[jira] [Commented] (HBASE-15830) Sasl encryption doesn't work with AsyncRpcChannelImpl
[ https://issues.apache.org/jira/browse/HBASE-15830?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15306150#comment-15306150 ] Colin Ma commented on HBASE-15830: -- [~ghelmling], just created HBASE-15913 for this problem on branch-1. > Sasl encryption doesn't work with AsyncRpcChannelImpl > - > > Key: HBASE-15830 > URL: https://issues.apache.org/jira/browse/HBASE-15830 > Project: HBase > Issue Type: Bug >Reporter: Colin Ma >Assignee: Colin Ma > Fix For: 2.0.0 > > Attachments: HBASE-15830.001.patch, HBASE-15830.002.patch, > HBASE-15830.003.patch, HBASE-15830.004.patch > > > Currently, sasl encryption doesn't work with AsyncRpcChannelImpl, there has 3 > problems: > 1. > [sourcecode|https://github.com/apache/hbase/blob/master/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SaslClientHandler.java#L308] > will throw the following exception: > java.lang.UnsupportedOperationException: direct buffer > at > io.netty.buffer.UnpooledUnsafeDirectByteBuf.array(UnpooledUnsafeDirectByteBuf.java:199) > at > org.apache.hadoop.hbase.security.SaslClientHandler.write(SaslClientHandler.java:308) > 2. > [sourcecode|https://github.com/apache/hbase/blob/master/hbase-client/src/main/java/org/apache/hadoop/hbase/ipc/AsyncRpcChannelImpl.java#L212] > has deadlocks problem. > 3. TestAsyncSecureIPC doesn't cover the sasl encryption test case. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (HBASE-15830) Sasl encryption doesn't work with AsyncRpcChannelImpl
[ https://issues.apache.org/jira/browse/HBASE-15830?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15304473#comment-15304473 ] Gary Helmling commented on HBASE-15830: --- [~colinma], this is now applied to master so will show up in 2.0. It looks like the async RPC code in branch-1 will have similar problems with qop != auth, but the code there is substantially different as well -- AsyncRpcChannel vs. AsyncRpcChannelImpl, and no TestAsyncSecureIPC class at all. Were you looking to get this change in to branch-1 as well? If so, maybe we should open a separate issue for the backport. > Sasl encryption doesn't work with AsyncRpcChannelImpl > - > > Key: HBASE-15830 > URL: https://issues.apache.org/jira/browse/HBASE-15830 > Project: HBase > Issue Type: Bug >Reporter: Colin Ma >Assignee: Colin Ma > Fix For: 2.0.0 > > Attachments: HBASE-15830.001.patch, HBASE-15830.002.patch, > HBASE-15830.003.patch, HBASE-15830.004.patch > > > Currently, sasl encryption doesn't work with AsyncRpcChannelImpl, there has 3 > problems: > 1. > [sourcecode|https://github.com/apache/hbase/blob/master/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SaslClientHandler.java#L308] > will throw the following exception: > java.lang.UnsupportedOperationException: direct buffer > at > io.netty.buffer.UnpooledUnsafeDirectByteBuf.array(UnpooledUnsafeDirectByteBuf.java:199) > at > org.apache.hadoop.hbase.security.SaslClientHandler.write(SaslClientHandler.java:308) > 2. > [sourcecode|https://github.com/apache/hbase/blob/master/hbase-client/src/main/java/org/apache/hadoop/hbase/ipc/AsyncRpcChannelImpl.java#L212] > has deadlocks problem. > 3. TestAsyncSecureIPC doesn't cover the sasl encryption test case. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (HBASE-15830) Sasl encryption doesn't work with AsyncRpcChannelImpl
[ https://issues.apache.org/jira/browse/HBASE-15830?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15303738#comment-15303738 ] Hudson commented on HBASE-15830: FAILURE: Integrated in HBase-Trunk_matrix #952 (See [https://builds.apache.org/job/HBase-Trunk_matrix/952/]) HBASE-15830 SASL encryption doesn't work with AsyncRpcChannelImpl (Colin (garyh: rev da0d74cd27154b76aaa69fe0e5742821f3bfea79) * hbase-server/src/test/java/org/apache/hadoop/hbase/security/AbstractTestSecureIPC.java * hbase-client/src/main/java/org/apache/hadoop/hbase/ipc/AsyncRpcChannelImpl.java * hbase-client/src/main/java/org/apache/hadoop/hbase/security/SaslClientHandler.java > Sasl encryption doesn't work with AsyncRpcChannelImpl > - > > Key: HBASE-15830 > URL: https://issues.apache.org/jira/browse/HBASE-15830 > Project: HBase > Issue Type: Bug >Reporter: Colin Ma > Fix For: 2.0.0 > > Attachments: HBASE-15830.001.patch, HBASE-15830.002.patch, > HBASE-15830.003.patch, HBASE-15830.004.patch > > > Currently, sasl encryption doesn't work with AsyncRpcChannelImpl, there