[jira] [Commented] (HIVE-23075) Add property for manual configuration of SSL version
[ https://issues.apache.org/jira/browse/HIVE-23075?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17069268#comment-17069268 ] Hive QA commented on HIVE-23075: Here are the results of testing the latest attachment: https://issues.apache.org/jira/secure/attachment/12998006/HIVE-23075.2.patch {color:red}ERROR:{color} -1 due to no test(s) being added or modified. {color:green}SUCCESS:{color} +1 due to 18140 tests passed Test results: https://builds.apache.org/job/PreCommit-HIVE-Build/21308/testReport Console output: https://builds.apache.org/job/PreCommit-HIVE-Build/21308/console Test logs: http://104.198.109.242/logs/PreCommit-HIVE-Build-21308/ Messages: {noformat} Executing org.apache.hive.ptest.execution.TestCheckPhase Executing org.apache.hive.ptest.execution.PrepPhase Executing org.apache.hive.ptest.execution.YetusPhase Executing org.apache.hive.ptest.execution.ExecutionPhase Executing org.apache.hive.ptest.execution.ReportingPhase {noformat} This message is automatically generated. ATTACHMENT ID: 12998006 - PreCommit-HIVE-Build > Add property for manual configuration of SSL version > > > Key: HIVE-23075 > URL: https://issues.apache.org/jira/browse/HIVE-23075 > Project: Hive > Issue Type: Improvement > Components: Security >Reporter: Oleksiy Sayankin >Assignee: Oleksiy Sayankin >Priority: Major > Attachments: HIVE-23075.1.patch, HIVE-23075.2.patch > > Original Estimate: 48h > Remaining Estimate: 48h > > Add property for manual configuration of SSL version -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (HIVE-23075) Add property for manual configuration of SSL version
[ https://issues.apache.org/jira/browse/HIVE-23075?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17069248#comment-17069248 ] Hive QA commented on HIVE-23075: | (x) *{color:red}-1 overall{color}* | \\ \\ || Vote || Subsystem || Runtime || Comment || || || || || {color:brown} Prechecks {color} || | {color:green}+1{color} | {color:green} @author {color} | {color:green} 0m 0s{color} | {color:green} The patch does not contain any @author tags. {color} | || || || || {color:brown} master Compile Tests {color} || | {color:blue}0{color} | {color:blue} mvndep {color} | {color:blue} 1m 49s{color} | {color:blue} Maven dependency ordering for branch {color} | | {color:green}+1{color} | {color:green} mvninstall {color} | {color:green} 7m 52s{color} | {color:green} master passed {color} | | {color:green}+1{color} | {color:green} compile {color} | {color:green} 2m 19s{color} | {color:green} master passed {color} | | {color:green}+1{color} | {color:green} checkstyle {color} | {color:green} 1m 27s{color} | {color:green} master passed {color} | | {color:blue}0{color} | {color:blue} findbugs {color} | {color:blue} 2m 34s{color} | {color:blue} standalone-metastore/metastore-common in master has 35 extant Findbugs warnings. {color} | | {color:blue}0{color} | {color:blue} findbugs {color} | {color:blue} 0m 32s{color} | {color:blue} common in master has 63 extant Findbugs warnings. {color} | | {color:blue}0{color} | {color:blue} findbugs {color} | {color:blue} 1m 14s{color} | {color:blue} standalone-metastore/metastore-server in master has 186 extant Findbugs warnings. {color} | | {color:blue}0{color} | {color:blue} findbugs {color} | {color:blue} 0m 38s{color} | {color:blue} service in master has 50 extant Findbugs warnings. {color} | | {color:blue}0{color} | {color:blue} findbugs {color} | {color:blue} 0m 31s{color} | {color:blue} jdbc in master has 16 extant Findbugs warnings. {color} | | {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 2m 11s{color} | {color:green} master passed {color} | || || || || {color:brown} Patch Compile Tests {color} || | {color:blue}0{color} | {color:blue} mvndep {color} | {color:blue} 0m 24s{color} | {color:blue} Maven dependency ordering for patch {color} | | {color:green}+1{color} | {color:green} mvninstall {color} | {color:green} 2m 47s{color} | {color:green} the patch passed {color} | | {color:green}+1{color} | {color:green} compile {color} | {color:green} 2m 14s{color} | {color:green} the patch passed {color} | | {color:green}+1{color} | {color:green} javac {color} | {color:green} 2m 14s{color} | {color:green} the patch passed {color} | | {color:red}-1{color} | {color:red} checkstyle {color} | {color:red} 0m 14s{color} | {color:red} standalone-metastore/metastore-common: The patch generated 1 new + 303 unchanged - 1 fixed = 304 total (was 304) {color} | | {color:green}+1{color} | {color:green} checkstyle {color} | {color:green} 0m 16s{color} | {color:green} common: The patch generated 0 new + 399 unchanged - 2 fixed = 399 total (was 401) {color} | | {color:green}+1{color} | {color:green} checkstyle {color} | {color:green} 0m 24s{color} | {color:green} standalone-metastore/metastore-server: The patch generated 0 new + 623 unchanged - 1 fixed = 623 total (was 624) {color} | | {color:green}+1{color} | {color:green} checkstyle {color} | {color:green} 0m 13s{color} | {color:green} The patch service passed checkstyle {color} | | {color:green}+1{color} | {color:green} checkstyle {color} | {color:green} 0m 11s{color} | {color:green} The patch jdbc passed checkstyle {color} | | {color:green}+1{color} | {color:green} checkstyle {color} | {color:green} 0m 10s{color} | {color:green} The patch tools-common passed checkstyle {color} | | {color:green}+1{color} | {color:green} whitespace {color} | {color:green} 0m 0s{color} | {color:green} The patch has no whitespace issues. {color} | | {color:green}+1{color} | {color:green} findbugs {color} | {color:green} 6m 34s{color} | {color:green} the patch passed {color} | | {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 2m 15s{color} | {color:green} the patch passed {color} | || || || || {color:brown} Other Tests {color} || | {color:green}+1{color} | {color:green} asflicense {color} | {color:green} 0m 14s{color} | {color:green} The patch does not generate ASF License warnings. {color} | | {color:black}{color} | {color:black} {color} | {color:black} 38m 56s{color} | {color:black} {color} | \\ \\ || Subsystem || Report/Notes || | Optional Tests | asflicense javac javadoc findbugs checkstyle compile | | uname | Linux hiveptest-server-upstream 3.16.0-4-amd64 #1 SMP Debian 3.16.43-2+deb8u5 (2017-09-19) x86_64 GNU/Linux | | Build tool | maven | | Personality | /data/hiveptest/working/yetus_PreCommit-HIVE-Build-21308/dev-support/hive-personality.sh | | git revision | master /
[jira] [Commented] (HIVE-23075) Add property for manual configuration of SSL version
[ https://issues.apache.org/jira/browse/HIVE-23075?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17066779#comment-17066779 ] Hive QA commented on HIVE-23075: Here are the results of testing the latest attachment: https://issues.apache.org/jira/secure/attachment/12997672/HIVE-23075.1.patch {color:red}ERROR:{color} -1 due to no test(s) being added or modified. {color:red}ERROR:{color} -1 due to 8 failed/errored test(s), 18126 tests executed *Failed tests:* {noformat} org.apache.hive.beeline.hs2connection.TestBeelineConnectionUsingHiveSite.testBeelineConnectionSSL (batchId=286) org.apache.hive.beeline.hs2connection.TestBeelineWithUserHs2ConnectionFile.testBeelineConnectionSSL (batchId=286) org.apache.hive.jdbc.TestSSL.testConnectionWrongCertCN (batchId=291) org.apache.hive.jdbc.TestSSL.testMetastoreWithSSL (batchId=291) org.apache.hive.jdbc.TestSSL.testSSLConnectionWithProperty (batchId=291) org.apache.hive.jdbc.TestSSL.testSSLConnectionWithURL (batchId=291) org.apache.hive.jdbc.TestSSL.testSSLFetch (batchId=291) org.apache.hive.minikdc.TestSSLWithMiniKdc.org.apache.hive.minikdc.TestSSLWithMiniKdc (batchId=307) {noformat} Test results: https://builds.apache.org/job/PreCommit-HIVE-Build/21264/testReport