[jira] [Created] (ZOOKEEPER-3566) Send event zxid to watches

2019-10-01 Thread Samuel Nelson (Jira) 
Samuel Nelson created ZOOKEEPER-3566:


 Summary: Send event zxid to watches
 Key: ZOOKEEPER-3566
 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-3566
 Project: ZooKeeper
  Issue Type: Improvement
  Components: server
Reporter: Samuel Nelson


The zxid that triggered a watch should be sent to the watch because it's useful 
for ordering events.

 

Use case:

I'm watching a znode and syncing its contents (and whether it has been deleted) 
to a third system. Without zxid attached to events it makes it very difficult 
to maintain the order of events as they happened in ZK.

 

For example if I modify node `/a/b/c` and then delete it soon after, we have 
two watch events, but no reliable way to communicate to our third system that 
the modification happened before the deletion. If we are given the zxid we can 
use that to order events.

 

Suggested implementation:

Change `IWatchManager#triggerWatch` to take another parameter `Long zxid`. 
Callers pass the zxid of the event.

Add member `Long zxid` to `WatchedEvent`

 



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Created] (ZOOKEEPER-3565) snapfile modified out of target directory during mvn testing

2019-10-01 Thread Patrick D. Hunt (Jira) 
Patrick D. Hunt created ZOOKEEPER-3565:
--

 Summary: snapfile modified out of target directory during mvn 
testing
 Key: ZOOKEEPER-3565
 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-3565
 Project: ZooKeeper
  Issue Type: Bug
  Components: tests
Affects Versions: 3.5.5
Reporter: Patrick D. Hunt


I ran the mvn tests on 3.5 branch and then submitted a PR. I didn't notice that 
one of the snapfiles got caught up in the process, see this commit:

https://github.com/phunt/zookeeper/commit/44c7f93398aa47feea444afd2aaea4592324284e

something seems borked with mvn test - modified (generated/etc...) files should 
be in target not the mainline code.

See discussion here:

https://github.com/apache/zookeeper/pull/1102#issuecomment-537090502



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (ZOOKEEPER-3563) dependency check failing on 3.4 and 3.5 branches - CVE-2019-16869 on Netty

2019-10-01 Thread Hadoop QA (Jira) 


[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-3563?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16942041#comment-16942041
 ] 

Hadoop QA commented on ZOOKEEPER-3563:
--

+1 overall.  GitHub Pull Request  Build
  

+1 @author.  The patch does not contain any @author tags.

+0 tests included.  The patch appears to be a documentation patch that 
doesn't require tests.

+1 javadoc.  The javadoc tool did not generate any warning messages.

+1 javac.  The applied patch does not increase the total number of javac 
compiler warnings.

+1 findbugs.  The patch does not introduce any new Findbugs (version ) 
warnings.

+1 release audit.  The applied patch does not increase the total number of 
release audit warnings.

+1 core tests.  The patch passed core unit tests.

+1 contrib tests.  The patch passed contrib unit tests.

Test results: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/4175//testReport/
Findbugs warnings: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/4175//artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html
Console output: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/4175//console

This message is automatically generated.

> dependency check failing on 3.4 and 3.5 branches - CVE-2019-16869 on Netty
> --
>
> Key: ZOOKEEPER-3563
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-3563
> Project: ZooKeeper
>  Issue Type: Bug
>  Components: security
>Affects Versions: 3.5.5, 3.4.14
>Reporter: Patrick D. Hunt
>Priority: Blocker
>  Labels: pull-request-available
> Fix For: 3.4.15, 3.5.6
>
>  Time Spent: 40m
>  Remaining Estimate: 0h
>
> The mvn dependency check is failing on 3.4 and 3.5:
> 3.4:
> [ERROR] netty-3.10.6.Final.jar: CVE-2019-16869
> 3.5:
> [ERROR] netty-transport-4.1.29.Final.jar: CVE-2019-16869



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Assigned] (ZOOKEEPER-2122) Impplement SSL support in the Zookeeper C client library

2019-10-01 Thread Mate Szalay-Beko (Jira) 


 [ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2122?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Mate Szalay-Beko reassigned ZOOKEEPER-2122:
---

Assignee: Mate Szalay-Beko  (was: shuoshi)