has 3 > problems: > 1. > [sourcecode|https://github.com/apache/hbase/blob/master/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SaslClientHandler.java#L308] > will throw the following exception: > java.lang.UnsupportedOperationException: direct buffer > at > io.netty.buffer.UnpooledUnsafeDirectByteBuf.array(UnpooledUnsafeDirectByteBuf.java:199) > at > org.apache.hadoop.hbase.security.SaslClientHandler.write(SaslClientHandler.java:308) > 2. > [sourcecode|https://github.com/apache/hbase/blob/master/hbase-client/src/main/java/org/apache/hadoop/hbase/ipc/AsyncRpcChannelImpl.java#L212] > has deadlocks problem. > 3. TestAsyncSecureIPC doesn't cover the sasl encryption test case. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (HBASE-15830) Sasl encryption doesn't work with AsyncRpcChannelImpl
[ https://issues.apache.org/jira/browse/HBASE-15830?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15303522#comment-15303522 ] Gary Helmling commented on HBASE-15830: --- Committed to master. Thanks for the patch [~colinma]. > Sasl encryption doesn't work with AsyncRpcChannelImpl > - > > Key: HBASE-15830 > URL: https://issues.apache.org/jira/browse/HBASE-15830 > Project: HBase > Issue Type: Bug >Reporter: Colin Ma > Fix For: 2.0.0 > > Attachments: HBASE-15830.001.patch, HBASE-15830.002.patch, > HBASE-15830.003.patch, HBASE-15830.004.patch > > > Currently, sasl encryption doesn't work with AsyncRpcChannelImpl, there has 3 > problems: > 1. > [sourcecode|https://github.com/apache/hbase/blob/master/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SaslClientHandler.java#L308] > will throw the following exception: > java.lang.UnsupportedOperationException: direct buffer > at > io.netty.buffer.UnpooledUnsafeDirectByteBuf.array(UnpooledUnsafeDirectByteBuf.java:199) > at > org.apache.hadoop.hbase.security.SaslClientHandler.write(SaslClientHandler.java:308) > 2. > [sourcecode|https://github.com/apache/hbase/blob/master/hbase-client/src/main/java/org/apache/hadoop/hbase/ipc/AsyncRpcChannelImpl.java#L212] > has deadlocks problem. > 3. TestAsyncSecureIPC doesn't cover the sasl encryption test case. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (HBASE-15830) Sasl encryption doesn't work with AsyncRpcChannelImpl
[
https://issues.apache.org/jira/browse/HBASE-15830?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15303437#comment-15303437
]
Hadoop QA commented on HBASE-15830:
---
| (/) *{color:green}+1 overall{color}* |
\\
\\
|| Vote || Subsystem || Runtime || Comment ||
| {color:green}+1{color} | {color:green} hbaseanti {color} | {color:green} 0m
0s {color} | {color:green} Patch does not have any anti-patterns. {color} |
| {color:green}+1{color} | {color:green} @author {color} | {color:green} 0m 0s
{color} | {color:green} The patch does not contain any @author tags. {color} |
| {color:green}+1{color} | {color:green} test4tests {color} | {color:green} 0m
0s {color} | {color:green} The patch appears to include 1 new or modified test
files. {color} |
| {color:blue}0{color} | {color:blue} mvndep {color} | {color:blue} 0m 9s
{color} | {color:blue} Maven dependency ordering for branch {color} |
| {color:green}+1{color} | {color:green} mvninstall {color} | {color:green} 2m
55s {color} | {color:green} master passed {color} |
| {color:green}+1{color} | {color:green} compile {color} | {color:green} 1m 3s
{color} | {color:green} master passed with JDK v1.8.0 {color} |
| {color:green}+1{color} | {color:green} compile {color} | {color:green} 0m 49s
{color} | {color:green} master passed with JDK v1.7.0_79 {color} |
| {color:green}+1{color} | {color:green} checkstyle {color} | {color:green} 0m
49s {color} | {color:green} master passed {color} |
| {color:green}+1{color} | {color:green} mvneclipse {color} | {color:green} 0m
28s {color} | {color:green} master passed {color} |
| {color:green}+1{color} | {color:green} findbugs {color} | {color:green} 2m
51s {color} | {color:green} master passed {color} |
| {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 0m 52s
{color} | {color:green} master passed with JDK v1.8.0 {color} |
| {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 0m 52s
{color} | {color:green} master passed with JDK v1.7.0_79 {color} |
| {color:blue}0{color} | {color:blue} mvndep {color} | {color:blue} 0m 9s
{color} | {color:blue} Maven dependency ordering for patch {color} |
| {color:green}+1{color} | {color:green} mvninstall {color} | {color:green} 1m
