Re: Review Request 31277: ZOOKEEPER-2125: SSL on Netty client-server communication
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31277/ --- (Updated March 7, 2015, 1:04 a.m.) Review request for zookeeper. Repository: zookeeper-git Description --- ZOOKEEPER-2125: SSL on Netty client-server communication Diffs (updated) - src/docs/src/documentation/content/xdocs/zookeeperAdmin.xml 202051f1f7f517b1e1a3c561c0008449ab3c48a6 src/java/main/org/apache/zookeeper/ClientCnxnSocketNetty.java PRE-CREATION src/java/main/org/apache/zookeeper/ZooKeeper.java dd13cc9ba5096312b06999a03ae0057cd3677623 src/java/main/org/apache/zookeeper/common/X509Exception.java PRE-CREATION src/java/main/org/apache/zookeeper/common/X509Util.java PRE-CREATION src/java/main/org/apache/zookeeper/server/FinalRequestProcessor.java a97be4a5452006fbd85d355c0dcb16276cbf1c59 src/java/main/org/apache/zookeeper/server/NIOServerCnxnFactory.java acabb33f6c7a000706763ccba94cbaf5aaaca08e src/java/main/org/apache/zookeeper/server/NettyServerCnxnFactory.java 41268805fe16244aeea4db3f35f13a6987b30187 src/java/main/org/apache/zookeeper/server/ServerCnxnFactory.java 14037722c569d560acef56de0b5a7ae13464128c src/java/main/org/apache/zookeeper/server/ServerConfig.java f2b8463e871739319bdf40be1f014d5ad0af5602 src/java/main/org/apache/zookeeper/server/ZooKeeperServer.java 30a0ed390bb7473ddb36757da97bc7d5f4281887 src/java/main/org/apache/zookeeper/server/ZooKeeperServerBean.java 0eb5c7f979199f2f7dcb9e5cfa011a9b20113713 src/java/main/org/apache/zookeeper/server/ZooKeeperServerMain.java b756d349abeb1fc69534100c3633db4c1c18e031 src/java/main/org/apache/zookeeper/server/quorum/Leader.java 20589045752a7ba4ae9c9090055a4fcbe86a8eda src/java/main/org/apache/zookeeper/server/quorum/Learner.java 4dd1e947357080f3e055f3e7e2a78c979daa6ea7 src/java/main/org/apache/zookeeper/server/quorum/QuorumPeer.java 388ceeb45bd18c7cb8f0766a96ebd4a54a9e76de src/java/main/org/apache/zookeeper/server/quorum/QuorumPeerConfig.java badc8df1f05dea4be337bc8312d7ac22f6c77dc3 src/java/main/org/apache/zookeeper/server/quorum/QuorumPeerMain.java d17c58d59e0131a78adde1becb5c23ce8c7a16a7 src/java/main/org/apache/zookeeper/server/quorum/ReadOnlyZooKeeperServer.java 2aab6d09f9bd980ed76f886fb8168aae2ac8f99f src/java/test/org/apache/zookeeper/server/quorum/QuorumPeerTestBase.java 6ab19b1eb137c8b13b8ad031d474e213267da1ea src/java/test/org/apache/zookeeper/server/quorum/Zab1_0Test.java 6ce058e48d17410d89d8348ee659dd7752bfd578 src/java/test/org/apache/zookeeper/test/ReconfigTest.java 8b238ee7463508122010208ebc3e786caa2cf1b1 src/java/test/org/apache/zookeeper/test/SSLTest.java PRE-CREATION Diff: https://reviews.apache.org/r/31277/diff/ Testing --- Thanks, Hongchao Deng
Re: Review Request 31277: ZOOKEEPER-2125: SSL on Netty client-server communication
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31277/ --- (Updated March 6, 2015, 10:48 p.m.) Review request for zookeeper. Repository: zookeeper-git Description --- ZOOKEEPER-2125: SSL on Netty client-server communication Diffs (updated) - src/docs/src/documentation/content/xdocs/zookeeperAdmin.xml 202051f1f7f517b1e1a3c561c0008449ab3c48a6 src/java/main/org/apache/zookeeper/ClientCnxnSocketNetty.java PRE-CREATION src/java/main/org/apache/zookeeper/ZooKeeper.java dd13cc9ba5096312b06999a03ae0057cd3677623 src/java/main/org/apache/zookeeper/common/X509Exception.java PRE-CREATION src/java/main/org/apache/zookeeper/common/X509Util.java PRE-CREATION src/java/main/org/apache/zookeeper/server/FinalRequestProcessor.java a97be4a5452006fbd85d355c0dcb16276cbf1c59 src/java/main/org/apache/zookeeper/server/NIOServerCnxnFactory.java acabb33f6c7a000706763ccba94cbaf5aaaca08e src/java/main/org/apache/zookeeper/server/NettyServerCnxnFactory.java 41268805fe16244aeea4db3f35f13a6987b30187 src/java/main/org/apache/zookeeper/server/ServerCnxnFactory.java 14037722c569d560acef56de0b5a7ae13464128c src/java/main/org/apache/zookeeper/server/ServerConfig.java f2b8463e871739319bdf40be1f014d5ad0af5602 src/java/main/org/apache/zookeeper/server/ZooKeeperServer.java 30a0ed390bb7473ddb36757da97bc7d5f4281887 src/java/main/org/apache/zookeeper/server/ZooKeeperServerBean.java 0eb5c7f979199f2f7dcb9e5cfa011a9b20113713 src/java/main/org/apache/zookeeper/server/ZooKeeperServerMain.java b756d349abeb1fc69534100c3633db4c1c18e031 src/java/main/org/apache/zookeeper/server/quorum/Leader.java 20589045752a7ba4ae9c9090055a4fcbe86a8eda src/java/main/org/apache/zookeeper/server/quorum/Learner.java 4dd1e947357080f3e055f3e7e2a78c979daa6ea7 src/java/main/org/apache/zookeeper/server/quorum/QuorumPeer.java 388ceeb45bd18c7cb8f0766a96ebd4a54a9e76de src/java/main/org/apache/zookeeper/server/quorum/QuorumPeerConfig.java badc8df1f05dea4be337bc8312d7ac22f6c77dc3 src/java/main/org/apache/zookeeper/server/quorum/QuorumPeerMain.java d17c58d59e0131a78adde1becb5c23ce8c7a16a7 src/java/main/org/apache/zookeeper/server/quorum/ReadOnlyZooKeeperServer.java 2aab6d09f9bd980ed76f886fb8168aae2ac8f99f src/java/test/org/apache/zookeeper/server/quorum/QuorumPeerTestBase.java 6ab19b1eb137c8b13b8ad031d474e213267da1ea src/java/test/org/apache/zookeeper/server/quorum/Zab1_0Test.java 6ce058e48d17410d89d8348ee659dd7752bfd578 src/java/test/org/apache/zookeeper/test/ReconfigTest.java 8b238ee7463508122010208ebc3e786caa2cf1b1 src/java/test/org/apache/zookeeper/test/SSLTest.java PRE-CREATION Diff: https://reviews.apache.org/r/31277/diff/ Testing --- Thanks, Hongchao Deng
[jira] [Updated] (ZOOKEEPER-2125) SSL on Netty client-server communication
[ https://issues.apache.org/jira/browse/ZOOKEEPER-2125?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Hongchao Deng updated ZOOKEEPER-2125: - Attachment: ZOOKEEPER-2125.patch SSL on Netty client-server communication Key: ZOOKEEPER-2125 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2125 Project: ZooKeeper Issue Type: Sub-task Reporter: Hongchao Deng Assignee: Hongchao Deng Fix For: 3.5.1 Attachments: ZOOKEEPER-2125.patch, ZOOKEEPER-2125.patch, ZOOKEEPER-2125.patch, ZOOKEEPER-2125.patch, ZOOKEEPER-2125.patch, ZOOKEEPER-2125.patch, ZOOKEEPER-2125.patch, ZOOKEEPER-2125.patch Supporting SSL on Netty client-server communication. 1. It supports keystore and trustore usage. 2. It adds an additional ZK server port which supports SSL. This would be useful for rolling upgrade. RB: https://reviews.apache.org/r/31277/ h2. How to use it You need to set some parameters on both ZK server and client. h3. Server You need to specify a listening SSL port in zoo.cfg: {code} secureClientPort=2281 {code} Just like what you did with clientPort. And then set some jvm flags: {code} export SERVER_JVMFLAGS=-Dzookeeper.serverCnxnFactory=org.apache.zookeeper.server.NettyServerCnxnFactory -Dzookeeper.ssl.keyStore.location=/root/zookeeper/ssl/testKeyStore.jks -Dzookeeper.ssl.keyStore.password=testpass -Dzookeeper.ssl.trustStore.location=/root/zookeeper/ssl/testTrustStore.jks -Dzookeeper.ssl.trustStore.password=testpass {code} Please change keystore and truststore parameters accordingly. h3. Client You need to set jvm flags: {code} export CLIENT_JVMFLAGS=-Dzookeeper.clientCnxnSocket=org.apache.zookeeper.ClientCnxnSocketNetty -Dzookeeper.client.secure=true -Dzookeeper.ssl.keyStore.location=/root/zookeeper/ssl/testKeyStore.jks -Dzookeeper.ssl.keyStore.password=testpass -Dzookeeper.ssl.trustStore.location=/root/zookeeper/ssl/testTrustStore.jks -Dzookeeper.ssl.trustStore.password=testpass {code} change keystore and truststore parameters accordingly. And then connect to the server's SSL port, in this case: {code} bin/zkCli.sh -server 127.0.0.1:2281 {code} If you have any feedback, you are more than welcome to discuss it here! -- This message was sent by Atlassian JIRA (v6.3.4#6332)
Re: Review Request 31277: ZOOKEEPER-2125: SSL on Netty client-server communication
