN mortbay.log: java.lang.NullPointerException > 12/03/07 17:08:36 WARN mortbay.log: failed > Krb5AndCertsSslSocketConnector@0.0.0.0:50475: java.io.IOException: > !JsseListener: java.lang.NullPointerException > 12/03/07 17:08:36 WARN mortbay.log: failed Server@604788d5: > java.io.IOException: !JsseListener: java.lang.NullPointerException > 12/03/07 17:08:36 INFO mortbay.log: Stopped > Krb5AndCertsSslSocketConnector@0.0.0.0:50475 > 12/03/07 17:08:36 INFO mortbay.log: Stopped > selectchannelconnec...@p-worker35.alley.sara.nl:1006 > 12/03/07 17:08:37 INFO datanode.DataNode: Waiting for threadgroup to exit, > active threads is 0{noformat} > The same happens if I set an absolute path to an existing > dfs.https.server.keystore.resource - in this case the file cannot be found > but not even a WARN is given. > Since in dfs.https.server.keystore.resource we know we need to have 4 > properties specified (ssl.server.truststore.location, > ssl.server.keystore.location, ssl.server.keystore.password, and > ssl.server.keystore.keypassword) we should check if they are set and throw an > IOException if they are not. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (HDFS-3059) ssl-server.xml causes NullPointer
[ https://issues.apache.org/jira/browse/HDFS-3059?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=14964582#comment-14964582 ] Xiao Chen commented on HDFS-3059: - Patch 08 fixed the test failure. > ssl-server.xml causes NullPointer > - > > Key: HDFS-3059 > URL: https://issues.apache.org/jira/browse/HDFS-3059 > Project: Hadoop HDFS > Issue Type: Bug > Components: datanode, security >Affects Versions: 2.7.1 > Environment: in core-site.xml: > {code:xml} > > hadoop.security.authentication > kerberos > > > hadoop.security.authorization > true > > {code} > in hdfs-site.xml: > {code:xml} > > dfs.https.server.keystore.resource > /etc/hadoop/conf/ssl-server.xml > > > dfs.https.enable > true > > > ...other security props > > {code} >Reporter: Evert Lammerts >Assignee: Xiao Chen >Priority: Minor > Labels: BB2015-05-TBR > Attachments: HDFS-3059.02.patch, HDFS-3059.03.patch, > HDFS-3059.04.patch, HDFS-3059.05.patch, HDFS-3059.06.patch, > HDFS-3059.07.patch, HDFS-3059.08.patch, HDFS-3059.patch, HDFS-3059.patch.2 > > > If ssl is enabled (dfs.https.enable) but ssl-server.xml is not available, a > DN will crash during startup while setting up an SSL socket with a > NullPointerException: > {noformat}12/03/07 17:08:36 DEBUG security.Krb5AndCertsSslSocketConnector: > useKerb = false, useCerts = true > jetty.ssl.password : jetty.ssl.keypassword : 12/03/07 17:08:36 INFO > mortbay.log: jetty-6.1.26.cloudera.1 > 12/03/07 17:08:36 INFO mortbay.log: Started > selectchannelconnec...@p-worker35.alley.sara.nl:1006 > 12/03/07 17:08:36 DEBUG security.Krb5AndCertsSslSocketConnector: Creating new > KrbServerSocket for: 0.0.0.0 > 12/03/07 17:08:36 WARN mortbay.log: java.lang.NullPointerException > 12/03/07 17:08:36 WARN mortbay.log: failed > Krb5AndCertsSslSocketConnector@0.0.0.0:50475: java.io.IOException: > !JsseListener: java.lang.NullPointerException > 12/03/07 17:08:36 WARN mortbay.log: failed Server@604788d5: > java.io.IOException: !JsseListener: java.lang.NullPointerException > 12/03/07 17:08:36 INFO mortbay.log: Stopped > Krb5AndCertsSslSocketConnector@0.0.0.0:50475 > 12/03/07 17:08:36 INFO mortbay.log: Stopped > selectchannelconnec...@p-worker35.alley.sara.nl:1006 > 12/03/07 17:08:37 INFO datanode.DataNode: Waiting for threadgroup to exit, > active threads is 0{noformat} > The same happens if I set an absolute path to an existing > dfs.https.server.keystore.resource - in this case the file cannot be found > but not even a WARN is given. > Since in dfs.https.server.keystore.resource we know we need to have 4 > properties specified (ssl.server.truststore.location, > ssl.server.keystore.location, ssl.server.keystore.password, and > ssl.server.keystore.keypassword) we should check if they are set and throw an > IOException if they are not. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (HDFS-3059) ssl-server.xml causes NullPointer
[ https://issues.apache.org/jira/browse/HDFS-3059?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=14962724#comment-14962724 ] Hadoop QA commented on HDFS-3059: - \\ \\ | (x) *{color:red}-1 overall{color}* | \\ \\ || Vote || Subsystem || Runtime || Comment || | {color:red}-1{color} | pre-patch | 21m 19s | Pre-patch trunk has 1 extant Findbugs (version 3.0.0) warnings. | | {color:green}+1{color} | @author | 0m 0s | The patch does not contain any @author tags. | | {color:red}-1{color} | tests included | 0m 0s | The patch doesn't appear to include any new or modified tests. Please justify why no new tests are needed for this patch. Also please list what manual steps were performed to verify this patch. | | {color:green}+1{color} | javac | 8m 35s | There were no new javac warning messages. | | {color:green}+1{color} | javadoc | 11m 10s | There were no new javadoc warning messages. | | {color:green}+1{color} | release audit | 0m 24s | The applied patch does not increase the total number of release audit warnings. | | {color:red}-1{color} | checkstyle | 1m 30s | The applied patch generated 2 new checkstyle issues (total was 508, now 510). | | {color:green}+1{color} | whitespace | 0m 0s | The patch has no lines that end in whitespace. | | {color:green}+1{color} | install | 1m 39s | mvn install still works. | | {color:green}+1{color} | eclipse:eclipse | 0m 36s | The patch built with eclipse:eclipse. | | {color:green}+1{color} | findbugs | 2m 39s | The patch does not introduce any