[jira] [Commented] (HIVE-23075) Add property for manual configuration of SSL version
[
https://issues.apache.org/jira/browse/HIVE-23075?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17069268#comment-17069268
]
Hive QA commented on HIVE-23075:
Here are the results of testing the latest attachment:
https://issues.apache.org/jira/secure/attachment/12998006/HIVE-23075.2.patch
{color:red}ERROR:{color} -1 due to no test(s) being added or modified.
{color:green}SUCCESS:{color} +1 due to 18140 tests passed
Test results:
https://builds.apache.org/job/PreCommit-HIVE-Build/21308/testReport
Console output: https://builds.apache.org/job/PreCommit-HIVE-Build/21308/console
Test logs: http://104.198.109.242/logs/PreCommit-HIVE-Build-21308/
Messages:
{noformat}
Executing org.apache.hive.ptest.execution.TestCheckPhase
Executing org.apache.hive.ptest.execution.PrepPhase
Executing org.apache.hive.ptest.execution.YetusPhase
Executing org.apache.hive.ptest.execution.ExecutionPhase
Executing org.apache.hive.ptest.execution.ReportingPhase
{noformat}
This message is automatically generated.
ATTACHMENT ID: 12998006 - PreCommit-HIVE-Build
> Add property for manual configuration of SSL version
>
>
> Key: HIVE-23075
> URL: https://issues.apache.org/jira/browse/HIVE-23075
> Project: Hive
> Issue Type: Improvement
> Components: Security
>Reporter: Oleksiy Sayankin
>Assignee: Oleksiy Sayankin
>Priority: Major
> Attachments: HIVE-23075.1.patch, HIVE-23075.2.patch
>
> Original Estimate: 48h
> Remaining Estimate: 48h
>
> Add property for manual configuration of SSL version
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
[jira] [Commented] (HIVE-23075) Add property for manual configuration of SSL version
[
https://issues.apache.org/jira/browse/HIVE-23075?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17069248#comment-17069248
]
Hive QA commented on HIVE-23075:
| (x) *{color:red}-1 overall{color}* |
\\
\\
|| Vote || Subsystem || Runtime || Comment ||
|| || || || {color:brown} Prechecks {color} ||
| {color:green}+1{color} | {color:green} @author {color} | {color:green} 0m
0s{color} | {color:green} The patch does not contain any @author tags. {color} |
|| || || || {color:brown} master Compile Tests {color} ||
| {color:blue}0{color} | {color:blue} mvndep {color} | {color:blue} 1m
49s{color} | {color:blue} Maven dependency ordering for branch {color} |
| {color:green}+1{color} | {color:green} mvninstall {color} | {color:green} 7m
52s{color} | {color:green} master passed {color} |
| {color:green}+1{color} | {color:green} compile {color} | {color:green} 2m
19s{color} | {color:green} master passed {color} |
| {color:green}+1{color} | {color:green} checkstyle {color} | {color:green} 1m
27s{color} | {color:green} master passed {color} |
| {color:blue}0{color} | {color:blue} findbugs {color} | {color:blue} 2m
34s{color} | {color:blue} standalone-metastore/metastore-common in master has
35 extant Findbugs warnings. {color} |
| {color:blue}0{color} | {color:blue} findbugs {color} | {color:blue} 0m
32s{color} | {color:blue} common in master has 63 extant Findbugs warnings.
{color} |
| {color:blue}0{color} | {color:blue} findbugs {color} | {color:blue} 1m
14s{color} | {color:blue} standalone-metastore/metastore-server in master has
186 extant Findbugs warnings. {color} |
| {color:blue}0{color} | {color:blue} findbugs {color} | {color:blue} 0m
38s{color} | {color:blue} service in master has 50 extant Findbugs warnings.
{color} |
| {color:blue}0{color} | {color:blue} findbugs {color} | {color:blue} 0m
31s{color} | {color:blue} jdbc in master has 16 extant Findbugs warnings.