2s {color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} compile {color} | {color:green} 1m 12s
{color} | {color:green} the patch passed with JDK v1.8.0 {color} |
| {color:green}+1{color} | {color:green} javac {color} | {color:green} 1m 12s
{color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} compile {color} | {color:green} 0m 49s
{color} | {color:green} the patch passed with JDK v1.7.0_79 {color} |
| {color:green}+1{color} | {color:green} javac {color} | {color:green} 0m 49s
{color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} checkstyle {color} | {color:green} 0m
49s {color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} mvneclipse {color} | {color:green} 0m
28s {color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} whitespace {color} | {color:green} 0m
0s {color} | {color:green} Patch has no whitespace issues. {color} |
| {color:green}+1{color} | {color:green} hadoopcheck {color} | {color:green}
26m 1s {color} | {color:green} Patch does not cause any errors with Hadoop
2.4.0 2.4.1 2.5.0 2.5.1 2.5.2 2.6.1 2.6.2 2.6.3 2.7.1. {color} |
| {color:green}+1{color} | {color:green} findbugs {color} | {color:green} 3m
25s {color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 0m 51s
{color} | {color:green} the patch passed with JDK v1.8.0 {color} |
| {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 0m 51s
{color} | {color:green} the patch passed with JDK v1.7.0_79 {color} |
| {color:green}+1{color} | {color:green} unit {color} | {color:green} 0m 56s
{color} | {color:green} hbase-client in the patch passed. {color} |
| {color:green}+1{color} | {color:green} unit {color} | {color:green} 85m 51s
{color} | {color:green} hbase-server in the patch passed. {color} |
| {color:green}+1{color} | {color:green} asflicense {color} | {color:green} 0m
36s {color} | {color:green} Patch does not generate ASF License warnings.
{color} |
| {color:black}{color} | {color:black} {color} | {color:black} 134m 33s {color}
| {color:black} {color} |
\\
\\
|| Subsystem || Report/Notes ||
| JIRA Patch URL |
https://issues.apache.org/jira/secure/attachment/12806541/HBASE-15830.004.patch
|
| JIRA Issue | HBASE-15830 |
| Optional Tests | asflicense javac javadoc unit findbugs hadoopcheck
hbaseanti checkstyle compile |
| uname | Linux asf900.gq1.ygridcore.net 3.13.0-36-lowlatency #63-Ubuntu SMP
PREEMPT Wed Sep 3 21:56:12 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux |
| Build tool | maven |
|
[jira] [Commented] (HBASE-15830) Sasl encryption doesn't work with AsyncRpcChannelImpl
[ https://issues.apache.org/jira/browse/HBASE-15830?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15303321#comment-15303321 ] Colin Ma commented on HBASE-15830: -- [~ghelmling], thanks for review, the patch is updated according to your comments. > Sasl encryption doesn't work with AsyncRpcChannelImpl > - > > Key: HBASE-15830 > URL: https://issues.apache.org/jira/browse/HBASE-15830 > Project: HBase > Issue Type: Bug >Reporter: Colin Ma > Attachments: HBASE-15830.001.patch, HBASE-15830.002.patch, > HBASE-15830.003.patch, HBASE-15830.004.patch > > > Currently, sasl encryption doesn't work with AsyncRpcChannelImpl, there has 3 > problems: > 1. > [sourcecode|https://github.com/apache/hbase/blob/master/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SaslClientHandler.java#L308] > will throw the following exception: > java.lang.UnsupportedOperationException: direct buffer > at > io.netty.buffer.UnpooledUnsafeDirectByteBuf.array(UnpooledUnsafeDirectByteBuf.java:199) > at > org.apache.hadoop.hbase.security.SaslClientHandler.write(SaslClientHandler.java:308) > 2. > [sourcecode|https://github.com/apache/hbase/blob/master/hbase-client/src/main/java/org/apache/hadoop/hbase/ipc/AsyncRpcChannelImpl.java#L212] > has deadlocks problem. > 3. TestAsyncSecureIPC doesn't cover the sasl encryption test case. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (HBASE-15830) Sasl encryption doesn't work with AsyncRpcChannelImpl
