[GitHub] drill pull request #874: DRILL-5663: Drillbit fails to start when only keyst...

Fri, 14 Jul 2017 12:21:17 -0700 

Github user paul-rogers commented on a diff in the pull request:

    https://github.com/apache/drill/pull/874#discussion_r127530151
  
    --- Diff: 
exec/java-exec/src/main/java/org/apache/drill/exec/server/rest/WebServer.java 
---
    @@ -264,19 +265,26 @@ private ServerConnector createHttpsConnector() throws 
Exception {
     
         final SslContextFactory sslContextFactory = new SslContextFactory();
     
    -    if (config.hasPath(ExecConstants.HTTP_KEYSTORE_PATH) &&
    -        
!Strings.isNullOrEmpty(config.getString(ExecConstants.HTTP_KEYSTORE_PATH))) {
    -      logger.info("Using configured SSL settings for web server");
    -      
sslContextFactory.setKeyStorePath(config.getString(ExecConstants.HTTP_KEYSTORE_PATH));
    -      
sslContextFactory.setKeyStorePassword(config.getString(ExecConstants.HTTP_KEYSTORE_PASSWORD));
    -
    -      // TrustStore and TrustStore password are optional
    -      if (config.hasPath(ExecConstants.HTTP_TRUSTSTORE_PATH)) {
    -        
sslContextFactory.setTrustStorePath(config.getString(ExecConstants.HTTP_TRUSTSTORE_PATH));
    -        if (config.hasPath(ExecConstants.HTTP_TRUSTSTORE_PASSWORD)) {
    -          
sslContextFactory.setTrustStorePassword(config.getString(ExecConstants.HTTP_TRUSTSTORE_PASSWORD));
    -        }
    +    final boolean hasPath = 
config.hasPath(ExecConstants.HTTP_KEYSTORE_PATH);
    +    final boolean hasPassword = 
config.hasPath(ExecConstants.HTTP_KEYSTORE_PASSWORD);
    +
    +    // Check if both keypath and password are present or not
    +    if (hasPath && hasPassword) {
    +      final String pathValue = 
config.getString(ExecConstants.HTTP_KEYSTORE_PATH);
    +      final String passwordValue = 
config.getString(ExecConstants.HTTP_KEYSTORE_PASSWORD);
    +
    +      // checking if any one of them is null or empty
    +      if (!Strings.isNullOrEmpty(pathValue) && 
!Strings.isNullOrEmpty(passwordValue)) {
    +        sslContextFactory.setKeyStorePath(pathValue);
    +        sslContextFactory.setKeyStorePassword(passwordValue);
    +      }
    +
    +      // Throwing an exception if anyone of them is null or empty
    +      else {
    +        throw new DrillbitStartupException("keystorepath and/or 
keystorepassword can't be empty.");
    --- End diff --
    
    Please provide a bit of a clearer message. Also, provide the actual path 
name. This will be the critical message for folks that made mistake, the 
Drillbit won't start, and they have to figure out what's what.
    
    Maybe,
    
    ```
    "To enable web UI security, both " + ExecConstants.HTTP_KEYSTORE_PATH + " 
and " + ... + " are required.";
    ```
    
    Also, this is just for the Web UI? In that case, maybe just disable the web 
UI, but don't fail the Drillbit.
    
    ```
    "Web UI misconfiguration: web UI is disabled."
    ```


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

Reply via email to