[ https://issues.apache.org/jira/browse/HDFS-3059?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14965791#comment-14965791 ]
Hudson commented on HDFS-3059: ------------------------------ FAILURE: Integrated in Hadoop-trunk-Commit #8672 (See [https://builds.apache.org/job/Hadoop-trunk-Commit/8672/]) HDFS-3059. ssl-server.xml causes NullPointer. Contributed by Xiao Chen. (wang: rev 6c8b6f3646b31a3e028704bc7fd78bf319f89f0a) * hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/TestHDFSServerPorts.java * hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/DFSUtil.java * hadoop-hdfs-project/hadoop-hdfs/CHANGES.txt * hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/SecondaryNameNode.java * hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/DFSConfigKeys.java > ssl-server.xml causes NullPointer > --------------------------------- > > Key: HDFS-3059 > URL: https://issues.apache.org/jira/browse/HDFS-3059 > Project: Hadoop HDFS > Issue Type: Bug > Components: datanode, security > Affects Versions: 2.7.1 > Environment: in core-site.xml: > {code:xml} > <property> > <name>hadoop.security.authentication</name> > <value>kerberos</value> > </property> > <property> > <name>hadoop.security.authorization</name> > <value>true</value> > </property> > {code} > in hdfs-site.xml: > {code:xml} > <property> > <name>dfs.https.server.keystore.resource</name> > <value>/etc/hadoop/conf/ssl-server.xml</value> > </property> > <property> > <name>dfs.https.enable</name> > <value>true</value> > </property> > <property> > ...other security props > </property> > {code} > Reporter: Evert Lammerts > Assignee: Xiao Chen > Priority: Minor > Labels: BB2015-05-TBR > Fix For: 3.0.0 > > Attachments: HDFS-3059.02.patch, HDFS-3059.03.patch, > HDFS-3059.04.patch, HDFS-3059.05.patch, HDFS-3059.06.patch, > HDFS-3059.07.patch, HDFS-3059.08.patch, HDFS-3059.patch, HDFS-3059.patch.2 > > > If ssl is enabled (dfs.https.enable) but ssl-server.xml is not available, a > DN will crash during startup while setting up an SSL socket with a > NullPointerException: > {noformat}12/03/07 17:08:36 DEBUG security.Krb5AndCertsSslSocketConnector: > useKerb = false, useCerts = true > jetty.ssl.password : jetty.ssl.keypassword : 12/03/07 17:08:36 INFO > mortbay.log: jetty-6.1.26.cloudera.1 > 12/03/07 17:08:36 INFO mortbay.log: Started > selectchannelconnec...@p-worker35.alley.sara.nl:1006 > 12/03/07 17:08:36 DEBUG security.Krb5AndCertsSslSocketConnector: Creating new > KrbServerSocket for: 0.0.0.0 > 12/03/07 17:08:36 WARN mortbay.log: java.lang.NullPointerException > 12/03/07 17:08:36 WARN mortbay.log: failed > Krb5AndCertsSslSocketConnector@0.0.0.0:50475: java.io.IOException: > !JsseListener: java.lang.NullPointerException > 12/03/07 17:08:36 WARN mortbay.log: failed Server@604788d5: > java.io.IOException: !JsseListener: java.lang.NullPointerException > 12/03/07 17:08:36 INFO mortbay.log: Stopped > Krb5AndCertsSslSocketConnector@0.0.0.0:50475 > 12/03/07 17:08:36 INFO mortbay.log: Stopped > selectchannelconnec...@p-worker35.alley.sara.nl:1006 > 12/03/07 17:08:37 INFO datanode.DataNode: Waiting for threadgroup to exit, > active threads is 0{noformat} > The same happens if I set an absolute path to an existing > dfs.https.server.keystore.resource - in this case the file cannot be found > but not even a WARN is given. > Since in dfs.https.server.keystore.resource we know we need to have 4 > properties specified (ssl.server.truststore.location, > ssl.server.keystore.location, ssl.server.keystore.password, and > ssl.server.keystore.keypassword) we should check if they are set and throw an > IOException if they are not. -- This message was sent by Atlassian JIRA (v6.3.4#6332)