[ https://issues.apache.org/jira/browse/HBASE-15830?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15301603#comment-15301603 ] Colin Ma commented on HBASE-15830: -- hi, [~ghelmling], can you help to review the updated patch? Thanks for your help. > Sasl encryption doesn't work with AsyncRpcChannelImpl > - > > Key: HBASE-15830 > URL: https://issues.apache.org/jira/browse/HBASE-15830 > Project: HBase > Issue Type: Bug >Reporter: Colin Ma > Attachments: HBASE-15830.001.patch, HBASE-15830.002.patch, > HBASE-15830.003.patch > > > Currently, sasl encryption doesn't work with AsyncRpcChannelImpl, there has 3 > problems: > 1. > [sourcecode|https://github.com/apache/hbase/blob/master/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SaslClientHandler.java#L308] > will throw the following exception: > java.lang.UnsupportedOperationException: direct buffer > at > io.netty.buffer.UnpooledUnsafeDirectByteBuf.array(UnpooledUnsafeDirectByteBuf.java:199) > at > org.apache.hadoop.hbase.security.SaslClientHandler.write(SaslClientHandler.java:308) > 2. > [sourcecode|https://github.com/apache/hbase/blob/master/hbase-client/src/main/java/org/apache/hadoop/hbase/ipc/AsyncRpcChannelImpl.java#L212] > has deadlocks problem. > 3. TestAsyncSecureIPC doesn't cover the sasl encryption test case. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (HBASE-15830) Sasl encryption doesn't work with AsyncRpcChannelImpl
[ https://issues.apache.org/jira/browse/HBASE-15830?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15297884#comment-15297884 ] Colin Ma commented on HBASE-15830: -- hi, [~ghelmling], thanks for the review. I updated the patch according to your comments. Please see my answer for the following comments: * in getChannelHeaderBytes(AuthMethod authMethod), why not use IPCUtil.getTotalSizeWhenWrittenDelimited() instead of hard-coding the extra 4 bytes? For every message to RpcServer, the total size should be size of message body + 4(which is int size). But IPCUtil.getTotalSizeWhenWrittenDelimited() can't compute the correct size for RpcServer, so the extra 4 bytes is used. * Don't we need to write the connection header in both cases? If qop == auth, the connection header will be written in successfulConnectHandler.onSuccess(ctx.channel()). To avoid the deadlocks problem(refer the [source code|https://github.com/apache/hbase/blob/master/hbase-client/src/main/java/org/apache/hadoop/hbase/ipc/AsyncRpcChannelImpl.java#L212]), the connection header should be written in SaslClientHandler.channelRead(). For the test case, I haven't tested this on a real cluster, just tested with AbstractTestSecureIPC.testSaslWithCommonQop(). The link for reviewboard is in this JIRA, you also can publish the comments there. > Sasl encryption doesn't work with AsyncRpcChannelImpl > - > > Key: HBASE-15830 > URL: https://issues.apache.org/jira/browse/HBASE-15830 > Project: HBase > Issue Type: Bug >Reporter: Colin Ma > Attachments: HBASE-15830.001.patch, HBASE-15830.002.patch, > HBASE-15830.003.patch > > > Currently, sasl encryption doesn't work with AsyncRpcChannelImpl, there has 3 > problems: > 1. > [sourcecode|https://github.com/apache/hbase/blob/master/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SaslClientHandler.java#L308] > will throw the following exception: > java.lang.UnsupportedOperationException: direct buffer > at > io.netty.buffer.UnpooledUnsafeDirectByteBuf.array(UnpooledUnsafeDirectByteBuf.java:199) > at > org.apache.hadoop.hbase.security.SaslClientHandler.write(SaslClientHandler.java:308) > 2. > [sourcecode|https://github.com/apache/hbase/blob/master/hbase-client/src/main/java/org/apache/hadoop/hbase/ipc/AsyncRpcChannelImpl.java#L212] > has deadlocks problem. > 3. TestAsyncSecureIPC doesn't cover the sasl encryption test case. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (HBASE-15830) Sasl encryption doesn't work with AsyncRpcChannelImpl
[
https://issues.apache.org/jira/browse/HBASE-15830?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15296824#comment-15296824
]
Gary Helmling commented on HBASE-15830:
---
Sorry for the delay in the reivew. A couple comments on the patch:
* please rename {{startHbaseConnectionWithEncryption(Channel ch)}} to just
{{startConnectionWithEncryption(Channel ch)}}. The extra "HBase" is
extraneous. I realize that the corresponding {{startHBaseConnection()}} method
is already named this way, but there is no need to continue it.
* in {{getChannelHeaderBytes(AuthMethod authMethod)}}, why not use
IPCUtil.getTotalSizeWhenWrittenDelimited() instead of hard-coding the extra 4
bytes?
* in {{SaslClientHandler}}, please avoid the whitespace-only / formatting
changes. These make it harder to trace actual code changes over time. Unless
you're making a substantive change to the line itself, these should not be
necessary.
