[ 
https://issues.apache.org/jira/browse/HDFS-3059?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14965791#comment-14965791
 ] 

Hudson commented on HDFS-3059:
------------------------------

FAILURE: Integrated in Hadoop-trunk-Commit #8672 (See 
[https://builds.apache.org/job/Hadoop-trunk-Commit/8672/])
HDFS-3059. ssl-server.xml causes NullPointer. Contributed by Xiao Chen. (wang: 
rev 6c8b6f3646b31a3e028704bc7fd78bf319f89f0a)
* 
hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/TestHDFSServerPorts.java
* 
hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/DFSUtil.java
* hadoop-hdfs-project/hadoop-hdfs/CHANGES.txt
* 
hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/SecondaryNameNode.java
* 
hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/DFSConfigKeys.java


> ssl-server.xml causes NullPointer
> ---------------------------------
>
>                 Key: HDFS-3059
>                 URL: https://issues.apache.org/jira/browse/HDFS-3059
>             Project: Hadoop HDFS
>          Issue Type: Bug
>          Components: datanode, security
>    Affects Versions: 2.7.1
>         Environment: in core-site.xml:
> {code:xml}
>   <property>
>     <name>hadoop.security.authentication</name>
>     <value>kerberos</value>
>   </property>
>   <property>
>     <name>hadoop.security.authorization</name>
>     <value>true</value>
>   </property>
> {code}
> in hdfs-site.xml:
> {code:xml}
>   <property>
>     <name>dfs.https.server.keystore.resource</name>
>     <value>/etc/hadoop/conf/ssl-server.xml</value>
>   </property>
>   <property>
>     <name>dfs.https.enable</name>
>     <value>true</value>
>   </property>
>   <property>
>     ...other security props
>   </property>
> {code}
>            Reporter: Evert Lammerts
>            Assignee: Xiao Chen
>            Priority: Minor
>              Labels: BB2015-05-TBR
>             Fix For: 3.0.0
>
>         Attachments: HDFS-3059.02.patch, HDFS-3059.03.patch, 
> HDFS-3059.04.patch, HDFS-3059.05.patch, HDFS-3059.06.patch, 
> HDFS-3059.07.patch, HDFS-3059.08.patch, HDFS-3059.patch, HDFS-3059.patch.2
>
>
> If ssl is enabled (dfs.https.enable) but ssl-server.xml is not available, a 
> DN will crash during startup while setting up an SSL socket with a 
> NullPointerException:
> {noformat}12/03/07 17:08:36 DEBUG security.Krb5AndCertsSslSocketConnector: 
> useKerb = false, useCerts = true
> jetty.ssl.password : jetty.ssl.keypassword : 12/03/07 17:08:36 INFO 
> mortbay.log: jetty-6.1.26.cloudera.1
> 12/03/07 17:08:36 INFO mortbay.log: Started 
> selectchannelconnec...@p-worker35.alley.sara.nl:1006
> 12/03/07 17:08:36 DEBUG security.Krb5AndCertsSslSocketConnector: Creating new 
> KrbServerSocket for: 0.0.0.0
> 12/03/07 17:08:36 WARN mortbay.log: java.lang.NullPointerException
> 12/03/07 17:08:36 WARN mortbay.log: failed 
> Krb5AndCertsSslSocketConnector@0.0.0.0:50475: java.io.IOException: 
> !JsseListener: java.lang.NullPointerException
> 12/03/07 17:08:36 WARN mortbay.log: failed Server@604788d5: 
> java.io.IOException: !JsseListener: java.lang.NullPointerException
> 12/03/07 17:08:36 INFO mortbay.log: Stopped 
> Krb5AndCertsSslSocketConnector@0.0.0.0:50475
> 12/03/07 17:08:36 INFO mortbay.log: Stopped 
> selectchannelconnec...@p-worker35.alley.sara.nl:1006
> 12/03/07 17:08:37 INFO datanode.DataNode: Waiting for threadgroup to exit, 
> active threads is 0{noformat}
> The same happens if I set an absolute path to an existing 
> dfs.https.server.keystore.resource - in this case the file cannot be found 
> but not even a WARN is given.
> Since in dfs.https.server.keystore.resource we know we need to have 4 
> properties specified (ssl.server.truststore.location, 
> ssl.server.keystore.location, ssl.server.keystore.password, and 
> ssl.server.keystore.keypassword) we should check if they are set and throw an 
> IOException if they are not.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to