{color} |
| {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 2m
11s{color} | {color:green} master passed {color} |
|| || || || {color:brown} Patch Compile Tests {color} ||
| {color:blue}0{color} | {color:blue} mvndep {color} | {color:blue} 0m
24s{color} | {color:blue} Maven dependency ordering for patch {color} |
| {color:green}+1{color} | {color:green} mvninstall {color} | {color:green} 2m
47s{color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} compile {color} | {color:green} 2m
14s{color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} javac {color} | {color:green} 2m
14s{color} | {color:green} the patch passed {color} |
| {color:red}-1{color} | {color:red} checkstyle {color} | {color:red} 0m
14s{color} | {color:red} standalone-metastore/metastore-common: The patch
generated 1 new + 303 unchanged - 1 fixed = 304 total (was 304) {color} |
| {color:green}+1{color} | {color:green} checkstyle {color} | {color:green} 0m
16s{color} | {color:green} common: The patch generated 0 new + 399 unchanged -
2 fixed = 399 total (was 401) {color} |
| {color:green}+1{color} | {color:green} checkstyle {color} | {color:green} 0m
24s{color} | {color:green} standalone-metastore/metastore-server: The patch
generated 0 new + 623 unchanged - 1 fixed = 623 total (was 624) {color} |
| {color:green}+1{color} | {color:green} checkstyle {color} | {color:green} 0m
13s{color} | {color:green} The patch service passed checkstyle {color} |
| {color:green}+1{color} | {color:green} checkstyle {color} | {color:green} 0m
11s{color} | {color:green} The patch jdbc passed checkstyle {color} |
| {color:green}+1{color} | {color:green} checkstyle {color} | {color:green} 0m
10s{color} | {color:green} The patch tools-common passed checkstyle {color} |
| {color:green}+1{color} | {color:green} whitespace {color} | {color:green} 0m
0s{color} | {color:green} The patch has no whitespace issues. {color} |
| {color:green}+1{color} | {color:green} findbugs {color} | {color:green} 6m
34s{color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 2m
15s{color} | {color:green} the patch passed {color} |
|| || || || {color:brown} Other Tests {color} ||
| {color:green}+1{color} | {color:green} asflicense {color} | {color:green} 0m
14s{color} | {color:green} The patch does not generate ASF License warnings.
{color} |
| {color:black}{color} | {color:black} {color} | {color:black} 38m 56s{color} |
{color:black} {color} |
\\
\\
|| Subsystem || Report/Notes ||
| Optional Tests | asflicense javac javadoc findbugs checkstyle compile |
| uname | Linux hiveptest-server-upstream 3.16.0-4-amd64 #1 SMP Debian
3.16.43-2+deb8u5 (2017-09-19) x86_64 GNU/Linux |
| Build tool | maven |
| Personality |
/data/hiveptest/working/yetus_PreCommit-HIVE-Build-21308/dev-support/hive-personality.sh
|
| git revision | master /
[jira] [Commented] (HIVE-23075) Add property for manual configuration of SSL version
[
https://issues.apache.org/jira/browse/HIVE-23075?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17066779#comment-17066779
]
Hive QA commented on HIVE-23075:
Here are the results of testing the latest attachment:
https://issues.apache.org/jira/secure/attachment/12997672/HIVE-23075.1.patch
{color:red}ERROR:{color} -1 due to no test(s) being added or modified.
{color:red}ERROR:{color} -1 due to 8 failed/errored test(s), 18126 tests
executed
*Failed tests:*
{noformat}
org.apache.hive.beeline.hs2connection.TestBeelineConnectionUsingHiveSite.testBeelineConnectionSSL
(batchId=286)
org.apache.hive.beeline.hs2connection.TestBeelineWithUserHs2ConnectionFile.testBeelineConnectionSSL
(batchId=286)
org.apache.hive.jdbc.TestSSL.testConnectionWrongCertCN (batchId=291)
org.apache.hive.jdbc.TestSSL.testMetastoreWithSSL (batchId=291)
org.apache.hive.jdbc.TestSSL.testSSLConnectionWithProperty (batchId=291)
org.apache.hive.jdbc.TestSSL.testSSLConnectionWithURL (batchId=291)
org.apache.hive.jdbc.TestSSL.testSSLFetch (batchId=291)
org.apache.hive.minikdc.TestSSLWithMiniKdc.org.apache.hive.minikdc.TestSSLWithMiniKdc
(batchId=307)
{noformat}
Test results:
https://builds.apache.org/job/PreCommit-HIVE-Build/21264/testReport
Console output: https://builds.apache.org/job/PreCommit-HIVE-Build/21264/console
Test logs: http://104.198.109.242/logs/PreCommit-HIVE-Build-21264/
Messages:
{noformat}
Executing org.apache.hive.ptest.execution.TestCheckPhase
Executing org.apache.hive.ptest.execution.PrepPhase
Executing org.apache.hive.ptest.execution.YetusPhase
Executing org.apache.hive.ptest.execution.ExecutionPhase
Executing org.apache.hive.ptest.execution.ReportingPhase
Tests exited with: TestsFailedException: 8 tests failed
{noformat}
This message is automatically generated.