* in {{SaslClientHandler.channelRead()}}:
{code}
if (!useWrap) {
ctx.pipeline().remove(this);
successfulConnectHandler.onSuccess(ctx.channel());
} else {
byte[] wrappedCH = saslClient.wrap(connectionHeader, 0,
connectionHeader.length);
// write connection header
writeSaslToken(ctx, wrappedCH);
successfulConnectHandler.onSaslProtectionSucess(ctx.channel());
}
{code}
It looks like we only write the connection header when qop != auth. Is this
right? Don't we need to write the connection header in both cases?
Have you tested this on a secure cluster with the different QoP configs (at
least auth vs conf)?
> Sasl encryption doesn't work with AsyncRpcChannelImpl
> -
>
> Key: HBASE-15830
> URL: https://issues.apache.org/jira/browse/HBASE-15830
> Project: HBase
> Issue Type: Bug
>Reporter: Colin Ma
> Attachments: HBASE-15830.001.patch, HBASE-15830.002.patch
>
>
> Currently, sasl encryption doesn't work with AsyncRpcChannelImpl, there has 3
> problems:
> 1.
> [sourcecode|https://github.com/apache/hbase/blob/master/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SaslClientHandler.java#L308]
> will throw the following exception:
> java.lang.UnsupportedOperationException: direct buffer
> at
> io.netty.buffer.UnpooledUnsafeDirectByteBuf.array(UnpooledUnsafeDirectByteBuf.java:199)
> at
> org.apache.hadoop.hbase.security.SaslClientHandler.write(SaslClientHandler.java:308)
> 2.
> [sourcecode|https://github.com/apache/hbase/blob/master/hbase-client/src/main/java/org/apache/hadoop/hbase/ipc/AsyncRpcChannelImpl.java#L212]
> has deadlocks problem.
> 3. TestAsyncSecureIPC doesn't cover the sasl encryption test case.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (HBASE-15830) Sasl encryption doesn't work with AsyncRpcChannelImpl
[ https://issues.apache.org/jira/browse/HBASE-15830?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15295932#comment-15295932 ] Colin Ma commented on HBASE-15830: -- hi, [~ghelmling], do you have time to check this patch, thanks for your help. > Sasl encryption doesn't work with AsyncRpcChannelImpl > - > > Key: HBASE-15830 > URL: https://issues.apache.org/jira/browse/HBASE-15830 > Project: HBase > Issue Type: Bug >Reporter: Colin Ma > Attachments: HBASE-15830.001.patch, HBASE-15830.002.patch > > > Currently, sasl encryption doesn't work with AsyncRpcChannelImpl, there has 3 > problems: > 1. > [sourcecode|https://github.com/apache/hbase/blob/master/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SaslClientHandler.java#L308] > will throw the following exception: > java.lang.UnsupportedOperationException: direct buffer > at > io.netty.buffer.UnpooledUnsafeDirectByteBuf.array(UnpooledUnsafeDirectByteBuf.java:199) > at > org.apache.hadoop.hbase.security.SaslClientHandler.write(SaslClientHandler.java:308) > 2. > [sourcecode|https://github.com/apache/hbase/blob/master/hbase-client/src/main/java/org/apache/hadoop/hbase/ipc/AsyncRpcChannelImpl.java#L212] > has deadlocks problem. > 3. TestAsyncSecureIPC doesn't cover the sasl encryption test case. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (HBASE-15830) Sasl encryption doesn't work with AsyncRpcChannelImpl
[ https://issues.apache.org/jira/browse/HBASE-15830?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15295925#comment-15295925 ] Ted Yu commented on HBASE-15830: Gary knows this part of code better than I do. > Sasl encryption doesn't work with AsyncRpcChannelImpl > - > > Key: HBASE-15830 > URL: https://issues.apache.org/jira/browse/HBASE-15830 > Project: HBase > Issue Type: Bug >Reporter: Colin Ma > Attachments: HBASE-15830.001.patch, HBASE-15830.002.patch > > > Currently, sasl encryption doesn't work with AsyncRpcChannelImpl, there has 3 > problems: > 1. > [sourcecode|https://github.com/apache/hbase/blob/master/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SaslClientHandler.java#L308] > will throw the following exception: > java.lang.UnsupportedOperationException: direct buffer > at > io.netty.buffer.UnpooledUnsafeDirectByteBuf.array(UnpooledUnsafeDirectByteBuf.java:199) > at > org.apache.hadoop.hbase.security.SaslClientHandler.write(SaslClientHandler.java:308) > 2. > [sourcecode|https://github.com/apache/hbase/blob/master/hbase-client/src/main/java/org/apache/hadoop/hbase/ipc/AsyncRpcChannelImpl.java#L212] > has deadlocks problem. > 3. TestAsyncSecureIPC doesn't cover the sasl encryption test case. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (HBASE-15830) Sasl encryption doesn't work with AsyncRpcChannelImpl