> Impplement SSL support in the Zookeeper C client library
> 
>
> Key: ZOOKEEPER-2122
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2122
> Project: ZooKeeper
>  Issue Type: Sub-task
>  Components: c client
>Affects Versions: 3.5.0
>Reporter: Ashish Amarnath
>Assignee: Mate Szalay-Beko
>Priority: Trivial
>  Labels: build, pull-request-available, security, ssl-tls
> Fix For: 3.6.0, 3.5.7
>
>  Time Spent: 11h 10m
>  Remaining Estimate: 0h
>
> Implement SSL support in the Zookeeper C client library to work with the 
> secure server.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (ZOOKEEPER-2354) ZOOKEEPER-1653 not merged in master and 3.5 branch

2019-10-01 Thread Sujith Simon (Jira) 


[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2354?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16941703#comment-16941703
 ] 

Sujith Simon commented on ZOOKEEPER-2354:
-

I'll raise PR for this issue

> ZOOKEEPER-1653 not merged in master and 3.5 branch
> --
>
> Key: ZOOKEEPER-2354
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2354
> Project: ZooKeeper
>  Issue Type: Bug
>Reporter: Mohammad Arshad
>Assignee: Mohammad Arshad
>Priority: Major
> Fix For: 3.6.0, 3.5.7
>
> Attachments: ZOOKEEPER-2354-01.patch
>
>
> ZOOKEEPER-1653 is merged only to 3.4 branch. 
> It should be merged to 3.5 and master branch as well.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (ZOOKEEPER-1467) Make server principal configurable at client side.

2019-10-01 Thread Sujith Simon (Jira) 


[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-1467?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16941699#comment-16941699
 ] 

Sujith Simon commented on ZOOKEEPER-1467:
-

Can someone pls add me into the contributor list ? Thanks

> Make server principal configurable at client side.
> --
>
> Key: ZOOKEEPER-1467
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-1467
> Project: ZooKeeper
>  Issue Type: Improvement
>  Components: java client
>Affects Versions: 3.4.3, 3.4.4, 3.5.0
>Reporter: Laxman
>Assignee: Eugene Joseph Koontz
>Priority: Major
>  Labels: Security, client, kerberos, pull-request-available, sasl
> Fix For: 3.6.0, 3.5.7
>
> Attachments: ZOOKEEPER-1467.patch, ZOOKEEPER-1467.patch
>
>  Time Spent: 2h 20m
>  Remaining Estimate: 0h
>
> Server principal on client side is derived using hostname.
> org.apache.zookeeper.ClientCnxn.SendThread.startConnect()
> {code}
>try {
> zooKeeperSaslClient = new 
> ZooKeeperSaslClient("zookeeper/"+addr.getHostName());
> }
> {code}
> This may have problems when admin wanted some customized principals like 
> zookeeper/cluste...@hadoop.com where clusterid is the cluster identifier but 
> not the host name.
> IMO, server principal also should be configurable as hadoop is doing.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Assigned] (ZOOKEEPER-2238) Support limiting the maximum number of connections/clients to a zookeeper server.

2019-10-01 Thread Mohammad Arshad (Jira) 


 [ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2238?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Mohammad Arshad reassigned ZOOKEEPER-2238:
--

Assignee: (was: Mohammad Arshad)

> Support limiting the maximum number of connections/clients to a zookeeper 
> server.
> -
>
> Key: ZOOKEEPER-2238
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2238
> Project: ZooKeeper
>  Issue Type: Improvement
>Reporter: nijel
>Priority: Major
>  Labels: pull-request-available
> Attachments: ZOOKEEPER-2238-05.patch, ZOOKEEPER-2238-06.patch, 
> ZOOKEEPER-2238-07.patch, ZOOKEEPER-2238.2.patch, ZOOKEEPER-2238.3.patch, 
> ZOOKEEPER-2238.4.patch, ZOOKEEPER-2238.diff
>
>  Time Spent: 10m
>  Remaining Estimate: 0h
>
> Currently zookeeper have the feature of limiting the maximum number of 
> connection/client  per IP or Host (maxClientCnxns).
> But to safe guard zookeeper server from DoS attack due to many clients from 
> different IPs,  it is better to have a limit of total number of 
> connections/clients to a a single member of the ZooKeeper ensemble as well.
> So the idea is to introduce a new configuration to limit the maximum number 
> of total connections/clients.
> Please share your thoughts.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Resolved] (ZOOKEEPER-1467) Make server principal configurable at client side.