new Findbugs (version 3.0.0) warnings. | | {color:green}+1{color} | native | 3m 25s | Pre-build of native portion | | {color:red}-1{color} | hdfs tests | 62m 57s | Tests failed in hadoop-hdfs. | | | | 114m 18s | | \\ \\ || Reason || Tests || | Failed unit tests | hadoop.hdfs.TestReplaceDatanodeOnFailure | | | hadoop.hdfs.TestRollingUpgrade | | | hadoop.hdfs.server.namenode.TestFileTruncate | \\ \\ || Subsystem || Report/Notes || | Patch URL | http://issues.apache.org/jira/secure/attachment/12766944/HDFS-3059.06.patch | | Optional Tests | javadoc javac unit findbugs checkstyle | | git revision | trunk / 0ab3f9d | | Pre-patch Findbugs warnings | https://builds.apache.org/job/PreCommit-HDFS-Build/13044/artifact/patchprocess/trunkFindbugsWarningshadoop-hdfs.html | | checkstyle | https://builds.apache.org/job/PreCommit-HDFS-Build/13044/artifact/patchprocess/diffcheckstylehadoop-hdfs.txt | | hadoop-hdfs test log | https://builds.apache.org/job/PreCommit-HDFS-Build/13044/artifact/patchprocess/testrun_hadoop-hdfs.txt | | Test Results | https://builds.apache.org/job/PreCommit-HDFS-Build/13044/testReport/ | | Java | 1.7.0_55 | | uname | Linux asf909.gq1.ygridcore.net 3.13.0-36-lowlatency #63-Ubuntu SMP PREEMPT Wed Sep 3 21:56:12 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux | | Console output | https://builds.apache.org/job/PreCommit-HDFS-Build/13044/console | This message was automatically generated. > ssl-server.xml causes NullPointer > - > > Key: HDFS-3059 > URL: https://issues.apache.org/jira/browse/HDFS-3059 > Project: Hadoop HDFS > Issue Type: Bug > Components: datanode, security >Affects Versions: 2.7.1 > Environment: in core-site.xml: > {code:xml} > > hadoop.security.authentication > kerberos > > > hadoop.security.authorization > true > > {code} > in hdfs-site.xml: > {code:xml} > > dfs.https.server.keystore.resource > /etc/hadoop/conf/ssl-server.xml > > > dfs.https.enable > true > > > ...other security props > > {code} >Reporter: Evert Lammerts >Assignee: Xiao Chen >Priority: Minor > Labels: BB2015-05-TBR > Attachments: HDFS-3059.02.patch, HDFS-3059.03.patch, > HDFS-3059.04.patch, HDFS-3059.05.patch, HDFS-3059.06.patch, HDFS-3059.patch, > HDFS-3059.patch.2 > > > If ssl is enabled (dfs.https.enable) but ssl-server.xml is not available, a > DN will crash during startup while setting up an SSL socket with a > NullPointerException: > {noformat}12/03/07 17:08:36 DEBUG security.Krb5AndCertsSslSocketConnector: > useKerb = false, useCerts = true > jetty.ssl.password : jetty.ssl.keypassword : 12/03/07 17:08:36 INFO > mortbay.log: jetty-6.1.26.cloudera.1 > 12/03/07 17:08:36 INFO mortbay.log: Started > selectchannelconnec...@p-worker35.alley.sara.nl:1006 > 12/03/07 17:08:36 DEBUG security.Krb5AndCertsSslSocketConnector: Creating new > KrbServerSocket for: 0.0.0.0 > 12/03/07 17:08:36 WARN mortbay.log: java.lang.NullPointerException > 12/03/07 17:08:36 WARN mortbay.log: failed > Krb5AndCertsSslSocketConnector@0.0.0.0:50475: java.io.IOException: > !JsseListener: java.lang.NullPointerException > 12/03/07 17:08:36 WARN mortbay.log: failed Server@604788d5: > java.io.IOException: !JsseListener:
[jira] [Commented] (HDFS-3059) ssl-server.xml causes NullPointer
[ https://issues.apache.org/jira/browse/HDFS-3059?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=14960014#comment-14960014 ] Xiao Chen commented on HDFS-3059: - Thanks Yongjun for the comments. Attached patch 06 addressed your suggestions. {quote} 3. Would you please explain why the following comments? maybe add the explanation as an addition to the comment. {quote} This is added because I met the same NPE described when running secondarynamenode (2NN). Running a command like {{hdfs secondarynamenode -checkpoint}} with kerberos enabled will fail with the same NPE thrown. The cause is that 2NN web server is needed when starting as a daemon, to show status/metrics etc., which needs to get credentials. When running from shell, the environment doesn't have the credentials and prompts for password. When the password is not correct, {{getPassword}} sets the password to null, causing the NPE. Note that clients are't supposed to know the password, but we should definitely allow them to checkpoint. Since the metrics etc. are not needed when running 2NN from shell, I think it makes sense to not start the web server at all. I have updated the comments like below, to give more information. {code} // The web server is only needed when starting SNN as a daemon, // and not needed if called from shell command. Starting the web server // from shell may fail when getting credentials, if the environment is not // set up for it, which is most of the case. {code} > ssl-server.xml causes NullPointer > - > > Key: HDFS-3059 > URL: https://issues.apache.org/jira/browse/HDFS-3059 > Project: Hadoop HDFS > Issue Type: Bug > Components: datanode, security >Affects Versions: 2.7.1 > Environment: in core-site.xml: > {code:xml} > > hadoop.security.authentication > kerberos > > > hadoop.security.authorization > true > > {code} > in hdfs-site.xml: > {code:xml} > > dfs.https.server.keystore.resource > /etc/hadoop/conf/ssl-server.xml > > > dfs.https.enable > true > > > ...other security props > > {code} >Reporter: Evert Lammerts >Assignee: Xiao Chen >Priority: Minor > Labels: BB2015-05-TBR > Attachments: HDFS-3059.02.patch, HDFS-3059.03.patch, > HDFS-3059.04.patch, HDFS-3059.05.patch, HDFS-3059.06.patch, HDFS-3059.patch, > HDFS-3059.patch.2 > > > If ssl is enabled (dfs.https.enable) but ssl-server.xml is not available, a > DN will crash during startup while setting up an SSL socket with a > NullPointerException: > {noformat}12/03/07 17:08:36 DEBUG security.Krb5AndCertsSslSocketConnector: > useKerb = false, useCerts = true > jetty.ssl.password : jetty.ssl.keypassword : 12/03/07 17:08:36 INFO > mortbay.log: jetty-6.1.26.cloudera.1 > 12/03/07 17:08:36 INFO mortbay.log: Started > selectchannelconnec...