[ https://issues.apache.org/jira/browse/HBASE-15830?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15295916#comment-15295916 ] Colin Ma commented on HBASE-15830: -- [~tedyu], can you help to check the patch, thanks for your help. > Sasl encryption doesn't work with AsyncRpcChannelImpl > - > > Key: HBASE-15830 > URL: https://issues.apache.org/jira/browse/HBASE-15830 > Project: HBase > Issue Type: Bug >Reporter: Colin Ma > Attachments: HBASE-15830.001.patch, HBASE-15830.002.patch > > > Currently, sasl encryption doesn't work with AsyncRpcChannelImpl, there has 3 > problems: > 1. > [sourcecode|https://github.com/apache/hbase/blob/master/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SaslClientHandler.java#L308] > will throw the following exception: > java.lang.UnsupportedOperationException: direct buffer > at > io.netty.buffer.UnpooledUnsafeDirectByteBuf.array(UnpooledUnsafeDirectByteBuf.java:199) > at > org.apache.hadoop.hbase.security.SaslClientHandler.write(SaslClientHandler.java:308) > 2. > [sourcecode|https://github.com/apache/hbase/blob/master/hbase-client/src/main/java/org/apache/hadoop/hbase/ipc/AsyncRpcChannelImpl.java#L212] > has deadlocks problem. > 3. TestAsyncSecureIPC doesn't cover the sasl encryption test case. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (HBASE-15830) Sasl encryption doesn't work with AsyncRpcChannelImpl
[
https://issues.apache.org/jira/browse/HBASE-15830?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15286740#comment-15286740
]
Hadoop QA commented on HBASE-15830:
---
| (/) *{color:green}+1 overall{color}* |
\\
\\
|| Vote || Subsystem || Runtime || Comment ||
| {color:green}+1{color} | {color:green} hbaseanti {color} | {color:green} 0m
0s {color} | {color:green} Patch does not have any anti-patterns. {color} |
| {color:green}+1{color} | {color:green} @author {color} | {color:green} 0m 0s
{color} | {color:green} The patch does not contain any @author tags. {color} |
| {color:green}+1{color} | {color:green} test4tests {color} | {color:green} 0m
0s {color} | {color:green} The patch appears to include 1 new or modified test
files. {color} |
| {color:blue}0{color} | {color:blue} mvndep {color} | {color:blue} 0m 11s
{color} | {color:blue} Maven dependency ordering for branch {color} |
| {color:green}+1{color} | {color:green} mvninstall {color} | {color:green} 3m
2s {color} | {color:green} master passed {color} |
| {color:green}+1{color} | {color:green} compile {color} | {color:green} 0m 53s
{color} | {color:green} master passed with JDK v1.8.0 {color} |
| {color:green}+1{color} | {color:green} compile {color} | {color:green} 0m 48s
{color} | {color:green} master passed with JDK v1.7.0_79 {color} |
| {color:green}+1{color} | {color:green} checkstyle {color} | {color:green} 0m
52s {color} | {color:green} master passed {color} |
| {color:green}+1{color} | {color:green} mvneclipse {color} | {color:green} 0m
26s {color} | {color:green} master passed {color} |
| {color:green}+1{color} | {color:green} findbugs {color} | {color:green} 2m
49s {color} | {color:green} master passed {color} |
| {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 0m 51s
{color} | {color:green} master passed with JDK v1.8.0 {color} |
| {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 0m 51s
{color} | {color:green} master passed with JDK v1.7.0_79 {color} |
| {color:blue}0{color} | {color:blue} mvndep {color} | {color:blue} 0m 10s
{color} | {color:blue} Maven dependency ordering for patch {color} |
| {color:green}+1{color} | {color:green} mvninstall {color} | {color:green} 1m
0s {color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} compile {color} | {color:green} 1m 4s
{color} | {color:green} the patch passed with JDK v1.8.0 {color} |
| {color:green}+1{color} | {color:green} javac {color} | {color:green} 1m 4s
{color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} compile {color} | {color:green} 0m 49s
{color} | {color:green} the patch passed with JDK v1.7.0_79 {color} |
| {color:green}+1{color} | {color:green} javac {color} | {color:green} 0m 49s
{color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} checkstyle {color} | {color:green} 0m
48s {color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} mvneclipse {color} | {color:green} 0m
29s {color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} whitespace {color} | {color:green} 0m
0s {color} | {color:green} Patch has no whitespace issues. {color} |
| {color:green}+1{color} | {color:green} hadoopcheck {color} | {color:green} 8m
27s {color} | {color:green} Patch does not cause any errors with Hadoop 2.4.1
2.5.2 2.6.0. {color} |
| {color:green}+1{color} | {color:green} findbugs {color} | {color:green} 3m
21s {color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 0m 52s
{color} | {color:green} the patch passed with JDK v1.8.0 {color} |
| {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 0m 52s
{color} | {color:green} the patch passed with JDK v1.7.0_79 {color} |
| {color:green}+1{color} | {color:green} unit {color} | {color:green} 0m 56s
{color} | {color:green} hbase-client in the patch passed. {color} |
| {color:green}+1{color} | {color:green} unit {color} | {color:green} 99m 47s
{color} | {color:green} hbase-server in the patch passed. {color} |
| {color:green}+1{color} | {color:green} asflicense {color} | {color:green} 1m
29s {color} | {color:green} Patch does not generate ASF License warnings.