2019-10-01 Thread Mohammad Arshad (Jira) 


 [ 
https://issues.apache.org/jira/browse/ZOOKEEPER-1467?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Mohammad Arshad resolved ZOOKEEPER-1467.

  Tags:   (was: Huawei)
Resolution: Fixed

> Make server principal configurable at client side.
> --
>
> Key: ZOOKEEPER-1467
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-1467
> Project: ZooKeeper
>  Issue Type: Improvement
>  Components: java client
>Affects Versions: 3.4.3, 3.4.4, 3.5.0
>Reporter: Laxman
>Assignee: Eugene Joseph Koontz
>Priority: Major
>  Labels: Security, client, kerberos, pull-request-available, sasl
> Fix For: 3.6.0, 3.5.7
>
> Attachments: ZOOKEEPER-1467.patch, ZOOKEEPER-1467.patch
>
>  Time Spent: 2h 10m
>  Remaining Estimate: 0h
>
> Server principal on client side is derived using hostname.
> org.apache.zookeeper.ClientCnxn.SendThread.startConnect()
> {code}
>try {
> zooKeeperSaslClient = new 
> ZooKeeperSaslClient("zookeeper/"+addr.getHostName());
> }
> {code}
> This may have problems when admin wanted some customized principals like 
> zookeeper/cluste...@hadoop.com where clusterid is the cluster identifier but 
> not the host name.
> IMO, server principal also should be configurable as hadoop is doing.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (ZOOKEEPER-1467) Make server principal configurable at client side.

2019-10-01 Thread Mohammad Arshad (Jira) 


[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-1467?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16941611#comment-16941611
 ] 

Mohammad Arshad commented on ZOOKEEPER-1467:


Thank [~sujithsimon22] for the contribution.
Thanks [~eolivelli], [~enixon] for the reviews.

> Make server principal configurable at client side.
> --
>
> Key: ZOOKEEPER-1467
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-1467
> Project: ZooKeeper
>  Issue Type: Improvement
>  Components: java client
>Affects Versions: 3.4.3, 3.4.4, 3.5.0
>Reporter: Laxman
>Assignee: Eugene Joseph Koontz
>Priority: Major
>  Labels: Security, client, kerberos, pull-request-available, sasl
> Fix For: 3.6.0, 3.5.7
>
> Attachments: ZOOKEEPER-1467.patch, ZOOKEEPER-1467.patch
>
>  Time Spent: 2h 10m
>  Remaining Estimate: 0h
>
> Server principal on client side is derived using hostname.
> org.apache.zookeeper.ClientCnxn.SendThread.startConnect()
> {code}
>try {
> zooKeeperSaslClient = new 
> ZooKeeperSaslClient("zookeeper/"+addr.getHostName());
> }
> {code}
> This may have problems when admin wanted some customized principals like 
> zookeeper/cluste...@hadoop.com where clusterid is the cluster identifier but 
> not the host name.
> IMO, server principal also should be configurable as hadoop is doing.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (ZOOKEEPER-1467) Make server principal configurable at client side.

2019-10-01 Thread Mohammad Arshad (Jira) 


[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-1467?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16941606#comment-16941606
 ] 

Mohammad Arshad commented on ZOOKEEPER-1467:


[~beeflyme] if you disagree with [~sujithsimon22], please create new jira we 
can discuss there whether we can fetch server principal from server itself.

> Make server principal configurable at client side.
> --
>
> Key: ZOOKEEPER-1467
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-1467
> Project: ZooKeeper
>  Issue Type: Improvement
>  Components: java client
>Affects Versions: 3.4.3, 3.4.4, 3.5.0
>Reporter: Laxman
>Assignee: Eugene Joseph Koontz
>Priority: Major
>  Labels: Security, client, kerberos, pull-request-available, sasl
> Fix For: 3.6.0, 3.5.7
>
> Attachments: ZOOKEEPER-1467.patch, ZOOKEEPER-1467.patch
>
>  Time Spent: 2h 10m
>  Remaining Estimate: 0h
>
> Server principal on client side is derived using hostname.
> org.apache.zookeeper.ClientCnxn.SendThread.startConnect()
> {code}
>try {
> zooKeeperSaslClient = new 
> ZooKeeperSaslClient("zookeeper/"+addr.getHostName());
> }
> {code}
> This may have problems when admin wanted some customized principals like 
> zookeeper/cluste...@hadoop.com where clusterid is the cluster identifier but 
> not the host name.
> IMO, server principal also should be configurable as hadoop is doing.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)