@p-worker35.alley.sara.nl:1006 > 12/03/07 17:08:36 DEBUG security.Krb5AndCertsSslSocketConnector: Creating new > KrbServerSocket for: 0.0.0.0 > 12/03/07 17:08:36 WARN mortbay.log: java.lang.NullPointerException > 12/03/07 17:08:36 WARN mortbay.log: failed > Krb5AndCertsSslSocketConnector@0.0.0.0:50475: java.io.IOException: > !JsseListener: java.lang.NullPointerException > 12/03/07 17:08:36 WARN mortbay.log: failed Server@604788d5: > java.io.IOException: !JsseListener: java.lang.NullPointerException > 12/03/07 17:08:36 INFO mortbay.log: Stopped > Krb5AndCertsSslSocketConnector@0.0.0.0:50475 > 12/03/07 17:08:36 INFO mortbay.log: Stopped > selectchannelconnec...@p-worker35.alley.sara.nl:1006 > 12/03/07 17:08:37 INFO datanode.DataNode: Waiting for threadgroup to exit, > active threads is 0{noformat} > The same happens if I set an absolute path to an existing > dfs.https.server.keystore.resource - in this case the file cannot be found > but not even a WARN is given. > Since in dfs.https.server.keystore.resource we know we need to have 4 > properties specified (ssl.server.truststore.location, > ssl.server.keystore.location, ssl.server.keystore.password, and > ssl.server.keystore.keypassword) we should check if they are set and throw an > IOException if they are not. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (HDFS-3059) ssl-server.xml causes NullPointer
[ https://issues.apache.org/jira/browse/HDFS-3059?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=14959332#comment-14959332 ] Yongjun Zhang commented on HDFS-3059: - HI [~xiaochen], Thanks for working on this issue. I browsed it and have some comments/question: {code} LOG.warn("IOException caught when getting password, setting password " + "to null. Exception:\"" + ioe.getMessage() + "\"."); {code} to: {code} LOG.warn("Setting password to null since IOException is caught when getting password", ioe); {code} 2. Add comma to " is specified make sure it is a relative path" as "is specified, make sure it is a relative path" 3. Would you please explain why the following comments? maybe add the explanation as an addition to the comment. {code} // This is only needed when starting SNN as a daemon, // and no need to run it if called from shell command. {code} Thanks. > ssl-server.xml causes NullPointer > - > > Key: HDFS-3059 > URL: https://issues.apache.org/jira/browse/HDFS-3059 > Project: Hadoop HDFS > Issue Type: Bug > Components: datanode, security >Affects Versions: 2.7.1 > Environment: in core-site.xml: > {code:xml} > > hadoop.security.authentication > kerberos > > > hadoop.security.authorization > true > > {code} > in hdfs-site.xml: > {code:xml} > > dfs.https.server.keystore.resource > /etc/hadoop/conf/ssl-server.xml > > > dfs.https.enable > true > > > ...other security props > > {code} >Reporter: Evert Lammerts >Assignee: Xiao Chen >Priority: Minor > Labels: BB2015-05-TBR > Attachments: HDFS-3059.02.patch, HDFS-3059.03.patch, > HDFS-3059.04.patch, HDFS-3059.05.patch, HDFS-3059.patch, HDFS-3059.patch.2 > > > If ssl is enabled (dfs.https.enable) but ssl-server.xml is not available, a > DN will crash during startup while setting up an SSL socket with a > NullPointerException: > {noformat}12/03/07 17:08:36 DEBUG security.Krb5AndCertsSslSocketConnector: > useKerb = false, useCerts = true > jetty.ssl.password : jetty.ssl.keypassword : 12/03/07 17:08:36 INFO > mortbay.log: jetty-6.1.26.cloudera.1 > 12/03/07 17:08:36 INFO mortbay.log: Started > selectchannelconnec...@p-worker35.alley.sara.nl:1006 > 12/03/07 17:08:36 DEBUG security.Krb5AndCertsSslSocketConnector: Creating new > KrbServerSocket for: 0.0.0.0 > 12/03/07 17:08:36 WARN mortbay.log: java.lang.NullPointerException > 12/03/07 17:08:36 WARN mortbay.log: failed > Krb5AndCertsSslSocketConnector@0.0.0.0:50475: java.io.IOException: > !JsseListener: java.lang.NullPointerException > 12/03/07 17:08:36 WARN mortbay.log: failed Server@604788d5: > java.io.IOException: !JsseListener: java.lang.NullPointerException > 12/03/07 17:08:36 INFO mortbay.log: Stopped > Krb5AndCertsSslSocketConnector@0.0.0.0:50475 > 12/03/07 17:08:36 INFO mortbay.log: Stopped > selectchannelconnec...@p-worker35.alley.sara.nl:1006 > 12/03/07 17:08:37 INFO datanode.DataNode: Waiting for threadgroup to exit, > active threads is 0{noformat} > The same happens if I set an absolute path to an existing > dfs.https.server.keystore.resource - in this case the file cannot be found > but not even a WARN is given. > Since in dfs.https.server.keystore.resource we know we need to have 4 > properties specified (ssl.server.truststore.location, > ssl.server.keystore.location, ssl.server.keystore.password, and > ssl.server.keystore.keypassword) we should check if they are set and throw an > IOException if they are not. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (HDFS-3059) ssl-server.xml causes NullPointer