{color} |
| {color:black}{color} | {color:black} {color} | {color:black} 131m 29s {color}
| {color:black} {color} |
\\
\\
|| Subsystem || Report/Notes ||
| JIRA Patch URL |
https://issues.apache.org/jira/secure/attachment/12804401/HBASE-15830.002.patch
|
| JIRA Issue | HBASE-15830 |
| Optional Tests | asflicense javac javadoc unit findbugs hadoopcheck
hbaseanti checkstyle compile |
| uname | Linux asf901.gq1.ygridcore.net 3.13.0-36-lowlatency #63-Ubuntu SMP
PREEMPT Wed Sep 3 21:56:12 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux |
| Build tool | maven |
| Personality |
[jira] [Commented] (HBASE-15830) Sasl encryption doesn't work with AsyncRpcChannelImpl
[ https://issues.apache.org/jira/browse/HBASE-15830?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15284841#comment-15284841 ] Ted Yu commented on HBASE-15830: In the patch, I don't see TestAsyncSecureIPC being modified. I assume you would add new test related to the fix in the next patch. > Sasl encryption doesn't work with AsyncRpcChannelImpl > - > > Key: HBASE-15830 > URL: https://issues.apache.org/jira/browse/HBASE-15830 > Project: HBase > Issue Type: Bug >Reporter: Colin Ma > Attachments: HBASE-15830.001.patch > > > Currently, sasl encryption doesn't work with AsyncRpcChannelImpl, there has 3 > problems: > 1. > [sourcecode|https://github.com/apache/hbase/blob/master/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SaslClientHandler.java#L308] > will throw the following exception: > java.lang.UnsupportedOperationException: direct buffer > at > io.netty.buffer.UnpooledUnsafeDirectByteBuf.array(UnpooledUnsafeDirectByteBuf.java:199) > at > org.apache.hadoop.hbase.security.SaslClientHandler.write(SaslClientHandler.java:308) > 2. > [sourcecode|https://github.com/apache/hbase/blob/master/hbase-client/src/main/java/org/apache/hadoop/hbase/ipc/AsyncRpcChannelImpl.java#L212] > has deadlocks problem. > 3. TestAsyncSecureIPC doesn't cover the sasl encryption test case. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (HBASE-15830) Sasl encryption doesn't work with AsyncRpcChannelImpl
[ https://issues.apache.org/jira/browse/HBASE-15830?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15284453#comment-15284453 ] Colin Ma commented on HBASE-15830: -- [~tedyu], thanks for the review. During the test, got another problem: SaslClientHandler.channelRead can process only 512b data. I'll try to add SaslClientHandler.channelReadComplete to process the message and update the patch later. > Sasl encryption doesn't work with AsyncRpcChannelImpl > - > > Key: HBASE-15830 > URL: https://issues.apache.org/jira/browse/HBASE-15830 > Project: HBase > Issue Type: Bug >Reporter: Colin Ma > Attachments: HBASE-15830.001.patch > > > Currently, sasl encryption doesn't work with AsyncRpcChannelImpl, there has 3 > problems: > 1. > [sourcecode|https://github.com/apache/hbase/blob/master/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SaslClientHandler.java#L308] > will throw the following exception: > java.lang.UnsupportedOperationException: direct buffer > at > io.netty.buffer.UnpooledUnsafeDirectByteBuf.array(UnpooledUnsafeDirectByteBuf.java:199) > at > org.apache.hadoop.hbase.security.SaslClientHandler.write(SaslClientHandler.java:308) > 2. > [sourcecode|https://github.com/apache/hbase/blob/master/hbase-client/src/main/java/org/apache/hadoop/hbase/ipc/AsyncRpcChannelImpl.java#L212] > has deadlocks problem. > 3. TestAsyncSecureIPC doesn't cover the sasl encryption test case. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (HBASE-15830) Sasl encryption doesn't work with AsyncRpcChannelImpl
[
https://issues.apache.org/jira/browse/HBASE-15830?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15283521#comment-15283521
]
Hadoop QA commented on HBASE-15830:
---
| (x) *{color:red}-1 overall{color}* |
\\
\\
|| Vote || Subsystem || Runtime || Comment ||
| {color:green}+1{color} | {color:green} hbaseanti {color} | {color:green} 0m
0s {color} | {color:green} Patch does not have any anti-patterns. {color} |
| {color:green}+1{color} | {color:green} @author {color} | {color:green} 0m 0s