Console output: https://builds.apache.org/job/PreCommit-HIVE-Build/21264/console Test logs: http://104.198.109.242/logs/PreCommit-HIVE-Build-21264/ Messages: {noformat} Executing org.apache.hive.ptest.execution.TestCheckPhase Executing org.apache.hive.ptest.execution.PrepPhase Executing org.apache.hive.ptest.execution.YetusPhase Executing org.apache.hive.ptest.execution.ExecutionPhase Executing org.apache.hive.ptest.execution.ReportingPhase Tests exited with: TestsFailedException: 8 tests failed {noformat} This message is automatically generated. ATTACHMENT ID: 12997672 - PreCommit-HIVE-Build > Add property for manual configuration of SSL version > > > Key: HIVE-23075 > URL: https://issues.apache.org/jira/browse/HIVE-23075 > Project: Hive > Issue Type: Improvement > Components: Security >Reporter: Oleksiy Sayankin >Assignee: Oleksiy Sayankin >Priority: Major > Attachments: HIVE-23075.1.patch > > Original Estimate: 48h > Remaining Estimate: 48h > > Add property for manual configuration of SSL version -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (HIVE-23075) Add property for manual configuration of SSL version
[ https://issues.apache.org/jira/browse/HIVE-23075?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17066745#comment-17066745 ] Hive QA commented on HIVE-23075: | (x) *{color:red}-1 overall{color}* | \\ \\ || Vote || Subsystem || Runtime || Comment || || || || || {color:brown} Prechecks {color} || | {color:green}+1{color} | {color:green} @author {color} | {color:green} 0m 0s{color} | {color:green} The patch does not contain any @author tags. {color} | || || || || {color:brown} master Compile Tests {color} || | {color:blue}0{color} | {color:blue} mvndep {color} | {color:blue} 1m 35s{color} | {color:blue} Maven dependency ordering for branch {color} | | {color:green}+1{color} | {color:green} mvninstall {color} | {color:green} 7m 53s{color} | {color:green} master passed {color} | | {color:green}+1{color} | {color:green} compile {color} | {color:green} 2m 20s{color} | {color:green} master passed {color} | | {color:green}+1{color} | {color:green} checkstyle {color} | {color:green} 1m 27s{color} | {color:green} master passed {color} | | {color:blue}0{color} | {color:blue} findbugs {color} | {color:blue} 2m 40s{color} | {color:blue} standalone-metastore/metastore-common in master has 35 extant Findbugs warnings. {color} | | {color:blue}0{color} | {color:blue} findbugs {color} | {color:blue} 0m 34s{color} | {color:blue} common in master has 63 extant Findbugs warnings. {color} | | {color:blue}0{color} | {color:blue} findbugs {color} | {color:blue} 1m 13s{color} | {color:blue} standalone-metastore/metastore-server in master has 187 extant Findbugs warnings. {color} | | {color:blue}0{color} | {color:blue} findbugs {color} | {color:blue} 0m 38s{color} | {color:blue} service in master has 50 extant Findbugs warnings. {color} | | {color:blue}0{color} | {color:blue} findbugs {color} | {color:blue} 0m 29s{color} | {color:blue} jdbc in master has 16 extant Findbugs warnings. {color} | | {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 2m 16s{color} | {color:green} master passed {color} | || || || || {color:brown} Patch Compile Tests {color} || | {color:blue}0{color} | {color:blue} mvndep {color} | {color:blue} 0m 29s{color} | {color:blue} Maven dependency ordering for patch {color} | | {color:green}+1{color} | {color:green} mvninstall {color} | {color:green} 2m 53s{color} | {color:green} the patch passed {color} | | {color:green}+1{color} | {color:green} compile {color} | {color:green} 2m 14s{color} | {color:green} the patch passed {color} | | {color:green}+1{color} | {color:green} javac {color} | {color:green} 2m 14s{color} | {color:green} the patch passed {color} | | {color:red}-1{color} | {color:red} checkstyle {color} | {color:red} 0m 13s{color} | {color:red} standalone-metastore/metastore-common: The patch