[ https://issues.apache.org/jira/browse/HDFS-3059?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=14951511#comment-14951511 ] Hadoop QA commented on HDFS-3059: - \\ \\ | (x) *{color:red}-1 overall{color}* | \\ \\ || Vote || Subsystem || Runtime || Comment || | {color:red}-1{color} | pre-patch | 20m 0s | Findbugs (version 3.0.0) appears to be broken on trunk. | | {color:green}+1{color} | @author | 0m 0s | The patch does not contain any @author tags. | | {color:red}-1{color} | tests included | 0m 0s | The patch doesn't appear to include any new or modified tests. Please justify why no new tests are needed for this patch. Also please list what manual steps were performed to verify this patch. | | {color:green}+1{color} | javac | 9m 4s | There were no new javac warning messages. | | {color:green}+1{color} | javadoc | 11m 32s | There were no new javadoc warning messages. | | {color:red}-1{color} | release audit | 0m 22s | The applied patch generated 1 release audit warnings. | | {color:red}-1{color} | checkstyle | 1m 7s | The applied patch generated 508 new checkstyle issues (total was 0, now 508). | | {color:green}+1{color} | whitespace | 0m 0s | The patch has no lines that end in whitespace. | | {color:green}+1{color} | install | 1m 38s | mvn install still works. | | {color:green}+1{color} | eclipse:eclipse | 0m 35s | The patch built with eclipse:eclipse. | | {color:green}+1{color} | findbugs | 2m 44s | The patch does not introduce any new Findbugs (version 3.0.0) warnings. | | {color:green}+1{color} | native | 3m 30s | Pre-build of native portion | | {color:red}-1{color} | hdfs tests | 195m 18s | Tests failed in hadoop-hdfs. | | | | 245m 53s | | \\ \\ || Reason || Tests || | Failed unit tests | hadoop.hdfs.util.TestByteArrayManager | | Timed out tests | org.apache.hadoop.hdfs.TestHDFSFileSystemContract | \\ \\ || Subsystem || Report/Notes || | Patch URL | http://issues.apache.org/jira/secure/attachment/12765887/HDFS-3059.05.patch | | Optional Tests | javadoc javac unit findbugs checkstyle | | git revision | trunk / 4f6e842 | | Release Audit | https://builds.apache.org/job/PreCommit-HDFS-Build/12900/artifact/patchprocess/patchReleaseAuditProblems.txt | | checkstyle | https://builds.apache.org/job/PreCommit-HDFS-Build/12900/artifact/patchprocess/diffcheckstylehadoop-hdfs.txt | | hadoop-hdfs test log | https://builds.apache.org/job/PreCommit-HDFS-Build/12900/artifact/patchprocess/testrun_hadoop-hdfs.txt | | Test Results | https://builds.apache.org/job/PreCommit-HDFS-Build/12900/testReport/ | | Java | 1.7.0_55 | | uname | Linux asf902.gq1.ygridcore.net 3.13.0-36-lowlatency #63-Ubuntu SMP PREEMPT Wed Sep 3 21:56:12 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux | | Console output | https://builds.apache.org/job/PreCommit-HDFS-Build/12900/console | This message was automatically generated. > ssl-server.xml causes NullPointer > - > > Key: HDFS-3059 > URL: https://issues.apache.org/jira/browse/HDFS-3059 > Project: Hadoop HDFS > Issue Type: Bug > Components: datanode, security >Affects Versions: 2.7.1 > Environment: in core-site.xml: > {code:xml} > > hadoop.security.authentication > kerberos > > > hadoop.security.authorization > true > > {code} > in hdfs-site.xml: > {code:xml} > > dfs.https.server.keystore.resource > /etc/hadoop/conf/ssl-server.xml > > > dfs.https.enable > true > > > ...other security props > > {code} >Reporter: Evert Lammerts >Assignee: Xiao Chen >Priority: Minor > Labels: BB2015-05-TBR > Attachments: HDFS-3059.02.patch, HDFS-3059.03.patch, > HDFS-3059.04.patch, HDFS-3059.05.patch, HDFS-3059.patch, HDFS-3059.patch.2 > > > If ssl is enabled (dfs.https.enable) but ssl-server.xml is not available, a > DN will crash during startup while setting up an SSL socket with a > NullPointerException: > {noformat}12/03/07 17:08:36 DEBUG security.Krb5AndCertsSslSocketConnector: > useKerb = false, useCerts = true > jetty.ssl.password : jetty.ssl.keypassword : 12/03/07 17:08:36 INFO > mortbay.log: jetty-6.1.26.cloudera.1 > 12/03/07 17:08:36 INFO mortbay.log: Started > selectchannelconnec...@p-worker35.alley.sara.nl:1006 > 12/03/07 17:08:36 DEBUG security.Krb5AndCertsSslSocketConnector: Creating new > KrbServerSocket for: 0.0.0.0 > 12/03/07 17:08:36 WARN mortbay.log: java.lang.NullPointerException > 12/03/07 17:08:36 WARN mortbay.log: failed > Krb5AndCertsSslSocketConnector@0.0.0.0:50475: java.io.IOException: > !JsseListener: java.lang.NullPointerException > 12/03/07 17:08:36 WARN mortbay.log: failed Server@604788d5: > java.io.IOException: !JsseListener: java.lang.NullPointerException > 12/03/07 17:08:36 INFO mortbay.log: Stopped >
[jira] [Commented] (HDFS-3059) ssl-server.xml causes NullPointer
[ https://issues.apache.org/jira/browse/HDFS-3059?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=14949950#comment-14949950 ] Hadoop QA commented on HDFS-3059: - \\ \\ | (x) *{color:red}-1 overall{color}* | \\ \\ || Vote || Subsystem || Runtime || Comment || | {color:blue}0{color} | pre-patch | 20m 20s | Pre-patch trunk compilation is healthy. | | {color:green}+1{color} | @author | 0m 0s | The patch does not contain any @author tags. | | {color:red}-1{color} | tests included | 0m 0s | The patch doesn't appear to include any new or modified tests. Please justify why no new tests are needed for this patch. Also please list what manual steps were performed to verify this patch. | | {color:green}+1{color} | javac | 9m 6s | There were no new javac warning messages. | | {color:green}+1{color} | javadoc | 11m 43s | There were no new javadoc warning messages. | | {color:red}-1{color} | release audit | 0m 20s | The applied patch generated 1 release audit warnings. | | {color:red}-1{color} | checkstyle | 1m 40s | The applied patch generated 5 new checkstyle issues (total was 506, now 511). | | {color:green}+1{color} | whitespace | 0m 0s | The patch has no lines that end in whitespace. | | {color:green}+1{color} | install | 1m 36s | mvn install still