{color} | {color:green} The patch does not contain any @author tags. {color} |
| {color:green}+1{color} | {color:green} test4tests {color} | {color:green} 0m
0s {color} | {color:green} The patch appears to include 1 new or modified test
files. {color} |
| {color:blue}0{color} | {color:blue} mvndep {color} | {color:blue} 2m 41s
{color} | {color:blue} Maven dependency ordering for branch {color} |
| {color:green}+1{color} | {color:green} mvninstall {color} | {color:green} 3m
8s {color} | {color:green} master passed {color} |
| {color:green}+1{color} | {color:green} compile {color} | {color:green} 1m 4s
{color} | {color:green} master passed with JDK v1.8.0 {color} |
| {color:green}+1{color} | {color:green} compile {color} | {color:green} 0m 49s
{color} | {color:green} master passed with JDK v1.7.0_79 {color} |
| {color:green}+1{color} | {color:green} checkstyle {color} | {color:green} 0m
51s {color} | {color:green} master passed {color} |
| {color:green}+1{color} | {color:green} mvneclipse {color} | {color:green} 0m
26s {color} | {color:green} master passed {color} |
| {color:red}-1{color} | {color:red} findbugs {color} | {color:red} 0m 57s
{color} | {color:red} hbase-client in master has 1 extant Findbugs warnings.
{color} |
| {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 0m 52s
{color} | {color:green} master passed with JDK v1.8.0 {color} |
| {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 0m 51s
{color} | {color:green} master passed with JDK v1.7.0_79 {color} |
| {color:blue}0{color} | {color:blue} mvndep {color} | {color:blue} 0m 9s
{color} | {color:blue} Maven dependency ordering for patch {color} |
| {color:green}+1{color} | {color:green} mvninstall {color} | {color:green} 1m
2s {color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} compile {color} | {color:green} 0m 53s
{color} | {color:green} the patch passed with JDK v1.8.0 {color} |
| {color:green}+1{color} | {color:green} javac {color} | {color:green} 0m 53s
{color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} compile {color} | {color:green} 0m 49s
{color} | {color:green} the patch passed with JDK v1.7.0_79 {color} |
| {color:green}+1{color} | {color:green} javac {color} | {color:green} 0m 49s
{color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} checkstyle {color} | {color:green} 0m
49s {color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} mvneclipse {color} | {color:green} 0m
28s {color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} whitespace {color} | {color:green} 0m
0s {color} | {color:green} Patch has no whitespace issues. {color} |
| {color:green}+1{color} | {color:green} hadoopcheck {color} | {color:green} 8m
39s {color} | {color:green} Patch does not cause any errors with Hadoop 2.4.1
2.5.2 2.6.0. {color} |
| {color:green}+1{color} | {color:green} findbugs {color} | {color:green} 3m
27s {color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 0m 51s
{color} | {color:green} the patch passed with JDK v1.8.0 {color} |
| {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 0m 51s
{color} | {color:green} the patch passed with JDK v1.7.0_79 {color} |
| {color:green}+1{color} | {color:green} unit {color} | {color:green} 0m 56s
{color} | {color:green} hbase-client in the patch passed. {color} |
| {color:green}+1{color} | {color:green} unit {color} | {color:green} 99m 26s
{color} | {color:green} hbase-server in the patch passed. {color} |
| {color:green}+1{color} | {color:green} asflicense {color} | {color:green} 0m
26s {color} | {color:green} Patch does not generate ASF License warnings.
{color} |
| {color:black}{color} | {color:black} {color} | {color:black} 132m 58s {color}
| {color:black} {color} |
\\
\\
|| Subsystem || Report/Notes ||
| JIRA Patch URL |
https://issues.apache.org/jira/secure/attachment/12804015/HBASE-15830.001.patch
|
| JIRA Issue | HBASE-15830 |
| Optional Tests | asflicense javac javadoc unit findbugs hadoopcheck
hbaseanti checkstyle compile |
| uname | Linux asf900.gq1.ygridcore.net 3.13.0-36-lowlatency #63-Ubuntu SMP
PREEMPT Wed Sep 3 21:56:12 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux |
| Build tool | maven |
|