ATTACHMENT ID: 12997672 - PreCommit-HIVE-Build
> Add property for manual configuration of SSL version
>
>
> Key: HIVE-23075
> URL: https://issues.apache.org/jira/browse/HIVE-23075
> Project: Hive
> Issue Type: Improvement
> Components: Security
>Reporter: Oleksiy Sayankin
>Assignee: Oleksiy Sayankin
>Priority: Major
> Attachments: HIVE-23075.1.patch
>
> Original Estimate: 48h
> Remaining Estimate: 48h
>
> Add property for manual configuration of SSL version
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
[jira] [Commented] (HIVE-23075) Add property for manual configuration of SSL version
[
https://issues.apache.org/jira/browse/HIVE-23075?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17066745#comment-17066745
]
Hive QA commented on HIVE-23075:
| (x) *{color:red}-1 overall{color}* |
\\
\\
|| Vote || Subsystem || Runtime || Comment ||
|| || || || {color:brown} Prechecks {color} ||
| {color:green}+1{color} | {color:green} @author {color} | {color:green} 0m
0s{color} | {color:green} The patch does not contain any @author tags. {color} |
|| || || || {color:brown} master Compile Tests {color} ||
| {color:blue}0{color} | {color:blue} mvndep {color} | {color:blue} 1m
35s{color} | {color:blue} Maven dependency ordering for branch {color} |
| {color:green}+1{color} | {color:green} mvninstall {color} | {color:green} 7m
53s{color} | {color:green} master passed {color} |
| {color:green}+1{color} | {color:green} compile {color} | {color:green} 2m
20s{color} | {color:green} master passed {color} |
| {color:green}+1{color} | {color:green} checkstyle {color} | {color:green} 1m
27s{color} | {color:green} master passed {color} |
| {color:blue}0{color} | {color:blue} findbugs {color} | {color:blue} 2m
40s{color} | {color:blue} standalone-metastore/metastore-common in master has
35 extant Findbugs warnings. {color} |
| {color:blue}0{color} | {color:blue} findbugs {color} | {color:blue} 0m
34s{color} | {color:blue} common in master has 63 extant Findbugs warnings.
{color} |
| {color:blue}0{color} | {color:blue} findbugs {color} | {color:blue} 1m
13s{color} | {color:blue} standalone-metastore/metastore-server in master has
187 extant Findbugs warnings. {color} |
| {color:blue}0{color} | {color:blue} findbugs {color} | {color:blue} 0m
38s{color} | {color:blue} service in master has 50 extant Findbugs warnings.
{color} |
| {color:blue}0{color} | {color:blue} findbugs {color} | {color:blue} 0m
29s{color} | {color:blue} jdbc in master has 16 extant Findbugs warnings.