works. | | {color:green}+1{color} | eclipse:eclipse | 0m 37s | The patch built with eclipse:eclipse. | | {color:green}+1{color} | findbugs | 2m 47s | The patch does not introduce any new Findbugs (version 3.0.0) warnings. | | {color:green}+1{color} | native | 3m 39s | Pre-build of native portion | | {color:red}-1{color} | hdfs tests | 199m 4s | Tests failed in hadoop-hdfs. | | | | 250m 56s | | \\ \\ || Reason || Tests || | Failed unit tests | hadoop.hdfs.TestWriteRead | | | hadoop.hdfs.server.blockmanagement.TestNodeCount | | | hadoop.hdfs.server.blockmanagement.TestBlockManager | \\ \\ || Subsystem || Report/Notes || | Patch URL | http://issues.apache.org/jira/secure/attachment/12765719/HDFS-3059.04.patch | | Optional Tests | javadoc javac unit findbugs checkstyle | | git revision | trunk / b4390d5 | | Release Audit | https://builds.apache.org/job/PreCommit-HDFS-Build/12877/artifact/patchprocess/patchReleaseAuditProblems.txt | | checkstyle | https://builds.apache.org/job/PreCommit-HDFS-Build/12877/artifact/patchprocess/diffcheckstylehadoop-hdfs.txt | | hadoop-hdfs test log | https://builds.apache.org/job/PreCommit-HDFS-Build/12877/artifact/patchprocess/testrun_hadoop-hdfs.txt | | Test Results | https://builds.apache.org/job/PreCommit-HDFS-Build/12877/testReport/ | | Java | 1.7.0_55 | | uname | Linux asf907.gq1.ygridcore.net 3.13.0-36-lowlatency #63-Ubuntu SMP PREEMPT Wed Sep 3 21:56:12 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux | | Console output | https://builds.apache.org/job/PreCommit-HDFS-Build/12877/console | This message was automatically generated. > ssl-server.xml causes NullPointer > - > > Key: HDFS-3059 > URL: https://issues.apache.org/jira/browse/HDFS-3059 > Project: Hadoop HDFS > Issue Type: Bug > Components: datanode, security >Affects Versions: 2.7.1 > Environment: in core-site.xml: > {code:xml} > > hadoop.security.authentication > kerberos > > > hadoop.security.authorization > true > > {code} > in hdfs-site.xml: > {code:xml} > > dfs.https.server.keystore.resource > /etc/hadoop/conf/ssl-server.xml > > > dfs.https.enable > true > > > ...other security props > > {code} >Reporter: Evert Lammerts >Priority: Minor > Labels: BB2015-05-TBR > Attachments: HDFS-3059.02.patch, HDFS-3059.03.patch, > HDFS-3059.04.patch, HDFS-3059.patch, HDFS-3059.patch.2 > > > If ssl is enabled (dfs.https.enable) but ssl-server.xml is not available, a > DN will crash during startup while setting up an SSL socket with a > NullPointerException: > {noformat}12/03/07 17:08:36 DEBUG security.Krb5AndCertsSslSocketConnector: > useKerb = false, useCerts = true > jetty.ssl.password : jetty.ssl.keypassword : 12/03/07 17:08:36 INFO > mortbay.log: jetty-6.1.26.cloudera.1 > 12/03/07 17:08:36 INFO mortbay.log: Started > selectchannelconnec...@p-worker35.alley.sara.nl:1006 > 12/03/07 17:08:36 DEBUG security.Krb5AndCertsSslSocketConnector: Creating new > KrbServerSocket for: 0.0.0.0 > 12/03/07 17:08:36 WARN mortbay.log: java.lang.NullPointerException > 12/03/07 17:08:36 WARN mortbay.log: failed > Krb5AndCertsSslSocketConnector@0.0.0.0:50475: java.io.IOException: > !JsseListener: java.lang.NullPointerException > 12/03/07 17:08:36 WARN mortbay.log: failed Server@604788d5: > java.io.IOException: !JsseListener: java.lang.NullPointerException > 12/03/07 17:08:36 INFO mortbay.log: Stopped > Krb5AndCertsSslSocketConnector@0.0.0.0:50475 > 12/03/07 17:08:36 INFO
[jira] [Commented] (HDFS-3059) ssl-server.xml causes NullPointer
[ https://issues.apache.org/jira/browse/HDFS-3059?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=14951027#comment-14951027 ] Xiao Chen commented on HDFS-3059: - The test failures/release audit warnings are unrelated, and as described above no test is needed. Updated patch 05 to address the checkstyle issue: since I touched {{SecondaryNameNode}}, I think it makes sense to make the changed part within 80 chars. {{DFSConfigKeys}} seems to be not following the 80 chars rule, so kept my original code. Would someone please help review? Thanks in advance. > ssl-server.xml causes NullPointer > - > > Key: HDFS-3059 > URL: https://issues.apache.org/jira/browse/HDFS-3059 > Project: Hadoop HDFS > Issue Type: Bug > Components: datanode, security >Affects Versions: 2.7.1 > Environment: in core-site.xml: > {code:xml} > > hadoop.security.authentication > kerberos > > > hadoop.security.authorization > true > > {code} > in hdfs-site.xml: > {code:xml} > > dfs.https.server.keystore.resource > /etc/hadoop/conf/ssl-server.xml > > > dfs.https.enable > true > > > ...other security props > > {code} >Reporter: Evert Lammerts >Priority: Minor > Labels: BB2015-05-TBR > Attachments: HDFS-3059.02.patch, HDFS-3059.03.patch, > HDFS-3059.04.patch, HDFS-3059.05.patch, HDFS-3059.patch, HDFS-3059.patch.2 > > > If ssl is enabled (dfs.https.enable) but ssl-server.xml is not available, a > DN will crash during startup while setting up an SSL socket with a > NullPointerException: > {noformat}12/03/07 17:08:36 DEBUG security.Krb5AndCertsSslSocketConnector: > useKerb = false, useCerts = true > jetty.ssl.password : jetty.ssl.keypassword : 12/03/07 17:08:36 INFO > mortbay.log: jetty-6.1.26.cloudera.1 > 12/03/07 17:08:36 INFO mortbay.log: Started > selectchannelconnec...@p-worker35.alley.sara.nl:1006 > 12/03/07 17:08:36 DEBUG security.Krb5AndCertsSslSocketConnector: Creating new > KrbServerSocket for: 0.0.0.0 > 12/03/07 17:08:36 WARN mortbay.log: java.lang.NullPointerException > 12/03/07 17:08:36 WARN mortbay.log: failed > Krb5AndCertsSslSocketConnector@0.0.0.0:50475: java.io.IOException: > !JsseListener: java.lang.NullPointerException > 12/03/07 17:08:36 WARN mortbay.log: failed Server@604788d5: > java.io.IOException: !JsseListener: java.lang.NullPointerException > 12/03/07 17:08:36 INFO mortbay.log: Stopped > Krb5AndCertsSslSocketConnector@0.0.0.0:50475 > 12/03/07 17:08:36 INFO mortbay.log: Stopped > selectchannelconnec...