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31277/ --- (Updated March 6, 2015, 10:41 p.m.) Review request for zookeeper. Repository: zookeeper-git Description --- ZOOKEEPER-2125: SSL on Netty client-server communication Diffs (updated) - src/docs/src/documentation/content/xdocs/zookeeperAdmin.xml 202051f1f7f517b1e1a3c561c0008449ab3c48a6 src/java/main/org/apache/zookeeper/ClientCnxnSocketNetty.java PRE-CREATION src/java/main/org/apache/zookeeper/ZooKeeper.java dd13cc9ba5096312b06999a03ae0057cd3677623 src/java/main/org/apache/zookeeper/common/X509Exception.java PRE-CREATION src/java/main/org/apache/zookeeper/common/X509Util.java PRE-CREATION src/java/main/org/apache/zookeeper/server/FinalRequestProcessor.java a97be4a5452006fbd85d355c0dcb16276cbf1c59 src/java/main/org/apache/zookeeper/server/NIOServerCnxnFactory.java acabb33f6c7a000706763ccba94cbaf5aaaca08e src/java/main/org/apache/zookeeper/server/NettyServerCnxnFactory.java 41268805fe16244aeea4db3f35f13a6987b30187 src/java/main/org/apache/zookeeper/server/ServerCnxnFactory.java 14037722c569d560acef56de0b5a7ae13464128c src/java/main/org/apache/zookeeper/server/ServerConfig.java f2b8463e871739319bdf40be1f014d5ad0af5602 src/java/main/org/apache/zookeeper/server/ZooKeeperServer.java 30a0ed390bb7473ddb36757da97bc7d5f4281887 src/java/main/org/apache/zookeeper/server/ZooKeeperServerBean.java 0eb5c7f979199f2f7dcb9e5cfa011a9b20113713 src/java/main/org/apache/zookeeper/server/ZooKeeperServerMain.java b756d349abeb1fc69534100c3633db4c1c18e031 src/java/main/org/apache/zookeeper/server/quorum/Leader.java 20589045752a7ba4ae9c9090055a4fcbe86a8eda src/java/main/org/apache/zookeeper/server/quorum/Learner.java 4dd1e947357080f3e055f3e7e2a78c979daa6ea7 src/java/main/org/apache/zookeeper/server/quorum/QuorumPeer.java 388ceeb45bd18c7cb8f0766a96ebd4a54a9e76de src/java/main/org/apache/zookeeper/server/quorum/QuorumPeerConfig.java badc8df1f05dea4be337bc8312d7ac22f6c77dc3 src/java/main/org/apache/zookeeper/server/quorum/QuorumPeerMain.java d17c58d59e0131a78adde1becb5c23ce8c7a16a7 src/java/main/org/apache/zookeeper/server/quorum/ReadOnlyZooKeeperServer.java 2aab6d09f9bd980ed76f886fb8168aae2ac8f99f src/java/test/data/ssl/README.md PRE-CREATION src/java/test/data/ssl/testKeyStore.jks PRE-CREATION src/java/test/data/ssl/testTrustStore.jks PRE-CREATION src/java/test/org/apache/zookeeper/server/quorum/QuorumPeerTestBase.java 6ab19b1eb137c8b13b8ad031d474e213267da1ea src/java/test/org/apache/zookeeper/server/quorum/Zab1_0Test.java 6ce058e48d17410d89d8348ee659dd7752bfd578 src/java/test/org/apache/zookeeper/test/ReconfigTest.java 8b238ee7463508122010208ebc3e786caa2cf1b1 src/java/test/org/apache/zookeeper/test/SSLTest.java PRE-CREATION Diff: https://reviews.apache.org/r/31277/diff/ Testing --- Thanks, Hongchao Deng
[jira] [Updated] (ZOOKEEPER-2125) SSL on Netty client-server communication
[ https://issues.apache.org/jira/browse/ZOOKEEPER-2125?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Hongchao Deng updated ZOOKEEPER-2125: - Attachment: ZOOKEEPER-2125.patch SSL on Netty client-server communication Key: ZOOKEEPER-2125 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2125 Project: ZooKeeper Issue Type: Sub-task Reporter: Hongchao Deng Assignee: Hongchao Deng Fix For: 3.5.1 Attachments: ZOOKEEPER-2125.patch, ZOOKEEPER-2125.patch, ZOOKEEPER-2125.patch, ZOOKEEPER-2125.patch, ZOOKEEPER-2125.patch, ZOOKEEPER-2125.patch, ZOOKEEPER-2125.patch, ZOOKEEPER-2125.patch, ZOOKEEPER-2125.patch Supporting SSL on Netty client-server communication. 1. It supports keystore and trustore usage. 2. It adds an additional ZK server port which supports SSL. This would be useful for rolling upgrade. RB: https://reviews.apache.org/r/31277/ h2. How to use it You need to set some parameters on both ZK server and client. h3. Server You need to specify a listening SSL port in zoo.cfg: {code} secureClientPort=2281 {code} Just like what you did with clientPort. And then set some jvm flags: {code} export SERVER_JVMFLAGS=-Dzookeeper.serverCnxnFactory=org.apache.zookeeper.server.NettyServerCnxnFactory -Dzookeeper.ssl.keyStore.location=/root/zookeeper/ssl/testKeyStore.jks -Dzookeeper.ssl.keyStore.password=testpass -Dzookeeper.ssl.trustStore.location=/root/zookeeper/ssl/testTrustStore.jks -Dzookeeper.ssl.trustStore.password=testpass {code} Please change keystore and truststore parameters accordingly. h3. Client You need to set jvm flags: {code} export CLIENT_JVMFLAGS=-Dzookeeper.clientCnxnSocket=org.apache.zookeeper.ClientCnxnSocketNetty -Dzookeeper.client.secure=true -Dzookeeper.ssl.keyStore.location=/root/zookeeper/ssl/testKeyStore.jks -Dzookeeper.ssl.keyStore.password=testpass -Dzookeeper.ssl.trustStore.location=/root/zookeeper/ssl/testTrustStore.jks -Dzookeeper.ssl.trustStore.password=testpass {code} change keystore and truststore parameters accordingly. And then connect to the server's SSL port, in this case: {code} bin/zkCli.sh -server 127.0.0.1:2281 {code} If you have any feedback, you are more than welcome to discuss it here! -- This message was sent by Atlassian JIRA (v6.3.4#6332)
Re: Review Request 31277: ZOOKEEPER-2125: SSL on Netty client-server communication
On March 6, 2015, 8:39 p.m., Rakesh R wrote: src/java/main/org/apache/zookeeper/ClientCnxnSocketNetty.java, line 356 https://reviews.apache.org/r/31277/diff/11/?file=886448#file886448line356 do we need synchronization here? It's not obvious here. I am going to add some comments. The reason is avoid race of shared sslEngine. On March 6, 2015, 8:39 p.m., Rakesh R wrote: src/java/main/org/apache/zookeeper/ClientCnxnSocketNetty.java, line 343 https://reviews.apache.org/r/31277/diff/11/?file=886448#file886448line343 please move sslEngine,sslContext inside the method initSSL(pipeline) as local variables? They only need to be initiated once. Later on, connections will reuse the sslEngine. On March 6, 2015, 8:39 p.m., Rakesh R wrote: src/java/main/org/apache/zookeeper/ClientCnxnSocketNetty.java, line 357 https://reviews.apache.org/r/31277/diff/11/?file=886448#file886448line357 I could see new ZKClientPipelineFactory() is always created and not required to do null checks here, isn't it? Isn't ZKClientPipelineFactory() created only once? Netty 3.x docs said that channelpipeline is per connection, and cpFactory creates for each. On March 6, 2015, 8:39 p.m., Rakesh R wrote: src/java/main/org/apache/zookeeper/ClientCnxnSocketNetty.java, line 363 https://reviews.apache.org/r/31277/diff/11/?file=886448#file886448line363 this log wouldn't help much, probably you can try include info like pipeline.getChannel() details. Or can make this DEBUG level priority. Right. Adding channel details will be useful when things go wrong. On March 6, 2015, 8:39 p.m., Rakesh R wrote: src/java/main/org/apache/zookeeper/common/X509Error.java, line 21 https://reviews.apache.org/r/31277/diff/11/?file=886450#file886450line21 I prefer to use X509Exception instead of X509Error, can you rename this to X509Exception? Sure - Hongchao --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31277/#review75525 --- On March 6, 2015, 12:17 a.m., Hongchao Deng wrote: --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31277/ --- (Updated March 6, 2015, 12:17 a.m.) Review request for zookeeper. Repository: zookeeper-git Description --- ZOOKEEPER-2125: SSL on Netty client-server communication Diffs - src/docs/src/documentation/content/xdocs/zookeeperAdmin.xml 202051f1f7f517b1e1a3c561c0008449ab3c48a6 src/java/main/org/apache/zookeeper/ClientCnxnSocketNetty.java PRE-CREATION src/java/main/org/apache/zookeeper/ZooKeeper.java dd13cc9ba5096312b06999a03ae0057cd3677623 src/java/main/org/apache/zookeeper/common/X509Error.java PRE-CREATION src/java/main/org/apache/zookeeper/common/X509Util.java PRE-CREATION src/java/main/org/apache/zookeeper/server/NIOServerCnxnFactory.java acabb33f6c7a000706763ccba94cbaf5aaaca08e src/java/main/org/apache/zookeeper/server/NettyServerCnxnFactory.java 41268805fe16244aeea4db3f35f13a6987b30187 src/java/main/org/apache/zookeeper/server/ServerCnxnFactory.java 14037722c569d560acef56de0b5a7ae13464128c src/java/main/org/apache/zookeeper/server/ServerConfig.java f2b8463e871739319bdf40be1f014d5ad0af5602 src/java/main/org/apache/zookeeper/server/ZooKeeperServer.java 30a0ed390bb7473ddb36757da97bc7d5f4281887 src/java/main/org/apache/zookeeper/server/ZooKeeperServerBean.java 0eb5c7f979199f2f7dcb9e5cfa011a9b20113713 src/java/main/org/apache/zookeeper/server/ZooKeeperServerMain.java b756d349abeb1fc69534100c3633db4c1c18e031 src/java/main/org/apache/zookeeper/server/quorum/Leader.java 20589045752a7ba4ae9c9090055a4fcbe86a8eda src/java/main/org/apache/zookeeper/server/quorum/Learner.java 4dd1e947357080f3e055f3e7e2a78c979daa6ea7 src/java/main/org/apache/zookeeper/server/quorum/QuorumPeer.java 388ceeb45bd18c7cb8f0766a96ebd4a54a9e76de src/java/main/org/apache/zookeeper/server/quorum/QuorumPeerConfig.java badc8df1f05dea4be337bc8312d7ac22f6c77dc3 src/java/main/org/apache/zookeeper/server/quorum/QuorumPeerMain.java d17c58d59e0131a78adde1becb5c23ce8c7a16a7 src/java/main/org/apache/zookeeper/server/quorum/ReadOnlyZooKeeperServer.java 2aab6d09f9bd980ed76f886fb8168aae2ac8f99f src/java/test/data/ssl/README.md PRE-CREATION src/java/test/data/ssl/testKeyStore.jks PRE-CREATION src/java/test/data/ssl/testTrustStore.jks PRE-CREATION src/java/test/org/apache/zookeeper/server/quorum/QuorumPeerTestBase.java 6ab19b1eb137c8b13b8ad031d474e213267da1ea src/java/test/org/apache/zookeeper/server/quorum/Zab1_0Test.java 6ce058e48d17410d89d8348ee659dd7752bfd578