{color} |
| {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 2m
16s{color} | {color:green} master passed {color} |
|| || || || {color:brown} Patch Compile Tests {color} ||
| {color:blue}0{color} | {color:blue} mvndep {color} | {color:blue} 0m
29s{color} | {color:blue} Maven dependency ordering for patch {color} |
| {color:green}+1{color} | {color:green} mvninstall {color} | {color:green} 2m
53s{color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} compile {color} | {color:green} 2m
14s{color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} javac {color} | {color:green} 2m
14s{color} | {color:green} the patch passed {color} |
| {color:red}-1{color} | {color:red} checkstyle {color} | {color:red} 0m
13s{color} | {color:red} standalone-metastore/metastore-common: The patch
generated 2 new + 303 unchanged - 1 fixed = 305 total (was 304) {color} |
| {color:red}-1{color} | {color:red} checkstyle {color} | {color:red} 0m
16s{color} | {color:red} common: The patch generated 2 new + 399 unchanged - 2
fixed = 401 total (was 401) {color} |
| {color:green}+1{color} | {color:green} checkstyle {color} | {color:green} 0m
23s{color} | {color:green} standalone-metastore/metastore-server: The patch
generated 0 new + 623 unchanged - 1 fixed = 623 total (was 624) {color} |
| {color:green}+1{color} | {color:green} checkstyle {color} | {color:green} 0m
12s{color} | {color:green} The patch service passed checkstyle {color} |
| {color:green}+1{color} | {color:green} checkstyle {color} | {color:green} 0m
12s{color} | {color:green} The patch jdbc passed checkstyle {color} |
| {color:green}+1{color} | {color:green} checkstyle {color} | {color:green} 0m
11s{color} | {color:green} The patch tools-common passed checkstyle {color} |
| {color:green}+1{color} | {color:green} whitespace {color} | {color:green} 0m
0s{color} | {color:green} The patch has no whitespace issues. {color} |
| {color:green}+1{color} | {color:green} findbugs {color} | {color:green} 6m
39s{color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 2m
15s{color} | {color:green} the patch passed {color} |
|| || || || {color:brown} Other Tests {color} ||
| {color:green}+1{color} | {color:green} asflicense {color} | {color:green} 0m
14s{color} | {color:green} The patch does not generate ASF License warnings.
{color} |
| {color:black}{color} | {color:black} {color} | {color:black} 39m 16s{color} |
{color:black} {color} |
\\
\\
|| Subsystem || Report/Notes ||
| Optional Tests | asflicense javac javadoc findbugs checkstyle compile |
| uname | Linux hiveptest-server-upstream 3.16.0-4-amd64 #1 SMP Debian
3.16.43-2+deb8u5 (2017-09-19) x86_64 GNU/Linux |
| Build tool | maven |
| Personality |
/data/hiveptest/working/yetus_PreCommit-HIVE-Build-21264/dev-support/hive-personality.sh
|
| git revision | master / 3c42258
[jira] [Commented] (HIVE-23075) Add property for manual configuration of SSL version
[
https://issues.apache.org/jira/browse/HIVE-23075?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=1700#comment-1700
]
Oleksiy Sayankin commented on HIVE-23075:
-
*FIXED*
*SOLUTION*
*1.*
Add new property {{hive.ssl.protocol.version}} with default value {{TLSv1.2}}.
This is SSL protocol versions for all Hive Servers. This property is set in
{{hive-site.xml}} and requires Hive services to be restarted to make the change
take effect.
*2.*
Add logging with SSL version. See example in HiveServer2:
{code}
2020-03-23T14:24:57,907 INFO [main] http.HttpServer: Current SSL protocol
version is TLSv1.2
2020-03-23T14:24:58,008 INFO [Thread-8] auth.HiveAuthUtils: SSL Server Socket
Enabled Protocols: [SSLv2Hello, TLSv1, TLSv1.1, TLSv1.2]
2020-03-23T14:24:58,008 INFO [Thread-8] thrift.ThriftCLIService: Current SSL
protocol version is TLSv1.2
2020-03-23T14:24:58,119 INFO [main] server.AbstractConnector: Started
ServerConnector@71978f46{SSL,[ssl, http/1.1]}{0.0.0.0:10002}
{code}
In webhcat:
{code}
INFO | 23 Mar 2020 14:25:03,363 | org.apache.hive.hcatalog.templeton.Main |
Using SSL for templeton.
INFO | 23 Mar 2020 14:25:03,641 | org.apache.hive.hcatalog.templeton.Main |
Current SSL protocol version is TLSv1.2
{code}
*EFFECTS*
1. JDBC SSL connection
2. WebHCat SSL conection
> Add property for manual configuration of SSL version
>
>
> Key: HIVE-23075
> URL: https://issues.apache.org/jira/browse/HIVE-23075
> Project: Hive
> Issue Type: Improvement
> Components: Security
>Reporter: Oleksiy Sayankin
>Assignee: Oleksiy Sayankin
>Priority: Major
> Attachments: HIVE-23075.1.patch
>
> Original Estimate: 48h
> Remaining Estimate: 48h
>
> Add property for manual configuration of SSL version
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