@p-worker35.alley.sara.nl:1006 > 12/03/07 17:08:37 INFO datanode.DataNode: Waiting for threadgroup to exit, > active threads is 0{noformat} > The same happens if I set an absolute path to an existing > dfs.https.server.keystore.resource - in this case the file cannot be found > but not even a WARN is given. > Since in dfs.https.server.keystore.resource we know we need to have 4 > properties specified (ssl.server.truststore.location, > ssl.server.keystore.location, ssl.server.keystore.password, and > ssl.server.keystore.keypassword) we should check if they are set and throw an > IOException if they are not. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (HDFS-3059) ssl-server.xml causes NullPointer
[ https://issues.apache.org/jira/browse/HDFS-3059?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=14949726#comment-14949726 ] Xiao Chen commented on HDFS-3059: - I have attached a patch 04 trying to fix the NullPointerException. * The initial patches looks great. Thanks for the contribution Evert, Aaron and Ravi! * Even if all configurations in {{ssl-server.xml}} are right, if the keystores were not setup/passed in correctly, we would still end up with the NPE. This is because {{DFSUtil#getPassword}} silently sets the password to null. I added a warn message here, because throwing exception seems to be too strict, and Java KeyStore allows passing null when load. * When starting secondarynamenode from shell with security enabled, it unnecessarily checks for password and try to setup a web server, which then may end up in the same NPE. I checked for whether it's called from shell before firing up the web server. I have only tested this manually, don't think unit testing is needed as this is more of a supportability issue. > ssl-server.xml causes NullPointer > - > > Key: HDFS-3059 > URL: https://issues.apache.org/jira/browse/HDFS-3059 > Project: Hadoop HDFS > Issue Type: Bug > Components: datanode, security >Affects Versions: 2.7.1 > Environment: in core-site.xml: > {code:xml} > > hadoop.security.authentication > kerberos > > > hadoop.security.authorization > true > > {code} > in hdfs-site.xml: > {code:xml} > > dfs.https.server.keystore.resource > /etc/hadoop/conf/ssl-server.xml > > > dfs.https.enable > true > > > ...other security props > > {code} >Reporter: Evert Lammerts >Priority: Minor > Labels: BB2015-05-TBR > Attachments: HDFS-3059.02.patch, HDFS-3059.03.patch, > HDFS-3059.04.patch, HDFS-3059.patch, HDFS-3059.patch.2 > > > If ssl is enabled (dfs.https.enable) but ssl-server.xml is not available, a > DN will crash during startup while setting up an SSL socket with a > NullPointerException: > {noformat}12/03/07 17:08:36 DEBUG security.Krb5AndCertsSslSocketConnector: > useKerb = false, useCerts = true > jetty.ssl.password : jetty.ssl.keypassword : 12/03/07 17:08:36 INFO > mortbay.log: jetty-6.1.26.cloudera.1 > 12/03/07 17:08:36 INFO mortbay.log: Started > selectchannelconnec...@p-worker35.alley.sara.nl:1006 > 12/03/07 17:08:36 DEBUG security.Krb5AndCertsSslSocketConnector: Creating new > KrbServerSocket for: 0.0.0.0 > 12/03/07 17:08:36 WARN mortbay.log: java.lang.NullPointerException > 12/03/07 17:08:36 WARN mortbay.log: failed > Krb5AndCertsSslSocketConnector@0.0.0.0:50475: java.io.IOException: > !JsseListener: java.lang.NullPointerException > 12/03/07 17:08:36 WARN mortbay.log: failed Server@604788d5: > java.io.IOException: !JsseListener: java.lang.NullPointerException > 12/03/07 17:08:36 INFO mortbay.log: Stopped > Krb5AndCertsSslSocketConnector@0.0.0.0:50475 > 12/03/07 17:08:36 INFO mortbay.log: Stopped > selectchannelconnec...@p-worker35.alley.sara.nl:1006 > 12/03/07 17:08:37 INFO datanode.DataNode: Waiting for threadgroup to exit, > active threads is 0{noformat} > The same happens if I set an absolute path to an existing > dfs.https.server.keystore.resource - in this case the file cannot be found > but not even a WARN is given. > Since in dfs.https.server.keystore.resource we know we need to have 4 > properties specified (ssl.server.truststore.location, > ssl.server.keystore.location, ssl.server.keystore.password, and > ssl.server.keystore.keypassword) we should check if they are set and throw an > IOException if they are not. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (HDFS-3059) ssl-server.xml causes NullPointer
[ https://issues.apache.org/jira/browse/HDFS-3059?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13772571#comment-13772571 ] Jing Zhao commented on HDFS-3059: - I think this is a very useful feature. We just met the similar problem in both NN and DN when starting http server with https enabled. By applying the patch we can quickly identify the cause of the problem. ssl-server.xml causes NullPointer - Key: HDFS-3059 URL: https://issues.apache.org/jira/browse/HDFS-3059 Project: Hadoop HDFS Issue Type: Bug Components: datanode, security Affects Versions: 0.20.205.0, 1.0.0 Environment: in core-site.xml: {code:xml} property namehadoop.security.authentication/name valuekerberos/value /property property namehadoop.security.authorization/name valuetrue/value /property {code} in hdfs-site.xml: {code:xml} property namedfs.https.server.keystore.resource/name value/etc/hadoop/conf/ssl-server.xml/value /property property namedfs.https.enable/name valuetrue/value /property property ...other security props /property {code} Reporter: Evert Lammerts Priority: Minor Attachments: HDFS-3059.patch, HDFS-3059.patch.2 If ssl is enabled (dfs.https.enable) but ssl-server.xml is not available, a DN will crash during startup while setting up an SSL socket with a NullPointerException: {noformat}12/03/07 17:08:36 DEBUG security.Krb5AndCertsSslSocketConnector: useKerb = false, useCerts = true jetty.ssl.password : jetty.ssl.keypassword : 12/03/07 17:08:36 INFO mortbay.log: jetty-6.1.26.cloudera.1 12/03/07 17:08:36 INFO mortbay.log: Started selectchannelconnec...