[jira] [Commented] (ZOOKEEPER-2125) SSL on Netty client-server communication
[ https://issues.apache.org/jira/browse/ZOOKEEPER-2125?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14351081#comment-14351081 ] Hongchao Deng commented on ZOOKEEPER-2125: -- Attached a new patch addressing Rakesh's comments. SSL on Netty client-server communication Key: ZOOKEEPER-2125 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2125 Project: ZooKeeper Issue Type: Sub-task Reporter: Hongchao Deng Assignee: Hongchao Deng Fix For: 3.5.1 Attachments: ZOOKEEPER-2125.patch, ZOOKEEPER-2125.patch, ZOOKEEPER-2125.patch, ZOOKEEPER-2125.patch, ZOOKEEPER-2125.patch, ZOOKEEPER-2125.patch, ZOOKEEPER-2125.patch, ZOOKEEPER-2125.patch Supporting SSL on Netty client-server communication. 1. It supports keystore and trustore usage. 2. It adds an additional ZK server port which supports SSL. This would be useful for rolling upgrade. RB: https://reviews.apache.org/r/31277/ h2. How to use it You need to set some parameters on both ZK server and client. h3. Server You need to specify a listening SSL port in zoo.cfg: {code} secureClientPort=2281 {code} Just like what you did with clientPort. And then set some jvm flags: {code} export SERVER_JVMFLAGS=-Dzookeeper.serverCnxnFactory=org.apache.zookeeper.server.NettyServerCnxnFactory -Dzookeeper.ssl.keyStore.location=/root/zookeeper/ssl/testKeyStore.jks -Dzookeeper.ssl.keyStore.password=testpass -Dzookeeper.ssl.trustStore.location=/root/zookeeper/ssl/testTrustStore.jks -Dzookeeper.ssl.trustStore.password=testpass {code} Please change keystore and truststore parameters accordingly. h3. Client You need to set jvm flags: {code} export CLIENT_JVMFLAGS=-Dzookeeper.clientCnxnSocket=org.apache.zookeeper.ClientCnxnSocketNetty -Dzookeeper.client.secure=true -Dzookeeper.ssl.keyStore.location=/root/zookeeper/ssl/testKeyStore.jks -Dzookeeper.ssl.keyStore.password=testpass -Dzookeeper.ssl.trustStore.location=/root/zookeeper/ssl/testTrustStore.jks -Dzookeeper.ssl.trustStore.password=testpass {code} change keystore and truststore parameters accordingly. And then connect to the server's SSL port, in this case: {code} bin/zkCli.sh -server 127.0.0.1:2281 {code} If you have any feedback, you are more than welcome to discuss it here! -- This message was sent by Atlassian JIRA (v6.3.4#6332)
Re: Review Request 31277: ZOOKEEPER-2125: SSL on Netty client-server communication
On March 7, 2015, 1:08 a.m., Raul Gutierrez Segales wrote: src/java/test/org/apache/zookeeper/server/quorum/Zab1_0Test.java, line 849 https://reviews.apache.org/r/31277/diff/12-14/?file=887835#file887835line849 can we get rid of these red tabs pls? Yes I did a few other pushes to get rid of unnecessary changes :) See the latest version. - Hongchao --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31277/#review75593 --- On March 7, 2015, 1:04 a.m., Hongchao Deng wrote: --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31277/ --- (Updated March 7, 2015, 1:04 a.m.) Review request for zookeeper. Repository: zookeeper-git Description --- ZOOKEEPER-2125: SSL on Netty client-server communication Diffs - src/docs/src/documentation/content/xdocs/zookeeperAdmin.xml 202051f1f7f517b1e1a3c561c0008449ab3c48a6 src/java/main/org/apache/zookeeper/ClientCnxnSocketNetty.java PRE-CREATION src/java/main/org/apache/zookeeper/ZooKeeper.java dd13cc9ba5096312b06999a03ae0057cd3677623 src/java/main/org/apache/zookeeper/common/X509Exception.java PRE-CREATION src/java/main/org/apache/zookeeper/common/X509Util.java PRE-CREATION src/java/main/org/apache/zookeeper/server/FinalRequestProcessor.java a97be4a5452006fbd85d355c0dcb16276cbf1c59 src/java/main/org/apache/zookeeper/server/NIOServerCnxnFactory.java acabb33f6c7a000706763ccba94cbaf5aaaca08e src/java/main/org/apache/zookeeper/server/NettyServerCnxnFactory.java 41268805fe16244aeea4db3f35f13a6987b30187 src/java/main/org/apache/zookeeper/server/ServerCnxnFactory.java 14037722c569d560acef56de0b5a7ae13464128c src/java/main/org/apache/zookeeper/server/ServerConfig.java f2b8463e871739319bdf40be1f014d5ad0af5602 src/java/main/org/apache/zookeeper/server/ZooKeeperServer.java 30a0ed390bb7473ddb36757da97bc7d5f4281887 src/java/main/org/apache/zookeeper/server/ZooKeeperServerBean.java 0eb5c7f979199f2f7dcb9e5cfa011a9b20113713 src/java/main/org/apache/zookeeper/server/ZooKeeperServerMain.java b756d349abeb1fc69534100c3633db4c1c18e031 src/java/main/org/apache/zookeeper/server/quorum/Leader.java 20589045752a7ba4ae9c9090055a4fcbe86a8eda src/java/main/org/apache/zookeeper/server/quorum/Learner.java 4dd1e947357080f3e055f3e7e2a78c979daa6ea7 src/java/main/org/apache/zookeeper/server/quorum/QuorumPeer.java 388ceeb45bd18c7cb8f0766a96ebd4a54a9e76de src/java/main/org/apache/zookeeper/server/quorum/QuorumPeerConfig.java badc8df1f05dea4be337bc8312d7ac22f6c77dc3 src/java/main/org/apache/zookeeper/server/quorum/QuorumPeerMain.java d17c58d59e0131a78adde1becb5c23ce8c7a16a7 src/java/main/org/apache/zookeeper/server/quorum/ReadOnlyZooKeeperServer.java 2aab6d09f9bd980ed76f886fb8168aae2ac8f99f src/java/test/org/apache/zookeeper/server/quorum/QuorumPeerTestBase.java 6ab19b1eb137c8b13b8ad031d474e213267da1ea src/java/test/org/apache/zookeeper/server/quorum/Zab1_0Test.java 6ce058e48d17410d89d8348ee659dd7752bfd578 src/java/test/org/apache/zookeeper/test/ReconfigTest.java 8b238ee7463508122010208ebc3e786caa2cf1b1 src/java/test/org/apache/zookeeper/test/SSLTest.java PRE-CREATION Diff: https://reviews.apache.org/r/31277/diff/ Testing --- Thanks, Hongchao Deng
Re: Review Request 31277: ZOOKEEPER-2125: SSL on Netty client-server communication
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31277/#review75593 --- src/java/test/org/apache/zookeeper/server/quorum/Zab1_0Test.java https://reviews.apache.org/r/31277/#comment122791 can we get rid of these red tabs pls? - Raul Gutierrez Segales On March 7, 2015, 1:04 a.m., Hongchao Deng wrote: --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31277/ --- (Updated March 7, 2015, 1:04 a.m.) Review request for zookeeper. Repository: zookeeper-git Description --- ZOOKEEPER-2125: SSL on Netty client-server communication Diffs - src/docs/src/documentation/content/xdocs/zookeeperAdmin.xml 202051f1f7f517b1e1a3c561c0008449ab3c48a6 src/java/main/org/apache/zookeeper/ClientCnxnSocketNetty.java PRE-CREATION src/java/main/org/apache/zookeeper/ZooKeeper.java dd13cc9ba5096312b06999a03ae0057cd3677623 src/java/main/org/apache/zookeeper/common/X509Exception.java PRE-CREATION src/java/main/org/apache/zookeeper/common/X509Util.java PRE-CREATION src/java/main/org/apache/zookeeper/server/FinalRequestProcessor.java a97be4a5452006fbd85d355c0dcb16276cbf1c59 src/java/main/org/apache/zookeeper/server/NIOServerCnxnFactory.java acabb33f6c7a000706763ccba94cbaf5aaaca08e src/java/main/org/apache/zookeeper/server/NettyServerCnxnFactory.java 41268805fe16244aeea4db3f35f13a6987b30187 src/java/main/org/apache/zookeeper/server/ServerCnxnFactory.java 14037722c569d560acef56de0b5a7ae13464128c src/java/main/org/apache/zookeeper/server/ServerConfig.java f2b8463e871739319bdf40be1f014d5ad0af5602 src/java/main/org/apache/zookeeper/server/ZooKeeperServer.java 30a0ed390bb7473ddb36757da97bc7d5f4281887 src/java/main/org/apache/zookeeper/server/ZooKeeperServerBean.java 0eb5c7f979199f2f7dcb9e5cfa011a9b20113713 src/java/main/org/apache/zookeeper/server/ZooKeeperServerMain.java b756d349abeb1fc69534100c3633db4c1c18e031 src/java/main/org/apache/zookeeper/server/quorum/Leader.java 20589045752a7ba4ae9c9090055a4fcbe86a8eda src/java/main/org/apache/zookeeper/server/quorum/Learner.java 4dd1e947357080f3e055f3e7e2a78c979daa6ea7 src/java/main/org/apache/zookeeper/server/quorum/QuorumPeer.java 388ceeb45bd18c7cb8f0766a96ebd4a54a9e76de src/java/main/org/apache/zookeeper/server/quorum/QuorumPeerConfig.java badc8df1f05dea4be337bc8312d7ac22f6c77dc3 src/java/main/org/apache/zookeeper/server/quorum/QuorumPeerMain.java d17c58d59e0131a78adde1becb5c23ce8c7a16a7 src/java/main/org/apache/zookeeper/server/quorum/ReadOnlyZooKeeperServer.java 2aab6d09f9bd980ed76f886fb8168aae2ac8f99f src/java/test/org/apache/zookeeper/server/quorum/QuorumPeerTestBase.java 6ab19b1eb137c8b13b8ad031d474e213267da1ea src/java/test/org/apache/zookeeper/server/quorum/Zab1_0Test.java 6ce058e48d17410d89d8348ee659dd7752bfd578 src/java/test/org/apache/zookeeper/test/ReconfigTest.java 8b238ee7463508122010208ebc3e786caa2cf1b1 src/java/test/org/apache/zookeeper/test/SSLTest.java PRE-CREATION Diff: https://reviews.apache.org/r/31277/diff/ Testing --- Thanks, Hongchao Deng
Re: Review Request 31277: ZOOKEEPER-2125: SSL on Netty client-server communication