generated 2 new + 303 unchanged - 1 fixed = 305 total (was 304) {color} | | {color:red}-1{color} | {color:red} checkstyle {color} | {color:red} 0m 16s{color} | {color:red} common: The patch generated 2 new + 399 unchanged - 2 fixed = 401 total (was 401) {color} | | {color:green}+1{color} | {color:green} checkstyle {color} | {color:green} 0m 23s{color} | {color:green} standalone-metastore/metastore-server: The patch generated 0 new + 623 unchanged - 1 fixed = 623 total (was 624) {color} | | {color:green}+1{color} | {color:green} checkstyle {color} | {color:green} 0m 12s{color} | {color:green} The patch service passed checkstyle {color} | | {color:green}+1{color} | {color:green} checkstyle {color} | {color:green} 0m 12s{color} | {color:green} The patch jdbc passed checkstyle {color} | | {color:green}+1{color} | {color:green} checkstyle {color} | {color:green} 0m 11s{color} | {color:green} The patch tools-common passed checkstyle {color} | | {color:green}+1{color} | {color:green} whitespace {color} | {color:green} 0m 0s{color} | {color:green} The patch has no whitespace issues. {color} | | {color:green}+1{color} | {color:green} findbugs {color} | {color:green} 6m 39s{color} | {color:green} the patch passed {color} | | {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 2m 15s{color} | {color:green} the patch passed {color} | || || || || {color:brown} Other Tests {color} || | {color:green}+1{color} | {color:green} asflicense {color} | {color:green} 0m 14s{color} | {color:green} The patch does not generate ASF License warnings. {color} | | {color:black}{color} | {color:black} {color} | {color:black} 39m 16s{color} | {color:black} {color} | \\ \\ || Subsystem || Report/Notes || | Optional Tests | asflicense javac javadoc findbugs checkstyle compile | | uname | Linux hiveptest-server-upstream 3.16.0-4-amd64 #1 SMP Debian 3.16.43-2+deb8u5 (2017-09-19) x86_64 GNU/Linux | | Build tool | maven | | Personality | /data/hiveptest/working/yetus_PreCommit-HIVE-Build-21264/dev-support/hive-personality.sh | | git revision | master / 3c42258
[jira] [Commented] (HIVE-23075) Add property for manual configuration of SSL version
[ https://issues.apache.org/jira/browse/HIVE-23075?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=1700#comment-1700 ] Oleksiy Sayankin commented on HIVE-23075: - *FIXED* *SOLUTION* *1.* Add new property {{hive.ssl.protocol.version}} with default value {{TLSv1.2}}. This is SSL protocol versions for all Hive Servers. This property is set in {{hive-site.xml}} and requires Hive services to be restarted to make the change take effect. *2.* Add logging with SSL version. See example in HiveServer2: {code} 2020-03-23T14:24:57,907 INFO [main] http.HttpServer: Current SSL protocol version is TLSv1.2 2020-03-23T14:24:58,008 INFO [Thread-8] auth.HiveAuthUtils: SSL Server Socket Enabled Protocols: [SSLv2Hello, TLSv1, TLSv1.1, TLSv1.2] 2020-03-23T14:24:58,008 INFO [Thread-8] thrift.ThriftCLIService: Current SSL protocol version is TLSv1.2 2020-03-23T14:24:58,119 INFO [main] server.AbstractConnector: Started ServerConnector@71978f46{SSL,[ssl, http/1.1]}{0.0.0.0:10002} {code} In webhcat: {code} INFO | 23 Mar 2020 14:25:03,363 | org.apache.hive.hcatalog.templeton.Main | Using SSL for templeton. INFO | 23 Mar 2020 14:25:03,641 | org.apache.hive.hcatalog.templeton.Main | Current SSL protocol version is TLSv1.2 {code} *EFFECTS* 1. JDBC SSL connection 2. WebHCat SSL conection > Add property for manual configuration of SSL version > > > Key: HIVE-23075 > URL: https://issues.apache.org/jira/browse/HIVE-23075 > Project: Hive > Issue Type: Improvement > Components: Security >Reporter: Oleksiy Sayankin >Assignee: Oleksiy Sayankin >Priority: Major > Attachments: HIVE-23075.1.patch > > Original Estimate: 48h > Remaining Estimate: 48h > > Add property for manual configuration of SSL version -- This message was sent by Atlassian Jira (v8.3.4#803005)