@p-worker35.alley.sara.nl:1006 12/03/07 17:08:36 DEBUG security.Krb5AndCertsSslSocketConnector: Creating new KrbServerSocket for: 0.0.0.0 12/03/07 17:08:36 WARN mortbay.log: java.lang.NullPointerException 12/03/07 17:08:36 WARN mortbay.log: failed Krb5AndCertsSslSocketConnector@0.0.0.0:50475: java.io.IOException: !JsseListener: java.lang.NullPointerException 12/03/07 17:08:36 WARN mortbay.log: failed Server@604788d5: java.io.IOException: !JsseListener: java.lang.NullPointerException 12/03/07 17:08:36 INFO mortbay.log: Stopped Krb5AndCertsSslSocketConnector@0.0.0.0:50475 12/03/07 17:08:36 INFO mortbay.log: Stopped selectchannelconnec...@p-worker35.alley.sara.nl:1006 12/03/07 17:08:37 INFO datanode.DataNode: Waiting for threadgroup to exit, active threads is 0{noformat} The same happens if I set an absolute path to an existing dfs.https.server.keystore.resource - in this case the file cannot be found but not even a WARN is given. Since in dfs.https.server.keystore.resource we know we need to have 4 properties specified (ssl.server.truststore.location, ssl.server.keystore.location, ssl.server.keystore.password, and ssl.server.keystore.keypassword) we should check if they are set and throw an IOException if they are not. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HDFS-3059) ssl-server.xml causes NullPointer
[ https://issues.apache.org/jira/browse/HDFS-3059?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13225094#comment-13225094 ] Evert Lammerts commented on HDFS-3059: -- Added better feedback, this should work. The first patch was written for tag 0.20.205 - I'm on CDH3u3 and was assuming 0.20.205 is the version it is based on. I have only tested it against CDH using the source RPMs, since I don't know how to set up a development environment for a DN in an environment with Kerberos enabled. Any tips about that are welcome, this was not a very comfortable way of debugging: editing the source, building it, copying the core jar to the datanode and namenode, and starting both; way to get RSI ;-) ssl-server.xml causes NullPointer - Key: HDFS-3059 URL: https://issues.apache.org/jira/browse/HDFS-3059 Project: Hadoop HDFS Issue Type: Bug Components: data-node, security Affects Versions: 0.20.205.0, 1.0.0 Environment: in core-site.xml: {code:xml} property namehadoop.security.authentication/name valuekerberos/value /property property namehadoop.security.authorization/name valuetrue/value /property {code} in hdfs-site.xml: {code:xml} property namedfs.https.server.keystore.resource/name value/etc/hadoop/conf/ssl-server.xml/value /property property namedfs.https.enable/name valuetrue/value /property property ...other security props /property {code} Reporter: Evert Lammerts Priority: Minor Attachments: HDFS-3059.patch, HDFS-3059.patch.2 If ssl is enabled (dfs.https.enable) but ssl-server.xml is not available, a DN will crash during startup while setting up an SSL socket with a NullPointerException: {noformat}12/03/07 17:08:36 DEBUG security.Krb5AndCertsSslSocketConnector: useKerb = false, useCerts = true jetty.ssl.password : jetty.ssl.keypassword : 12/03/07 17:08:36 INFO mortbay.log: jetty-6.1.26.cloudera.1 12/03/07 17:08:36 INFO mortbay.log: Started selectchannelconnec...@p-worker35.alley.sara.nl:1006 12/03/07 17:08:36 DEBUG security.Krb5AndCertsSslSocketConnector: Creating new KrbServerSocket for: 0.0.0.0 12/03/07 17:08:36 WARN mortbay.log: java.lang.NullPointerException 12/03/07 17:08:36 WARN mortbay.log: failed Krb5AndCertsSslSocketConnector@0.0.0.0:50475: java.io.IOException: !JsseListener: java.lang.NullPointerException 12/03/07 17:08:36 WARN mortbay.log: failed Server@604788d5: java.io.IOException: !JsseListener: java.lang.NullPointerException 12/03/07 17:08:36 INFO mortbay.log: Stopped Krb5AndCertsSslSocketConnector@0.0.0.0:50475 12/03/07 17:08:36 INFO mortbay.log: Stopped selectchannelconnec...@p-worker35.alley.sara.nl:1006 12/03/07 17:08:37 INFO datanode.DataNode: Waiting for threadgroup to exit, active threads is 0{noformat} The same happens if I set an absolute path to an existing dfs.https.server.keystore.resource - in this case the file cannot be found but not even a WARN is given. Since in dfs.https.server.keystore.resource we know we need to have 4 properties specified (ssl.server.truststore.location, ssl.server.keystore.location, ssl.server.keystore.password, and ssl.server.keystore.keypassword) we should check if they are set and throw an IOException if they are not. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HDFS-3059) ssl-server.xml causes NullPointer