On March 6, 2015, 8:39 p.m., Rakesh R wrote: src/java/main/org/apache/zookeeper/common/X509Error.java, line 21 https://reviews.apache.org/r/31277/diff/11/?file=886450#file886450line21 I prefer to use X509Exception instead of X509Error, can you rename this to X509Exception? Hongchao Deng wrote: Sure Hi Rakesh, findbugs complains that X509Exception didn't extend Exception. I think changing back to X509Error will work. Any opinions? - Hongchao --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31277/#review75525 --- On March 7, 2015, 1:04 a.m., Hongchao Deng wrote: --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31277/ --- (Updated March 7, 2015, 1:04 a.m.) Review request for zookeeper. Repository: zookeeper-git Description --- ZOOKEEPER-2125: SSL on Netty client-server communication Diffs - src/docs/src/documentation/content/xdocs/zookeeperAdmin.xml 202051f1f7f517b1e1a3c561c0008449ab3c48a6 src/java/main/org/apache/zookeeper/ClientCnxnSocketNetty.java PRE-CREATION src/java/main/org/apache/zookeeper/ZooKeeper.java dd13cc9ba5096312b06999a03ae0057cd3677623 src/java/main/org/apache/zookeeper/common/X509Exception.java PRE-CREATION src/java/main/org/apache/zookeeper/common/X509Util.java PRE-CREATION src/java/main/org/apache/zookeeper/server/FinalRequestProcessor.java a97be4a5452006fbd85d355c0dcb16276cbf1c59 src/java/main/org/apache/zookeeper/server/NIOServerCnxnFactory.java acabb33f6c7a000706763ccba94cbaf5aaaca08e src/java/main/org/apache/zookeeper/server/NettyServerCnxnFactory.java 41268805fe16244aeea4db3f35f13a6987b30187 src/java/main/org/apache/zookeeper/server/ServerCnxnFactory.java 14037722c569d560acef56de0b5a7ae13464128c src/java/main/org/apache/zookeeper/server/ServerConfig.java f2b8463e871739319bdf40be1f014d5ad0af5602 src/java/main/org/apache/zookeeper/server/ZooKeeperServer.java 30a0ed390bb7473ddb36757da97bc7d5f4281887 src/java/main/org/apache/zookeeper/server/ZooKeeperServerBean.java 0eb5c7f979199f2f7dcb9e5cfa011a9b20113713 src/java/main/org/apache/zookeeper/server/ZooKeeperServerMain.java b756d349abeb1fc69534100c3633db4c1c18e031 src/java/main/org/apache/zookeeper/server/quorum/Leader.java 20589045752a7ba4ae9c9090055a4fcbe86a8eda src/java/main/org/apache/zookeeper/server/quorum/Learner.java 4dd1e947357080f3e055f3e7e2a78c979daa6ea7 src/java/main/org/apache/zookeeper/server/quorum/QuorumPeer.java 388ceeb45bd18c7cb8f0766a96ebd4a54a9e76de src/java/main/org/apache/zookeeper/server/quorum/QuorumPeerConfig.java badc8df1f05dea4be337bc8312d7ac22f6c77dc3 src/java/main/org/apache/zookeeper/server/quorum/QuorumPeerMain.java d17c58d59e0131a78adde1becb5c23ce8c7a16a7 src/java/main/org/apache/zookeeper/server/quorum/ReadOnlyZooKeeperServer.java 2aab6d09f9bd980ed76f886fb8168aae2ac8f99f src/java/test/org/apache/zookeeper/server/quorum/QuorumPeerTestBase.java 6ab19b1eb137c8b13b8ad031d474e213267da1ea src/java/test/org/apache/zookeeper/server/quorum/Zab1_0Test.java 6ce058e48d17410d89d8348ee659dd7752bfd578 src/java/test/org/apache/zookeeper/test/ReconfigTest.java 8b238ee7463508122010208ebc3e786caa2cf1b1 src/java/test/org/apache/zookeeper/test/SSLTest.java PRE-CREATION Diff: https://reviews.apache.org/r/31277/diff/ Testing --- Thanks, Hongchao Deng
Re: Review Request 31277: ZOOKEEPER-2125: SSL on Netty client-server communication
On March 6, 2015, 8:44 p.m., Rakesh R wrote: src/docs/src/documentation/content/xdocs/zookeeperAdmin.xml, line 618 https://reviews.apache.org/r/31277/diff/11/?file=886447#file886447line618 Netty usage is pluggable. SSL feature will be enabled when user user plugged-in zookeeper.serverCnxnFactory, zookeeper.clientCnxnSocket as Netty. isn't it? Its good to capture in the document, whats your opinion? Sounds perfect! - Hongchao --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31277/#review75542 --- On March 6, 2015, 12:17 a.m., Hongchao Deng wrote: --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31277/ --- (Updated March 6, 2015, 12:17 a.m.) Review request for zookeeper. Repository: zookeeper-git Description --- ZOOKEEPER-2125: SSL on Netty client-server communication Diffs - src/docs/src/documentation/content/xdocs/zookeeperAdmin.xml 202051f1f7f517b1e1a3c561c0008449ab3c48a6 src/java/main/org/apache/zookeeper/ClientCnxnSocketNetty.java PRE-CREATION src/java/main/org/apache/zookeeper/ZooKeeper.java dd13cc9ba5096312b06999a03ae0057cd3677623 src/java/main/org/apache/zookeeper/common/X509Error.java PRE-CREATION src/java/main/org/apache/zookeeper/common/X509Util.java PRE-CREATION src/java/main/org/apache/zookeeper/server/NIOServerCnxnFactory.java acabb33f6c7a000706763ccba94cbaf5aaaca08e src/java/main/org/apache/zookeeper/server/NettyServerCnxnFactory.java 41268805fe16244aeea4db3f35f13a6987b30187 src/java/main/org/apache/zookeeper/server/ServerCnxnFactory.java 14037722c569d560acef56de0b5a7ae13464128c src/java/main/org/apache/zookeeper/server/ServerConfig.java f2b8463e871739319bdf40be1f014d5ad0af5602 src/java/main/org/apache/zookeeper/server/ZooKeeperServer.java 30a0ed390bb7473ddb36757da97bc7d5f4281887 src/java/main/org/apache/zookeeper/server/ZooKeeperServerBean.java 0eb5c7f979199f2f7dcb9e5cfa011a9b20113713 src/java/main/org/apache/zookeeper/server/ZooKeeperServerMain.java b756d349abeb1fc69534100c3633db4c1c18e031 src/java/main/org/apache/zookeeper/server/quorum/Leader.java 20589045752a7ba4ae9c9090055a4fcbe86a8eda src/java/main/org/apache/zookeeper/server/quorum/Learner.java 4dd1e947357080f3e055f3e7e2a78c979daa6ea7 src/java/main/org/apache/zookeeper/server/quorum/QuorumPeer.java 388ceeb45bd18c7cb8f0766a96ebd4a54a9e76de src/java/main/org/apache/zookeeper/server/quorum/QuorumPeerConfig.java badc8df1f05dea4be337bc8312d7ac22f6c77dc3 src/java/main/org/apache/zookeeper/server/quorum/QuorumPeerMain.java d17c58d59e0131a78adde1becb5c23ce8c7a16a7 src/java/main/org/apache/zookeeper/server/quorum/ReadOnlyZooKeeperServer.java 2aab6d09f9bd980ed76f886fb8168aae2ac8f99f src/java/test/data/ssl/README.md PRE-CREATION src/java/test/data/ssl/testKeyStore.jks PRE-CREATION src/java/test/data/ssl/testTrustStore.jks PRE-CREATION src/java/test/org/apache/zookeeper/server/quorum/QuorumPeerTestBase.java 6ab19b1eb137c8b13b8ad031d474e213267da1ea src/java/test/org/apache/zookeeper/server/quorum/Zab1_0Test.java 6ce058e48d17410d89d8348ee659dd7752bfd578 src/java/test/org/apache/zookeeper/test/ReconfigTest.java 8b238ee7463508122010208ebc3e786caa2cf1b1 src/java/test/org/apache/zookeeper/test/SSLTest.java PRE-CREATION Diff: https://reviews.apache.org/r/31277/diff/ Testing --- Thanks, Hongchao Deng
[jira] [Commented] (ZOOKEEPER-2125) SSL on Netty client-server communication
[ https://issues.apache.org/jira/browse/ZOOKEEPER-2125?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14351315#comment-14351315 ] Hadoop QA commented on ZOOKEEPER-2125: -- -1 overall. Here are the results of testing the latest attachment http://issues.apache.org/jira/secure/attachment/12703189/ZOOKEEPER-2125.patch against trunk revision 1663127. +1 @author. The patch does not contain any @author tags. +1 tests included. The patch appears to include 14 new or modified tests. +1 javadoc. The javadoc tool did not generate any warning messages. +1 javac. The applied patch does not increase the total number of javac compiler warnings. -1 findbugs. The patch appears to introduce 1 new Findbugs (version 2.0.3) warnings. +1 release audit. The applied patch does not increase the total number of release audit warnings. -1 core tests. The patch failed core unit tests. +1 contrib tests. The patch passed contrib unit tests. Test results: https://builds.apache.org/job/PreCommit-ZOOKEEPER-Build/2545//testReport/ Findbugs warnings: https://builds.apache.org/job/PreCommit-ZOOKEEPER-Build/2545//artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html Console output: https://builds.apache.org/job/PreCommit-ZOOKEEPER-Build/2545//console This message is automatically generated. SSL on Netty client-server communication Key: ZOOKEEPER-2125 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2125 Project: ZooKeeper Issue Type: Sub-task Reporter: Hongchao Deng Assignee: Hongchao Deng Fix For: 3.5.1 Attachments: ZOOKEEPER-2125.patch, ZOOKEEPER-2125.patch, ZOOKEEPER-2125.patch, ZOOKEEPER-2125.patch, ZOOKEEPER-2125.patch, ZOOKEEPER-2125.patch, ZOOKEEPER-2125.patch, ZOOKEEPER-2125.patch, ZOOKEEPER-2125.patch Supporting SSL on Netty client-server communication. 1. It supports keystore and trustore usage. 2. It adds an additional ZK server port which supports SSL. This would be useful for rolling upgrade. RB: https://reviews.apache.org/r/31277/ h2. How to use it You need to set some parameters on both ZK server and client. h3. Server You need to specify a listening SSL port in zoo.cfg: {code} secureClientPort=2281 {code} Just like what you did with clientPort. And then set some jvm flags: {code} export SERVER_JVMFLAGS=-Dzookeeper.serverCnxnFactory=org.apache.zookeeper.server.NettyServerCnxnFactory -Dzookeeper.ssl.keyStore.location=/root/zookeeper/ssl/testKeyStore.jks -Dzookeeper.ssl.keyStore.password=testpass -Dzookeeper.ssl.trustStore.location=/root/zookeeper/ssl/testTrustStore.jks -Dzookeeper.ssl.trustStore.password=testpass {code} Please change keystore and truststore parameters accordingly. h3. Client You need to set jvm flags: {code} export CLIENT_JVMFLAGS=-Dzookeeper.clientCnxnSocket=org.apache.zookeeper.ClientCnxnSocketNetty -Dzookeeper.client.secure=true -Dzookeeper.ssl.keyStore.location=/root/zookeeper/ssl/testKeyStore.jks -Dzookeeper.ssl.keyStore.password=testpass -Dzookeeper.ssl.trustStore.location=/root/zookeeper/ssl/testTrustStore.jks -Dzookeeper.ssl.trustStore.password=testpass {code} change keystore and truststore parameters accordingly. And then connect to the server's SSL port, in this case: {code} bin/zkCli.sh -server 127.0.0.1:2281 {code} If you have any feedback, you are more than welcome to discuss it here! -- This message was sent by Atlassian JIRA (v6.3.4#6332)
Failed: ZOOKEEPER-2125 PreCommit Build #2545
Jira: https://issues.apache.org/jira/browse/ZOOKEEPER-2125 Build: https://builds.apache.org/job/PreCommit-ZOOKEEPER-Build/2545/ ### ## LAST 60 LINES OF THE CONSOLE ### [...truncated 345704 lines...] [exec] [exec] +1 @author. The patch does not contain any @author tags. [exec] [exec] +1 tests included. The patch appears to include 14 new or modified tests. [exec] [exec] +1 javadoc. The javadoc tool did not generate any warning messages. [exec] [exec] +1 javac. The applied patch does not increase the total number of javac compiler warnings. [exec] [exec] -1 findbugs. The patch appears to introduce 1 new Findbugs (version 2.0.3) warnings. [exec] [exec] +1 release audit. The applied patch does not increase the total number of release audit warnings. [exec] [exec] -1 core tests. The patch failed core unit tests. [exec] [exec] +1 contrib tests. The patch passed contrib unit tests. [exec] [exec] Test results: https://builds.apache.org/job/PreCommit-ZOOKEEPER-Build/2545//testReport/ [exec] Findbugs warnings: https://builds.apache.org/job/PreCommit-ZOOKEEPER-Build/2545//artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html [exec] Console output: https://builds.apache.org/job/PreCommit-ZOOKEEPER-Build/2545//console [exec] [exec] This message is automatically generated. [exec] [exec] [exec] == [exec] == [exec] Adding comment to Jira. [exec] == [exec] == [exec] [exec] [exec] Comment added. [exec] 73db371710c076c8b9fb175b7fdda65d03585aa1 logged out [exec] [exec] [exec] == [exec] == [exec] Finished build. [exec] == [exec] == [exec] [exec] BUILD FAILED /home/jenkins/jenkins-slave/workspace/PreCommit-ZOOKEEPER-Build/trunk/build.xml:1714: exec returned: 2 Total time: 45 minutes 55 seconds Build step 'Execute shell' marked build as failure Archiving artifacts Sending artifact delta relative to PreCommit-ZOOKEEPER-Build #2489 Archived 7 artifacts Archive block size is 32768 Received 2 blocks and 495816 bytes Compression is 11.7% Took 0.93 sec Recording test results Description set: ZOOKEEPER-2125 Email was triggered for: Failure Sending email for trigger: Failure ### ## FAILED TESTS (if any) ## 1 tests failed. REGRESSION: org.apache.zookeeper.test.AsyncHammerTest.testHammer Error Message: null Stack Trace: junit.framework.AssertionFailedError at org.apache.zookeeper.test.AsyncHammerTest.testHammer(AsyncHammerTest.java:186) at org.apache.zookeeper.JUnit4ZKTestRunner$LoggedInvokeMethod.evaluate(JUnit4ZKTestRunner.java:52)
ZooKeeper_branch34_solaris - Build # 936 - Failure
See https://builds.apache.org/job/ZooKeeper_branch34_solaris/936/ ### ## LAST 60 LINES OF THE CONSOLE ### Started by timer Building remotely on solaris1 (Solaris) in workspace /export/home/hudson/hudson-slave/workspace/ZooKeeper_branch34_solaris FATAL: hudson.remoting.RequestAbortedException: hudson.remoting.Channel$OrderlyShutdown hudson.remoting.RequestAbortedException: hudson.remoting.RequestAbortedException: hudson.remoting.Channel$OrderlyShutdown at hudson.remoting.RequestAbortedException.wrapForRethrow(RequestAbortedException.java:41) at hudson.remoting.RequestAbortedException.wrapForRethrow(RequestAbortedException.java:34) at hudson.remoting.Request.call(Request.java:174) at hudson.remoting.Channel.call(Channel.java:742) at hudson.FilePath.act(FilePath.java:909) at hudson.FilePath.act(FilePath.java:893) at hudson.FilePath.mkdirs(FilePath.java:1063) at hudson.model.AbstractProject.checkout(AbstractProject.java:1245) at hudson.model.AbstractBuild$AbstractBuildExecution.defaultCheckout(AbstractBuild.java:615) at jenkins.scm.SCMCheckoutStrategy.checkout(SCMCheckoutStrategy.java:86) at hudson.model.AbstractBuild$AbstractBuildExecution.run(AbstractBuild.java:524) at hudson.model.Run.execute(Run.java:1706) at hudson.model.FreeStyleBuild.run(FreeStyleBuild.java:43) at hudson.model.ResourceController.execute(ResourceController.java:88) at hudson.model.Executor.run(Executor.java:232) Caused by: hudson.remoting.RequestAbortedException: hudson.remoting.Channel$OrderlyShutdown at hudson.remoting.Request.abort(Request.java:299) at hudson.remoting.Channel.terminate(Channel.java:805) at hudson.remoting.Channel$CloseCommand.execute(Channel.java:954) at hudson.remoting.Channel$2.handle(Channel.java:474) at hudson.remoting.SynchronousCommandTransport$ReaderThread.run(SynchronousCommandTransport.java:60) Caused by: hudson.remoting.Channel$OrderlyShutdown ... 3 more Caused by: Command close created at at hudson.remoting.Command.init(Command.java:56) at hudson.remoting.Channel$CloseCommand.init(Channel.java:948) at hudson.remoting.Channel$CloseCommand.init(Channel.java:946) at hudson.remoting.Channel.close(Channel.java:1029) at hudson.remoting.Channel.close(Channel.java:1012) at hudson.remoting.Channel$CloseCommand.execute(Channel.java:953) ... 2 more ### ## FAILED TESTS (if any) ## No tests ran.
ZooKeeper-trunk - Build # 2616 - Still Failing
See https://builds.apache.org/job/ZooKeeper-trunk/2616/ ### ## LAST 60 LINES OF THE CONSOLE ### [...truncated 352235 lines...] [junit] 2015-03-06 12:34:51,449 [myid:] - INFO [main:FileTxnSnapLog@298] - Snapshotting: 0xb to /home/jenkins/jenkins-slave/workspace/ZooKeeper-trunk/trunk/build/test/tmp/test2748872539281631827.junit.dir/version-2/snapshot.b [junit] 2015-03-06 12:34:51,451 [myid:] - INFO [main:FourLetterWordMain@43] - connecting to 127.0.0.1 11221 [junit] 2015-03-06 12:34:51,451 [myid:] - INFO [NIOServerCxnFactory.AcceptThread:0.0.0.0/0.0.0.0:11221:NIOServerCnxnFactory$AcceptThread@296] - Accepted socket connection from /127.0.0.1:57988 [junit] 2015-03-06 12:34:51,452 [myid:] - INFO [NIOWorkerThread-1:NIOServerCnxn@835] - Processing stat command from /127.0.0.1:57988 [junit] 2015-03-06 12:34:51,452 [myid:] - INFO [NIOWorkerThread-1:NIOServerCnxn$StatCommand@684] - Stat command output [junit] 2015-03-06 12:34:51,453 [myid:] - INFO [NIOWorkerThread-1:NIOServerCnxn@1006] - Closed socket connection for client /127.0.0.1:57988 (no session established for client) [junit] 2015-03-06 12:34:51,453 [myid:] - INFO [main:JMXEnv@224] - ensureParent:[InMemoryDataTree, StandaloneServer_port] [junit] 2015-03-06 12:34:51,455 [myid:] - INFO [main:JMXEnv@241] - expect:InMemoryDataTree [junit] 2015-03-06 12:34:51,455 [myid:] - INFO [main:JMXEnv@245] - found:InMemoryDataTree org.apache.ZooKeeperService:name0=StandaloneServer_port11221,name1=InMemoryDataTree [junit] 2015-03-06 12:34:51,455 [myid:] - INFO [main:JMXEnv@241] - expect:StandaloneServer_port [junit] 2015-03-06 12:34:51,455 [myid:] - INFO [main:JMXEnv@245] - found:StandaloneServer_port org.apache.ZooKeeperService:name0=StandaloneServer_port11221 [junit] 2015-03-06 12:34:51,455 [myid:] - INFO [main:JUnit4ZKTestRunner$LoggedInvokeMethod@55] - Memory used 85029 [junit] 2015-03-06 12:34:51,456 [myid:] - INFO [main:JUnit4ZKTestRunner$LoggedInvokeMethod@60] - Number of threads 24 [junit] 2015-03-06 12:34:51,456 [myid:] - INFO [main:JUnit4ZKTestRunner$LoggedInvokeMethod@65] - FINISHED TEST METHOD testQuota [junit] 2015-03-06 12:34:51,456 [myid:] - INFO [main:ClientBase@521] - tearDown starting [junit] 2015-03-06 12:34:51,523 [myid:] - INFO [main:ZooKeeper@968] - Session: 0x1007f0a22ac closed [junit] 2015-03-06 12:34:51,523 [myid:] - INFO [main:ClientBase@491] - STOPPING server [junit] 2015-03-06 12:34:51,523 [myid:] - INFO [main-EventThread:ClientCnxn$EventThread@531] - EventThread shut down [junit] 2015-03-06 12:34:51,523 [myid:] - INFO [ConnnectionExpirer:NIOServerCnxnFactory$ConnectionExpirerThread@583] - ConnnectionExpirerThread interrupted [junit] 2015-03-06 12:34:51,524 [myid:] - INFO [NIOServerCxnFactory.SelectorThread-0:NIOServerCnxnFactory$SelectorThread@420] - selector thread exitted run method [junit] 2015-03-06 12:34:51,524 [myid:] - INFO [NIOServerCxnFactory.SelectorThread-1:NIOServerCnxnFactory$SelectorThread@420] - selector thread exitted run method [junit] 2015-03-06 12:34:51,524 [myid:] - INFO [NIOServerCxnFactory.AcceptThread:0.0.0.0/0.0.0.0:11221:NIOServerCnxnFactory$AcceptThread@219] - accept thread exitted run method [junit] 2015-03-06 12:34:51,525 [myid:] - INFO [main:ZooKeeperServer@440] - shutting down [junit] 2015-03-06 12:34:51,525 [myid:] - INFO [main:SessionTrackerImpl@232] - Shutting down [junit] 2015-03-06 12:34:51,525 [myid:] - INFO [main:PrepRequestProcessor@974] - Shutting down [junit] 2015-03-06 12:34:51,525 [myid:] - INFO [main:SyncRequestProcessor@191] - Shutting down [junit] 2015-03-06 12:34:51,525 [myid:] - INFO [ProcessThread(sid:0 cport:11221)::PrepRequestProcessor@156] - PrepRequestProcessor exited loop! [junit] 2015-03-06 12:34:51,525 [myid:] - INFO [SyncThread:0:SyncRequestProcessor@169] - SyncRequestProcessor exited! [junit] 2015-03-06 12:34:51,526 [myid:] - INFO [main:FinalRequestProcessor@477] - shutdown of request processor complete [junit] 2015-03-06 12:34:51,526 [myid:] - INFO [main:MBeanRegistry@119] - Unregister MBean [org.apache.ZooKeeperService:name0=StandaloneServer_port11221,name1=InMemoryDataTree] [junit] 2015-03-06 12:34:51,527 [myid:] - INFO [main:MBeanRegistry@119] - Unregister MBean [org.apache.ZooKeeperService:name0=StandaloneServer_port11221] [junit] 2015-03-06 12:34:51,527 [myid:] - INFO [main:FourLetterWordMain@43] - connecting to 127.0.0.1 11221 [junit] 2015-03-06 12:34:51,528 [myid:] - INFO [main:JMXEnv@142] - ensureOnly:[] [junit] 2015-03-06 12:34:51,532 [myid:] - INFO [main:ClientBase@546] - fdcount after test is: 46 at start it was 34 [junit] 2015-03-06 12:34:51,532 [myid:] - INFO [main:ClientBase@548] - sleeping for 20 secs [junit] 2015-03-06
ZooKeeper_branch35_jdk7 - Build # 223 - Still Failing
See https://builds.apache.org/job/ZooKeeper_branch35_jdk7/223/ ### ## LAST 60 LINES OF THE CONSOLE ### [...truncated 345223 lines...] [junit] 2015-03-06 15:50:42,323 [myid:] - INFO [main:JMXEnv@142] - ensureOnly:[] [junit] 2015-03-06 15:50:42,325 [myid:] - INFO [main:ClientBase@444] - STARTING server [junit] 2015-03-06 15:50:42,325 [myid:] - INFO [main:ClientBase@365] - CREATING server instance 127.0.0.1:11221 [junit] 2015-03-06 15:50:42,325 [myid:] - INFO [main:NIOServerCnxnFactory@670] - Configuring NIO connection handler with 10s sessionless connection timeout, 2 selector thread(s), 32 worker threads, and 64 kB direct buffers. [junit] 2015-03-06 15:50:42,325 [myid:] - INFO [main:NIOServerCnxnFactory@683] - binding to port 0.0.0.0/0.0.0.0:11221 [junit] 2015-03-06 15:50:42,326 [myid:] - INFO [main:ClientBase@340] - STARTING server instance 127.0.0.1:11221 [junit] 2015-03-06 15:50:42,326 [myid:] - INFO [main:ZooKeeperServer@778] - minSessionTimeout set to 6000 [junit] 2015-03-06 15:50:42,326 [myid:] - INFO [main:ZooKeeperServer@787] - maxSessionTimeout set to 6 [junit] 2015-03-06 15:50:42,326 [myid:] - INFO [main:ZooKeeperServer@153] - Created server with tickTime 3000 minSessionTimeout 6000 maxSessionTimeout 6 datadir /home/jenkins/jenkins-slave/workspace/ZooKeeper_branch35_jdk7/branch-3.5/build/test/tmp/test6274107316917823211.junit.dir/version-2 snapdir /home/jenkins/jenkins-slave/workspace/ZooKeeper_branch35_jdk7/branch-3.5/build/test/tmp/test6274107316917823211.junit.dir/version-2 [junit] 2015-03-06 15:50:42,327 [myid:] - INFO [main:FileSnap@83] - Reading snapshot /home/jenkins/jenkins-slave/workspace/ZooKeeper_branch35_jdk7/branch-3.5/build/test/tmp/test6274107316917823211.junit.dir/version-2/snapshot.b [junit] 2015-03-06 15:50:42,329 [myid:] - INFO [main:FileTxnSnapLog@298] - Snapshotting: 0xb to /home/jenkins/jenkins-slave/workspace/ZooKeeper_branch35_jdk7/branch-3.5/build/test/tmp/test6274107316917823211.junit.dir/version-2/snapshot.b [junit] 2015-03-06 15:50:42,332 [myid:] - INFO [main:FourLetterWordMain@43] - connecting to 127.0.0.1 11221 [junit] 2015-03-06 15:50:42,332 [myid:] - INFO [NIOServerCxnFactory.AcceptThread:0.0.0.0/0.0.0.0:11221:NIOServerCnxnFactory$AcceptThread@296] - Accepted socket connection from /127.0.0.1:49112 [junit] 2015-03-06 15:50:42,333 [myid:] - INFO [NIOWorkerThread-1:NIOServerCnxn@835] - Processing stat command from /127.0.0.1:49112 [junit] 2015-03-06 15:50:42,333 [myid:] - INFO [NIOWorkerThread-1:NIOServerCnxn$StatCommand@684] - Stat command output [junit] 2015-03-06 15:50:42,334 [myid:] - INFO [NIOWorkerThread-1:NIOServerCnxn@1006] - Closed socket connection for client /127.0.0.1:49112 (no session established for client) [junit] 2015-03-06 15:50:42,334 [myid:] - INFO [main:JMXEnv@224] - ensureParent:[InMemoryDataTree, StandaloneServer_port] [junit] 2015-03-06 15:50:42,336 [myid:] - INFO [main:JMXEnv@241] - expect:InMemoryDataTree [junit] 2015-03-06 15:50:42,336 [myid:] - INFO [main:JMXEnv@245] - found:InMemoryDataTree org.apache.ZooKeeperService:name0=StandaloneServer_port11221,name1=InMemoryDataTree [junit] 2015-03-06 15:50:42,336 [myid:] - INFO [main:JMXEnv@241] - expect:StandaloneServer_port [junit] 2015-03-06 15:50:42,337 [myid:] - INFO [main:JMXEnv@245] - found:StandaloneServer_port org.apache.ZooKeeperService:name0=StandaloneServer_port11221 [junit] 2015-03-06 15:50:42,337 [myid:] - INFO [main:JUnit4ZKTestRunner$LoggedInvokeMethod@55] - Memory used 18104 [junit] 2015-03-06 15:50:42,337 [myid:] - INFO [main:JUnit4ZKTestRunner$LoggedInvokeMethod@60] - Number of threads 24 [junit] 2015-03-06 15:50:42,337 [myid:] - INFO [main:JUnit4ZKTestRunner$LoggedInvokeMethod@65] - FINISHED TEST METHOD testQuota [junit] 2015-03-06 15:50:42,338 [myid:] - INFO [main:ClientBase@521] - tearDown starting [junit] 2015-03-06 15:50:42,404 [myid:] - INFO [main:ZooKeeper@968] - Session: 0x103181e0ce8 closed [junit] 2015-03-06 15:50:42,404 [myid:] - INFO [main-EventThread:ClientCnxn$EventThread@531] - EventThread shut down [junit] 2015-03-06 15:50:42,404 [myid:] - INFO [main:ClientBase@491] - STOPPING server [junit] 2015-03-06 15:50:42,405 [myid:] - INFO [ConnnectionExpirer:NIOServerCnxnFactory$ConnectionExpirerThread@583] - ConnnectionExpirerThread interrupted [junit] 2015-03-06 15:50:42,405 [myid:] - INFO [NIOServerCxnFactory.SelectorThread-0:NIOServerCnxnFactory$SelectorThread@420] - selector thread exitted run method [junit] 2015-03-06 15:50:42,405 [myid:] - INFO [NIOServerCxnFactory.SelectorThread-1:NIOServerCnxnFactory$SelectorThread@420] - selector thread exitted run method [junit] 2015-03-06 15:50:42,405 [myid:] - INFO
ZooKeeper-trunk-solaris - Build # 961 - Still Failing
See https://builds.apache.org/job/ZooKeeper-trunk-solaris/961/ ### ## LAST 60 LINES OF THE CONSOLE ### Started by timer Building remotely on solaris1 (Solaris) in workspace /export/home/hudson/hudson-slave/workspace/ZooKeeper-trunk-solaris Updating http://svn.apache.org/repos/asf/zookeeper/trunk at revision '2015-03-06T11:11:54.287 +' At revision 1664585 Updating http://svn.apache.org/repos/asf/hadoop/nightly at revision '2015-03-06T11:11:54.287 +' At revision 1664585 no change for http://svn.apache.org/repos/asf/zookeeper/trunk since the previous build no change for http://svn.apache.org/repos/asf/hadoop/nightly since the previous build No emails were triggered. [locks-and-latches] Checking to see if we really have the locks [locks-and-latches] Have all the locks, build can start [ZooKeeper-trunk-solaris] $ /bin/bash /var/tmp/hudson6936426442336801490.sh [trunk] $ /export/home/hudson/hudson-slave/tools/hudson.tasks.Ant_AntInstallation/ant-1.8.2/bin/ant -DBUILD_ARGS=-Dfindbugs.home=${FINDBUGS_HOME} -Dforrest.home=${FORREST_HOME} -Djava5.home=${JAVA5_HOME} -DBUILD_TARGETS=hudson-test-trunk -DANALYSIS_TARGETS=test -DBUILD_FLAGS=-Dtest.junit.output.format=xml -Dtest.output=yes -Dtest.output=yes -Dtest.junit.output.format=xml clean test-core-java Error: JAVA_HOME is not defined correctly. We cannot execute /home/jenkins/tools/java/latest1.7/bin/java Build step 'Invoke Ant' marked build as failure [locks-and-latches] Releasing all the locks [locks-and-latches] All the locks released Recording test results Email was triggered for: Failure Sending email for trigger: Failure ### ## FAILED TESTS (if any) ## No tests ran.
Re: Review Request 31277: ZOOKEEPER-2125: SSL on Netty client-server communication
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31277/#review75525 --- src/java/main/org/apache/zookeeper/ClientCnxnSocketNetty.java https://reviews.apache.org/r/31277/#comment122666 please move sslEngine,sslContext inside the method initSSL(pipeline) as local variables? src/java/main/org/apache/zookeeper/ClientCnxnSocketNetty.java https://reviews.apache.org/r/31277/#comment122662 do we need synchronization here? src/java/main/org/apache/zookeeper/ClientCnxnSocketNetty.java https://reviews.apache.org/r/31277/#comment122667 I could see new ZKClientPipelineFactory() is always created and not required to do null checks here, isn't it? src/java/main/org/apache/zookeeper/ClientCnxnSocketNetty.java https://reviews.apache.org/r/31277/#comment122657 this log wouldn't help much, probably you can try include info like pipeline.getChannel() details. Or can make this DEBUG level priority. src/java/main/org/apache/zookeeper/common/X509Error.java https://reviews.apache.org/r/31277/#comment122659 I prefer to use X509Exception instead of X509Error, can you rename this to X509Exception? src/java/main/org/apache/zookeeper/server/NettyServerCnxnFactory.java https://reviews.apache.org/r/31277/#comment122665 same as above, do we need synchronization here? src/java/main/org/apache/zookeeper/server/NettyServerCnxnFactory.java https://reviews.apache.org/r/31277/#comment122664 this log wouldn't help much, probably you can try include info like pipeline.getChannel() details. Or can make this DEBUG level priority. src/java/main/org/apache/zookeeper/server/ZooKeeperServer.java https://reviews.apache.org/r/31277/#comment122714 FinalRequestProcessor also has the logic of #closeSession(). I couldn't see the closure of session from secureCnxnFactory in FinalRequestProcessor. Please add the same logic of #closeSession() in FinalRequestProcessor as well. Refer: FinalRequestProcessor#processRequest() if (request.type == OpCode.closeSession) { - Rakesh R On March 6, 2015, 12:17 a.m., Hongchao Deng wrote: --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31277/ --- (Updated March 6, 2015, 12:17 a.m.) Review request for zookeeper. Repository: zookeeper-git Description --- ZOOKEEPER-2125: SSL on Netty client-server communication Diffs - src/docs/src/documentation/content/xdocs/zookeeperAdmin.xml 202051f1f7f517b1e1a3c561c0008449ab3c48a6 src/java/main/org/apache/zookeeper/ClientCnxnSocketNetty.java PRE-CREATION src/java/main/org/apache/zookeeper/ZooKeeper.java dd13cc9ba5096312b06999a03ae0057cd3677623 src/java/main/org/apache/zookeeper/common/X509Error.java PRE-CREATION src/java/main/org/apache/zookeeper/common/X509Util.java PRE-CREATION src/java/main/org/apache/zookeeper/server/NIOServerCnxnFactory.java acabb33f6c7a000706763ccba94cbaf5aaaca08e src/java/main/org/apache/zookeeper/server/NettyServerCnxnFactory.java 41268805fe16244aeea4db3f35f13a6987b30187 src/java/main/org/apache/zookeeper/server/ServerCnxnFactory.java 14037722c569d560acef56de0b5a7ae13464128c src/java/main/org/apache/zookeeper/server/ServerConfig.java f2b8463e871739319bdf40be1f014d5ad0af5602 src/java/main/org/apache/zookeeper/server/ZooKeeperServer.java 30a0ed390bb7473ddb36757da97bc7d5f4281887 src/java/main/org/apache/zookeeper/server/ZooKeeperServerBean.java 0eb5c7f979199f2f7dcb9e5cfa011a9b20113713 src/java/main/org/apache/zookeeper/server/ZooKeeperServerMain.java b756d349abeb1fc69534100c3633db4c1c18e031 src/java/main/org/apache/zookeeper/server/quorum/Leader.java 20589045752a7ba4ae9c9090055a4fcbe86a8eda src/java/main/org/apache/zookeeper/server/quorum/Learner.java 4dd1e947357080f3e055f3e7e2a78c979daa6ea7 src/java/main/org/apache/zookeeper/server/quorum/QuorumPeer.java 388ceeb45bd18c7cb8f0766a96ebd4a54a9e76de src/java/main/org/apache/zookeeper/server/quorum/QuorumPeerConfig.java badc8df1f05dea4be337bc8312d7ac22f6c77dc3 src/java/main/org/apache/zookeeper/server/quorum/QuorumPeerMain.java d17c58d59e0131a78adde1becb5c23ce8c7a16a7 src/java/main/org/apache/zookeeper/server/quorum/ReadOnlyZooKeeperServer.java 2aab6d09f9bd980ed76f886fb8168aae2ac8f99f src/java/test/data/ssl/README.md PRE-CREATION src/java/test/data/ssl/testKeyStore.jks PRE-CREATION src/java/test/data/ssl/testTrustStore.jks PRE-CREATION src/java/test/org/apache/zookeeper/server/quorum/QuorumPeerTestBase.java 6ab19b1eb137c8b13b8ad031d474e213267da1ea src/java/test/org/apache/zookeeper/server/quorum/Zab1_0Test.java
Re: Review Request 31277: ZOOKEEPER-2125: SSL on Netty client-server communication
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31277/#review75542 --- src/docs/src/documentation/content/xdocs/zookeeperAdmin.xml https://reviews.apache.org/r/31277/#comment122717 Netty usage is pluggable. SSL feature will be enabled when user user plugged-in zookeeper.serverCnxnFactory, zookeeper.clientCnxnSocket as Netty. isn't it? Its good to capture in the document, whats your opinion? - Rakesh R On March 6, 2015, 12:17 a.m., Hongchao Deng wrote: --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31277/ --- (Updated March 6, 2015, 12:17 a.m.) Review request for zookeeper. Repository: zookeeper-git Description --- ZOOKEEPER-2125: SSL on Netty client-server communication Diffs - src/docs/src/documentation/content/xdocs/zookeeperAdmin.xml 202051f1f7f517b1e1a3c561c0008449ab3c48a6 src/java/main/org/apache/zookeeper/ClientCnxnSocketNetty.java PRE-CREATION src/java/main/org/apache/zookeeper/ZooKeeper.java dd13cc9ba5096312b06999a03ae0057cd3677623 src/java/main/org/apache/zookeeper/common/X509Error.java PRE-CREATION src/java/main/org/apache/zookeeper/common/X509Util.java PRE-CREATION src/java/main/org/apache/zookeeper/server/NIOServerCnxnFactory.java acabb33f6c7a000706763ccba94cbaf5aaaca08e src/java/main/org/apache/zookeeper/server/NettyServerCnxnFactory.java 41268805fe16244aeea4db3f35f13a6987b30187 src/java/main/org/apache/zookeeper/server/ServerCnxnFactory.java 14037722c569d560acef56de0b5a7ae13464128c src/java/main/org/apache/zookeeper/server/ServerConfig.java f2b8463e871739319bdf40be1f014d5ad0af5602 src/java/main/org/apache/zookeeper/server/ZooKeeperServer.java 30a0ed390bb7473ddb36757da97bc7d5f4281887 src/java/main/org/apache/zookeeper/server/ZooKeeperServerBean.java 0eb5c7f979199f2f7dcb9e5cfa011a9b20113713 src/java/main/org/apache/zookeeper/server/ZooKeeperServerMain.java b756d349abeb1fc69534100c3633db4c1c18e031 src/java/main/org/apache/zookeeper/server/quorum/Leader.java 20589045752a7ba4ae9c9090055a4fcbe86a8eda src/java/main/org/apache/zookeeper/server/quorum/Learner.java 4dd1e947357080f3e055f3e7e2a78c979daa6ea7 src/java/main/org/apache/zookeeper/server/quorum/QuorumPeer.java 388ceeb45bd18c7cb8f0766a96ebd4a54a9e76de src/java/main/org/apache/zookeeper/server/quorum/QuorumPeerConfig.java badc8df1f05dea4be337bc8312d7ac22f6c77dc3 src/java/main/org/apache/zookeeper/server/quorum/QuorumPeerMain.java d17c58d59e0131a78adde1becb5c23ce8c7a16a7 src/java/main/org/apache/zookeeper/server/quorum/ReadOnlyZooKeeperServer.java 2aab6d09f9bd980ed76f886fb8168aae2ac8f99f src/java/test/data/ssl/README.md PRE-CREATION src/java/test/data/ssl/testKeyStore.jks PRE-CREATION src/java/test/data/ssl/testTrustStore.jks PRE-CREATION src/java/test/org/apache/zookeeper/server/quorum/QuorumPeerTestBase.java 6ab19b1eb137c8b13b8ad031d474e213267da1ea src/java/test/org/apache/zookeeper/server/quorum/Zab1_0Test.java 6ce058e48d17410d89d8348ee659dd7752bfd578 src/java/test/org/apache/zookeeper/test/ReconfigTest.java 8b238ee7463508122010208ebc3e786caa2cf1b1 src/java/test/org/apache/zookeeper/test/SSLTest.java PRE-CREATION Diff: https://reviews.apache.org/r/31277/diff/ Testing --- Thanks, Hongchao Deng
Re: Review Request 31277: ZOOKEEPER-2125: SSL on Netty client-server communication
On March 6, 2015, 8:39 p.m., Rakesh R wrote: src/java/main/org/apache/zookeeper/common/X509Error.java, line 21 https://reviews.apache.org/r/31277/diff/11/?file=886450#file886450line21 I prefer to use X509Exception instead of X509Error, can you rename this to X509Exception? Hongchao Deng wrote: Sure Hongchao Deng wrote: Hi Rakesh, findbugs complains that X509Exception didn't extend Exception. I think changing back to X509Error will work. Any opinions? Can we do like, @SuppressWarnings(serial) public class X509Exception extends Exception { public X509Exception(String message) { super(message); } public X509Exception(Throwable cause) { super(cause); } public X509Exception(String message, Throwable cause) { super(message, cause); } public static class KeyManagerException extends X509Exception { // ... add necessary calls } public static class TrustManagerException extends X509Exception { // ... add necessary calls } public static class SSLContextException extends X509Exception { // ... add necessary calls } - Rakesh --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31277/#review75525 --- On March 7, 2015, 1:04 a.m., Hongchao Deng wrote: --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31277/ --- (Updated March 7, 2015, 1:04 a.m.) Review request for zookeeper. Repository: zookeeper-git Description --- ZOOKEEPER-2125: SSL on Netty client-server communication Diffs - src/docs/src/documentation/content/xdocs/zookeeperAdmin.xml 202051f1f7f517b1e1a3c561c0008449ab3c48a6 src/java/main/org/apache/zookeeper/ClientCnxnSocketNetty.java PRE-CREATION src/java/main/org/apache/zookeeper/ZooKeeper.java dd13cc9ba5096312b06999a03ae0057cd3677623 src/java/main/org/apache/zookeeper/common/X509Exception.java PRE-CREATION src/java/main/org/apache/zookeeper/common/X509Util.java PRE-CREATION src/java/main/org/apache/zookeeper/server/FinalRequestProcessor.java a97be4a5452006fbd85d355c0dcb16276cbf1c59 src/java/main/org/apache/zookeeper/server/NIOServerCnxnFactory.java acabb33f6c7a000706763ccba94cbaf5aaaca08e src/java/main/org/apache/zookeeper/server/NettyServerCnxnFactory.java 41268805fe16244aeea4db3f35f13a6987b30187 src/java/main/org/apache/zookeeper/server/ServerCnxnFactory.java 14037722c569d560acef56de0b5a7ae13464128c src/java/main/org/apache/zookeeper/server/ServerConfig.java f2b8463e871739319bdf40be1f014d5ad0af5602 src/java/main/org/apache/zookeeper/server/ZooKeeperServer.java 30a0ed390bb7473ddb36757da97bc7d5f4281887 src/java/main/org/apache/zookeeper/server/ZooKeeperServerBean.java 0eb5c7f979199f2f7dcb9e5cfa011a9b20113713 src/java/main/org/apache/zookeeper/server/ZooKeeperServerMain.java b756d349abeb1fc69534100c3633db4c1c18e031 src/java/main/org/apache/zookeeper/server/quorum/Leader.java 20589045752a7ba4ae9c9090055a4fcbe86a8eda src/java/main/org/apache/zookeeper/server/quorum/Learner.java 4dd1e947357080f3e055f3e7e2a78c979daa6ea7 src/java/main/org/apache/zookeeper/server/quorum/QuorumPeer.java 388ceeb45bd18c7cb8f0766a96ebd4a54a9e76de src/java/main/org/apache/zookeeper/server/quorum/QuorumPeerConfig.java badc8df1f05dea4be337bc8312d7ac22f6c77dc3 src/java/main/org/apache/zookeeper/server/quorum/QuorumPeerMain.java d17c58d59e0131a78adde1becb5c23ce8c7a16a7 src/java/main/org/apache/zookeeper/server/quorum/ReadOnlyZooKeeperServer.java 2aab6d09f9bd980ed76f886fb8168aae2ac8f99f src/java/test/org/apache/zookeeper/server/quorum/QuorumPeerTestBase.java 6ab19b1eb137c8b13b8ad031d474e213267da1ea src/java/test/org/apache/zookeeper/server/quorum/Zab1_0Test.java 6ce058e48d17410d89d8348ee659dd7752bfd578 src/java/test/org/apache/zookeeper/test/ReconfigTest.java 8b238ee7463508122010208ebc3e786caa2cf1b1 src/java/test/org/apache/zookeeper/test/SSLTest.java PRE-CREATION Diff: https://reviews.apache.org/r/31277/diff/ Testing --- Thanks, Hongchao Deng
Re: Review Request 31277: ZOOKEEPER-2125: SSL on Netty client-server communication
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31277/#review75616 --- src/java/main/org/apache/zookeeper/server/FinalRequestProcessor.java https://reviews.apache.org/r/31277/#comment122819 Can we extract this to a method to avoid duplication - Rakesh R On March 7, 2015, 1:04 a.m., Hongchao Deng wrote: --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31277/ --- (Updated March 7, 2015, 1:04 a.m.) Review request for zookeeper. Repository: zookeeper-git Description --- ZOOKEEPER-2125: SSL on Netty client-server communication Diffs - src/docs/src/documentation/content/xdocs/zookeeperAdmin.xml 202051f1f7f517b1e1a3c561c0008449ab3c48a6 src/java/main/org/apache/zookeeper/ClientCnxnSocketNetty.java PRE-CREATION src/java/main/org/apache/zookeeper/ZooKeeper.java dd13cc9ba5096312b06999a03ae0057cd3677623 src/java/main/org/apache/zookeeper/common/X509Exception.java PRE-CREATION src/java/main/org/apache/zookeeper/common/X509Util.java PRE-CREATION src/java/main/org/apache/zookeeper/server/FinalRequestProcessor.java a97be4a5452006fbd85d355c0dcb16276cbf1c59 src/java/main/org/apache/zookeeper/server/NIOServerCnxnFactory.java acabb33f6c7a000706763ccba94cbaf5aaaca08e src/java/main/org/apache/zookeeper/server/NettyServerCnxnFactory.java 41268805fe16244aeea4db3f35f13a6987b30187 src/java/main/org/apache/zookeeper/server/ServerCnxnFactory.java 14037722c569d560acef56de0b5a7ae13464128c src/java/main/org/apache/zookeeper/server/ServerConfig.java f2b8463e871739319bdf40be1f014d5ad0af5602 src/java/main/org/apache/zookeeper/server/ZooKeeperServer.java 30a0ed390bb7473ddb36757da97bc7d5f4281887 src/java/main/org/apache/zookeeper/server/ZooKeeperServerBean.java 0eb5c7f979199f2f7dcb9e5cfa011a9b20113713 src/java/main/org/apache/zookeeper/server/ZooKeeperServerMain.java b756d349abeb1fc69534100c3633db4c1c18e031 src/java/main/org/apache/zookeeper/server/quorum/Leader.java 20589045752a7ba4ae9c9090055a4fcbe86a8eda src/java/main/org/apache/zookeeper/server/quorum/Learner.java 4dd1e947357080f3e055f3e7e2a78c979daa6ea7 src/java/main/org/apache/zookeeper/server/quorum/QuorumPeer.java 388ceeb45bd18c7cb8f0766a96ebd4a54a9e76de src/java/main/org/apache/zookeeper/server/quorum/QuorumPeerConfig.java badc8df1f05dea4be337bc8312d7ac22f6c77dc3 src/java/main/org/apache/zookeeper/server/quorum/QuorumPeerMain.java d17c58d59e0131a78adde1becb5c23ce8c7a16a7 src/java/main/org/apache/zookeeper/server/quorum/ReadOnlyZooKeeperServer.java 2aab6d09f9bd980ed76f886fb8168aae2ac8f99f src/java/test/org/apache/zookeeper/server/quorum/QuorumPeerTestBase.java 6ab19b1eb137c8b13b8ad031d474e213267da1ea src/java/test/org/apache/zookeeper/server/quorum/Zab1_0Test.java 6ce058e48d17410d89d8348ee659dd7752bfd578 src/java/test/org/apache/zookeeper/test/ReconfigTest.java 8b238ee7463508122010208ebc3e786caa2cf1b1 src/java/test/org/apache/zookeeper/test/SSLTest.java PRE-CREATION Diff: https://reviews.apache.org/r/31277/diff/ Testing --- Thanks, Hongchao Deng
Re: Review Request 31277: ZOOKEEPER-2125: SSL on Netty client-server communication
On March 7, 2015, 5:24 a.m., Rakesh R wrote: src/java/main/org/apache/zookeeper/server/FinalRequestProcessor.java, line 493 https://reviews.apache.org/r/31277/diff/14/?file=888101#file888101line493 Can we extract this to a method to avoid duplication adding few more to the above comment, : both cf anf scf logic looks same, so we can extract to a closeSession method and pass cf argument. on return will check success then return else do scf. - Rakesh --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31277/#review75616 --- On March 7, 2015, 1:04 a.m., Hongchao Deng wrote: --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31277/ --- (Updated March 7, 2015, 1:04 a.m.) Review request for zookeeper. Repository: zookeeper-git Description --- ZOOKEEPER-2125: SSL on Netty client-server communication Diffs - src/docs/src/documentation/content/xdocs/zookeeperAdmin.xml 202051f1f7f517b1e1a3c561c0008449ab3c48a6 src/java/main/org/apache/zookeeper/ClientCnxnSocketNetty.java PRE-CREATION src/java/main/org/apache/zookeeper/ZooKeeper.java dd13cc9ba5096312b06999a03ae0057cd3677623 src/java/main/org/apache/zookeeper/common/X509Exception.java PRE-CREATION src/java/main/org/apache/zookeeper/common/X509Util.java PRE-CREATION src/java/main/org/apache/zookeeper/server/FinalRequestProcessor.java a97be4a5452006fbd85d355c0dcb16276cbf1c59 src/java/main/org/apache/zookeeper/server/NIOServerCnxnFactory.java acabb33f6c7a000706763ccba94cbaf5aaaca08e src/java/main/org/apache/zookeeper/server/NettyServerCnxnFactory.java 41268805fe16244aeea4db3f35f13a6987b30187 src/java/main/org/apache/zookeeper/server/ServerCnxnFactory.java 14037722c569d560acef56de0b5a7ae13464128c src/java/main/org/apache/zookeeper/server/ServerConfig.java f2b8463e871739319bdf40be1f014d5ad0af5602 src/java/main/org/apache/zookeeper/server/ZooKeeperServer.java 30a0ed390bb7473ddb36757da97bc7d5f4281887 src/java/main/org/apache/zookeeper/server/ZooKeeperServerBean.java 0eb5c7f979199f2f7dcb9e5cfa011a9b20113713 src/java/main/org/apache/zookeeper/server/ZooKeeperServerMain.java b756d349abeb1fc69534100c3633db4c1c18e031 src/java/main/org/apache/zookeeper/server/quorum/Leader.java 20589045752a7ba4ae9c9090055a4fcbe86a8eda src/java/main/org/apache/zookeeper/server/quorum/Learner.java 4dd1e947357080f3e055f3e7e2a78c979daa6ea7 src/java/main/org/apache/zookeeper/server/quorum/QuorumPeer.java 388ceeb45bd18c7cb8f0766a96ebd4a54a9e76de src/java/main/org/apache/zookeeper/server/quorum/QuorumPeerConfig.java badc8df1f05dea4be337bc8312d7ac22f6c77dc3 src/java/main/org/apache/zookeeper/server/quorum/QuorumPeerMain.java d17c58d59e0131a78adde1becb5c23ce8c7a16a7 src/java/main/org/apache/zookeeper/server/quorum/ReadOnlyZooKeeperServer.java 2aab6d09f9bd980ed76f886fb8168aae2ac8f99f src/java/test/org/apache/zookeeper/server/quorum/QuorumPeerTestBase.java 6ab19b1eb137c8b13b8ad031d474e213267da1ea src/java/test/org/apache/zookeeper/server/quorum/Zab1_0Test.java 6ce058e48d17410d89d8348ee659dd7752bfd578 src/java/test/org/apache/zookeeper/test/ReconfigTest.java 8b238ee7463508122010208ebc3e786caa2cf1b1 src/java/test/org/apache/zookeeper/test/SSLTest.java PRE-CREATION Diff: https://reviews.apache.org/r/31277/diff/ Testing --- Thanks, Hongchao Deng