[ https://issues.apache.org/jira/browse/HDFS-3059?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13225095#comment-13225095 ] Evert Lammerts commented on HDFS-3059: -- This one's against trunk, btw ssl-server.xml causes NullPointer - Key: HDFS-3059 URL: https://issues.apache.org/jira/browse/HDFS-3059 Project: Hadoop HDFS Issue Type: Bug Components: data-node, security Affects Versions: 0.20.205.0, 1.0.0 Environment: in core-site.xml: {code:xml} property namehadoop.security.authentication/name valuekerberos/value /property property namehadoop.security.authorization/name valuetrue/value /property {code} in hdfs-site.xml: {code:xml} property namedfs.https.server.keystore.resource/name value/etc/hadoop/conf/ssl-server.xml/value /property property namedfs.https.enable/name valuetrue/value /property property ...other security props /property {code} Reporter: Evert Lammerts Priority: Minor Attachments: HDFS-3059.patch, HDFS-3059.patch.2 If ssl is enabled (dfs.https.enable) but ssl-server.xml is not available, a DN will crash during startup while setting up an SSL socket with a NullPointerException: {noformat}12/03/07 17:08:36 DEBUG security.Krb5AndCertsSslSocketConnector: useKerb = false, useCerts = true jetty.ssl.password : jetty.ssl.keypassword : 12/03/07 17:08:36 INFO mortbay.log: jetty-6.1.26.cloudera.1 12/03/07 17:08:36 INFO mortbay.log: Started selectchannelconnec...@p-worker35.alley.sara.nl:1006 12/03/07 17:08:36 DEBUG security.Krb5AndCertsSslSocketConnector: Creating new KrbServerSocket for: 0.0.0.0 12/03/07 17:08:36 WARN mortbay.log: java.lang.NullPointerException 12/03/07 17:08:36 WARN mortbay.log: failed Krb5AndCertsSslSocketConnector@0.0.0.0:50475: java.io.IOException: !JsseListener: java.lang.NullPointerException 12/03/07 17:08:36 WARN mortbay.log: failed Server@604788d5: java.io.IOException: !JsseListener: java.lang.NullPointerException 12/03/07 17:08:36 INFO mortbay.log: Stopped Krb5AndCertsSslSocketConnector@0.0.0.0:50475 12/03/07 17:08:36 INFO mortbay.log: Stopped selectchannelconnec...@p-worker35.alley.sara.nl:1006 12/03/07 17:08:37 INFO datanode.DataNode: Waiting for threadgroup to exit, active threads is 0{noformat} The same happens if I set an absolute path to an existing dfs.https.server.keystore.resource - in this case the file cannot be found but not even a WARN is given. Since in dfs.https.server.keystore.resource we know we need to have 4 properties specified (ssl.server.truststore.location, ssl.server.keystore.location, ssl.server.keystore.password, and ssl.server.keystore.keypassword) we should check if they are set and throw an IOException if they are not. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HDFS-3059) ssl-server.xml causes NullPointer
[ https://issues.apache.org/jira/browse/HDFS-3059?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13224518#comment-13224518 ] Aaron T. Myers commented on HDFS-3059: -- Hey Evert, good find. The patch looks pretty good to me. I think it could be improved a little bit by having the error message include what actual config parameter(s) are missing from ssl-server.xml. Otherwise, users are still going to have to look at the code to figure out what they need to change. Do you agree? Also, you mention that this patch would need to be ported to 1.0 as well, but it looks to me like this patch isn't written against trunk. What version of Hadoop was it written for? In general, we require that all patches first be provided for trunk, and then be back-ported to maintenance branches like branch-1.0. ssl-server.xml causes NullPointer - Key: HDFS-3059 URL: https://issues.apache.org/jira/browse/HDFS-3059 Project: Hadoop HDFS Issue Type: Bug Components: data-node, security Affects Versions: 0.20.205.0, 1.0.0 Environment: in core-site.xml: {code:xml} property namehadoop.security.authentication/name valuekerberos/value /property property namehadoop.security.authorization/name valuetrue/value /property {code} in hdfs-site.xml: {code:xml} property namedfs.https.server.keystore.resource/name value/etc/hadoop/conf/ssl-server.xml/value /property property namedfs.https.enable/name valuetrue/value /property property ...other security props /property {code} Reporter: Evert Lammerts Priority: Minor Attachments: HDFS-3059.patch If ssl is enabled (dfs.https.enable) but ssl-server.xml is not available, a DN will crash during startup while setting up an SSL socket with a NullPointerException: {noformat}12/03/07 17:08:36 DEBUG security.Krb5AndCertsSslSocketConnector: useKerb = false, useCerts = true jetty.ssl.password : jetty.ssl.keypassword : 12/03/07 17:08:36 INFO mortbay.log: jetty-6.1.26.cloudera.1 12/03/07 17:08:36 INFO mortbay.log: Started selectchannelconnec...@p-worker35.alley.sara.nl:1006 12/03/07 17:08:36 DEBUG security.Krb5AndCertsSslSocketConnector: Creating new KrbServerSocket for: 0.0.0.0 12/03/07 17:08:36 WARN mortbay.log: java.lang.NullPointerException 12/03/07 17:08:36 WARN mortbay.log: failed Krb5AndCertsSslSocketConnector@0.0.0.0:50475: java.io.IOException: !JsseListener: java.lang.NullPointerException 12/03/07 17:08:36 WARN mortbay.log: failed Server@604788d5: java.io.IOException: !JsseListener: java.lang.NullPointerException 12/03/07 17:08:36 INFO mortbay.log: Stopped Krb5AndCertsSslSocketConnector@0.0.0.0:50475 12/03/07 17:08:36 INFO mortbay.log: Stopped selectchannelconnec...@p-worker35.alley.sara.nl:1006 12/03/07 17:08:37 INFO datanode.DataNode: Waiting for threadgroup to exit, active threads is 0{noformat} The same happens if I set an absolute path to an existing dfs.https.server.keystore.resource - in this case the file cannot be found but not even a WARN is given. Since in dfs.https.server.keystore.resource we know we need to have 4 properties specified (ssl.server.truststore.location, ssl.server.keystore.location, ssl.server.keystore.password, and ssl.server.keystore.keypassword) we should check if they are set and throw an IOException if they are not. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira