Re: Review Request 31277: ZOOKEEPER-2125: SSL on Netty client-server communication
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31277/ --- (Updated March 7, 2015, 1:04 a.m.) Review request for zookeeper. Repository: zookeeper-git Description --- ZOOKEEPER-2125: SSL on Netty client-server communication Diffs (updated) - src/docs/src/documentation/content/xdocs/zookeeperAdmin.xml 202051f1f7f517b1e1a3c561c0008449ab3c48a6 src/java/main/org/apache/zookeeper/ClientCnxnSocketNetty.java PRE-CREATION src/java/main/org/apache/zookeeper/ZooKeeper.java dd13cc9ba5096312b06999a03ae0057cd3677623 src/java/main/org/apache/zookeeper/common/X509Exception.java PRE-CREATION src/java/main/org/apache/zookeeper/common/X509Util.java PRE-CREATION src/java/main/org/apache/zookeeper/server/FinalRequestProcessor.java a97be4a5452006fbd85d355c0dcb16276cbf1c59 src/java/main/org/apache/zookeeper/server/NIOServerCnxnFactory.java acabb33f6c7a000706763ccba94cbaf5aaaca08e src/java/main/org/apache/zookeeper/server/NettyServerCnxnFactory.java 41268805fe16244aeea4db3f35f13a6987b30187 src/java/main/org/apache/zookeeper/server/ServerCnxnFactory.java 14037722c569d560acef56de0b5a7ae13464128c src/java/main/org/apache/zookeeper/server/ServerConfig.java f2b8463e871739319bdf40be1f014d5ad0af5602 src/java/main/org/apache/zookeeper/server/ZooKeeperServer.java 30a0ed390bb7473ddb36757da97bc7d5f4281887 src/java/main/org/apache/zookeeper/server/ZooKeeperServerBean.java 0eb5c7f979199f2f7dcb9e5cfa011a9b20113713 src/java/main/org/apache/zookeeper/server/ZooKeeperServerMain.java b756d349abeb1fc69534100c3633db4c1c18e031 src/java/main/org/apache/zookeeper/server/quorum/Leader.java 20589045752a7ba4ae9c9090055a4fcbe86a8eda src/java/main/org/apache/zookeeper/server/quorum/Learner.java 4dd1e947357080f3e055f3e7e2a78c979daa6ea7 src/java/main/org/apache/zookeeper/server/quorum/QuorumPeer.java 388ceeb45bd18c7cb8f0766a96ebd4a54a9e76de src/java/main/org/apache/zookeeper/server/quorum/QuorumPeerConfig.java badc8df1f05dea4be337bc8312d7ac22f6c77dc3 src/java/main/org/apache/zookeeper/server/quorum/QuorumPeerMain.java d17c58d59e0131a78adde1becb5c23ce8c7a16a7 src/java/main/org/apache/zookeeper/server/quorum/ReadOnlyZooKeeperServer.java 2aab6d09f9bd980ed76f886fb8168aae2ac8f99f src/java/test/org/apache/zookeeper/server/quorum/QuorumPeerTestBase.java 6ab19b1eb137c8b13b8ad031d474e213267da1ea src/java/test/org/apache/zookeeper/server/quorum/Zab1_0Test.java 6ce058e48d17410d89d8348ee659dd7752bfd578 src/java/test/org/apache/zookeeper/test/ReconfigTest.java 8b238ee7463508122010208ebc3e786caa2cf1b1 src/java/test/org/apache/zookeeper/test/SSLTest.java PRE-CREATION Diff: https://reviews.apache.org/r/31277/diff/ Testing --- Thanks, Hongchao Deng
Re: Review Request 31277: ZOOKEEPER-2125: SSL on Netty client-server communication
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31277/ --- (Updated March 6, 2015, 10:48 p.m.) Review request for zookeeper. Repository: zookeeper-git Description --- ZOOKEEPER-2125: SSL on Netty client-server communication Diffs (updated) - src/docs/src/documentation/content/xdocs/zookeeperAdmin.xml 202051f1f7f517b1e1a3c561c0008449ab3c48a6 src/java/main/org/apache/zookeeper/ClientCnxnSocketNetty.java PRE-CREATION src/java/main/org/apache/zookeeper/ZooKeeper.java dd13cc9ba5096312b06999a03ae0057cd3677623 src/java/main/org/apache/zookeeper/common/X509Exception.java PRE-CREATION src/java/main/org/apache/zookeeper/common/X509Util.java PRE-CREATION src/java/main/org/apache/zookeeper/server/FinalRequestProcessor.java a97be4a5452006fbd85d355c0dcb16276cbf1c59 src/java/main/org/apache/zookeeper/server/NIOServerCnxnFactory.java acabb33f6c7a000706763ccba94cbaf5aaaca08e src/java/main/org/apache/zookeeper/server/NettyServerCnxnFactory.java 41268805fe16244aeea4db3f35f13a6987b30187 src/java/main/org/apache/zookeeper/server/ServerCnxnFactory.java 14037722c569d560acef56de0b5a7ae13464128c src/java/main/org/apache/zookeeper/server/ServerConfig.java f2b8463e871739319bdf40be1f014d5ad0af5602 src/java/main/org/apache/zookeeper/server/ZooKeeperServer.java 30a0ed390bb7473ddb36757da97bc7d5f4281887 src/java/main/org/apache/zookeeper/server/ZooKeeperServerBean.java 0eb5c7f979199f2f7dcb9e5cfa011a9b20113713 src/java/main/org/apache/zookeeper/server/ZooKeeperServerMain.java b756d349abeb1fc69534100c3633db4c1c18e031 src/java/main/org/apache/zookeeper/server/quorum/Leader.java 20589045752a7ba4ae9c9090055a4fcbe86a8eda src/java/main/org/apache/zookeeper/server/quorum/Learner.java 4dd1e947357080f3e055f3e7e2a78c979daa6ea7 src/java/main/org/apache/zookeeper/server/quorum/QuorumPeer.java 388ceeb45bd18c7cb8f0766a96ebd4a54a9e76de src/java/main/org/apache/zookeeper/server/quorum/QuorumPeerConfig.java badc8df1f05dea4be337bc8312d7ac22f6c77dc3 src/java/main/org/apache/zookeeper/server/quorum/QuorumPeerMain.java d17c58d59e0131a78adde1becb5c23ce8c7a16a7 src/java/main/org/apache/zookeeper/server/quorum/ReadOnlyZooKeeperServer.java 2aab6d09f9bd980ed76f886fb8168aae2ac8f99f src/java/test/org/apache/zookeeper/server/quorum/QuorumPeerTestBase.java 6ab19b1eb137c8b13b8ad031d474e213267da1ea src/java/test/org/apache/zookeeper/server/quorum/Zab1_0Test.java 6ce058e48d17410d89d8348ee659dd7752bfd578 src/java/test/org/apache/zookeeper/test/ReconfigTest.java 8b238ee7463508122010208ebc3e786caa2cf1b1 src/java/test/org/apache/zookeeper/test/SSLTest.java PRE-CREATION Diff: https://reviews.apache.org/r/31277/diff/ Testing --- Thanks, Hongchao Deng
[jira] [Updated] (ZOOKEEPER-2125) SSL on Netty client-server communication
[
https://issues.apache.org/jira/browse/ZOOKEEPER-2125?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Hongchao Deng updated ZOOKEEPER-2125:
-
Attachment: ZOOKEEPER-2125.patch
SSL on Netty client-server communication
Key: ZOOKEEPER-2125
URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2125
Project: ZooKeeper
Issue Type: Sub-task
Reporter: Hongchao Deng
Assignee: Hongchao Deng
Fix For: 3.5.1
Attachments: ZOOKEEPER-2125.patch, ZOOKEEPER-2125.patch,
ZOOKEEPER-2125.patch, ZOOKEEPER-2125.patch, ZOOKEEPER-2125.patch,
ZOOKEEPER-2125.patch, ZOOKEEPER-2125.patch, ZOOKEEPER-2125.patch
Supporting SSL on Netty client-server communication.
1. It supports keystore and trustore usage.
2. It adds an additional ZK server port which supports SSL. This would be
useful for rolling upgrade.
RB: https://reviews.apache.org/r/31277/
h2. How to use it
You need to set some parameters on both ZK server and client.
h3. Server
You need to specify a listening SSL port in zoo.cfg:
{code}
secureClientPort=2281
{code}
Just like what you did with clientPort. And then set some jvm flags:
{code}
export
SERVER_JVMFLAGS=-Dzookeeper.serverCnxnFactory=org.apache.zookeeper.server.NettyServerCnxnFactory
-Dzookeeper.ssl.keyStore.location=/root/zookeeper/ssl/testKeyStore.jks
-Dzookeeper.ssl.keyStore.password=testpass
-Dzookeeper.ssl.trustStore.location=/root/zookeeper/ssl/testTrustStore.jks
-Dzookeeper.ssl.trustStore.password=testpass
{code}
Please change keystore and truststore parameters accordingly.
h3. Client
You need to set jvm flags:
{code}
export
CLIENT_JVMFLAGS=-Dzookeeper.clientCnxnSocket=org.apache.zookeeper.ClientCnxnSocketNetty
-Dzookeeper.client.secure=true
-Dzookeeper.ssl.keyStore.location=/root/zookeeper/ssl/testKeyStore.jks
-Dzookeeper.ssl.keyStore.password=testpass
-Dzookeeper.ssl.trustStore.location=/root/zookeeper/ssl/testTrustStore.jks
-Dzookeeper.ssl.trustStore.password=testpass
{code}
change keystore and truststore parameters accordingly.
And then connect to the server's SSL port, in this case:
{code}
bin/zkCli.sh -server 127.0.0.1:2281
{code}
If you have any feedback, you are more than welcome to discuss it here!
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
Re: Review Request 31277: ZOOKEEPER-2125: SSL on Netty client-server communication
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31277/ --- (Updated March 6, 2015, 10:41 p.m.) Review request for zookeeper. Repository: zookeeper-git Description --- ZOOKEEPER-2125: SSL on Netty client-server communication Diffs (updated) - src/docs/src/documentation/content/xdocs/zookeeperAdmin.xml 202051f1f7f517b1e1a3c561c0008449ab3c48a6 src/java/main/org/apache/zookeeper/ClientCnxnSocketNetty.java PRE-CREATION src/java/main/org/apache/zookeeper/ZooKeeper.java dd13cc9ba5096312b06999a03ae0057cd3677623 src/java/main/org/apache/zookeeper/common/X509Exception.java PRE-CREATION src/java/main/org/apache/zookeeper/common/X509Util.java PRE-CREATION src/java/main/org/apache/zookeeper/server/FinalRequestProcessor.java a97be4a5452006fbd85d355c0dcb16276cbf1c59 src/java/main/org/apache/zookeeper/server/NIOServerCnxnFactory.java acabb33f6c7a000706763ccba94cbaf5aaaca08e src/java/main/org/apache/zookeeper/server/NettyServerCnxnFactory.java 41268805fe16244aeea4db3f35f13a6987b30187 src/java/main/org/apache/zookeeper/server/ServerCnxnFactory.java 14037722c569d560acef56de0b5a7ae13464128c src/java/main/org/apache/zookeeper/server/ServerConfig.java f2b8463e871739319bdf40be1f014d5ad0af5602 src/java/main/org/apache/zookeeper/server/ZooKeeperServer.java 30a0ed390bb7473ddb36757da97bc7d5f4281887 src/java/main/org/apache/zookeeper/server/ZooKeeperServerBean.java 0eb5c7f979199f2f7dcb9e5cfa011a9b20113713 src/java/main/org/apache/zookeeper/server/ZooKeeperServerMain.java b756d349abeb1fc69534100c3633db4c1c18e031 src/java/main/org/apache/zookeeper/server/quorum/Leader.java 20589045752a7ba4ae9c9090055a4fcbe86a8eda src/java/main/org/apache/zookeeper/server/quorum/Learner.java 4dd1e947357080f3e055f3e7e2a78c979daa6ea7 src/java/main/org/apache/zookeeper/server/quorum/QuorumPeer.java 388ceeb45bd18c7cb8f0766a96ebd4a54a9e76de src/java/main/org/apache/zookeeper/server/quorum/QuorumPeerConfig.java badc8df1f05dea4be337bc8312d7ac22f6c77dc3 src/java/main/org/apache/zookeeper/server/quorum/QuorumPeerMain.java d17c58d59e0131a78adde1becb5c23ce8c7a16a7 src/java/main/org/apache/zookeeper/server/quorum/ReadOnlyZooKeeperServer.java 2aab6d09f9bd980ed76f886fb8168aae2ac8f99f src/java/test/data/ssl/README.md PRE-CREATION src/java/test/data/ssl/testKeyStore.jks PRE-CREATION src/java/test/data/ssl/testTrustStore.jks PRE-CREATION src/java/test/org/apache/zookeeper/server/quorum/QuorumPeerTestBase.java 6ab19b1eb137c8b13b8ad031d474e213267da1ea src/java/test/org/apache/zookeeper/server/quorum/Zab1_0Test.java 6ce058e48d17410d89d8348ee659dd7752bfd578 src/java/test/org/apache/zookeeper/test/ReconfigTest.java 8b238ee7463508122010208ebc3e786caa2cf1b1 src/java/test/org/apache/zookeeper/test/SSLTest.java PRE-CREATION Diff: https://reviews.apache.org/r/31277/diff/ Testing --- Thanks, Hongchao Deng
[jira] [Updated] (ZOOKEEPER-2125) SSL on Netty client-server communication
[
https://issues.apache.org/jira/browse/ZOOKEEPER-2125?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Hongchao Deng updated ZOOKEEPER-2125:
-
Attachment: ZOOKEEPER-2125.patch
SSL on Netty client-server communication
Key: ZOOKEEPER-2125
URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2125
Project: ZooKeeper
Issue Type: Sub-task
Reporter: Hongchao Deng
Assignee: Hongchao Deng
Fix For: 3.5.1
Attachments: ZOOKEEPER-2125.patch, ZOOKEEPER-2125.patch,
ZOOKEEPER-2125.patch, ZOOKEEPER-2125.patch, ZOOKEEPER-2125.patch,
ZOOKEEPER-2125.patch, ZOOKEEPER-2125.patch, ZOOKEEPER-2125.patch,
ZOOKEEPER-2125.patch
Supporting SSL on Netty client-server communication.
1. It supports keystore and trustore usage.
2. It adds an additional ZK server port which supports SSL. This would be
useful for rolling upgrade.
RB: https://reviews.apache.org/r/31277/
h2. How to use it
You need to set some parameters on both ZK server and client.
h3. Server
You need to specify a listening SSL port in zoo.cfg:
{code}
secureClientPort=2281
{code}
Just like what you did with clientPort. And then set some jvm flags:
{code}
export
SERVER_JVMFLAGS=-Dzookeeper.serverCnxnFactory=org.apache.zookeeper.server.NettyServerCnxnFactory
-Dzookeeper.ssl.keyStore.location=/root/zookeeper/ssl/testKeyStore.jks
-Dzookeeper.ssl.keyStore.password=testpass
-Dzookeeper.ssl.trustStore.location=/root/zookeeper/ssl/testTrustStore.jks
-Dzookeeper.ssl.trustStore.password=testpass
{code}
Please change keystore and truststore parameters accordingly.
h3. Client
You need to set jvm flags:
{code}
export
CLIENT_JVMFLAGS=-Dzookeeper.clientCnxnSocket=org.apache.zookeeper.ClientCnxnSocketNetty
-Dzookeeper.client.secure=true
-Dzookeeper.ssl.keyStore.location=/root/zookeeper/ssl/testKeyStore.jks
-Dzookeeper.ssl.keyStore.password=testpass
-Dzookeeper.ssl.trustStore.location=/root/zookeeper/ssl/testTrustStore.jks
-Dzookeeper.ssl.trustStore.password=testpass
{code}
change keystore and truststore parameters accordingly.
And then connect to the server's SSL port, in this case:
{code}
bin/zkCli.sh -server 127.0.0.1:2281
{code}
If you have any feedback, you are more than welcome to discuss it here!
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
Re: Review Request 31277: ZOOKEEPER-2125: SSL on Netty client-server communication
On March 6, 2015, 8:39 p.m., Rakesh R wrote: src/java/main/org/apache/zookeeper/ClientCnxnSocketNetty.java, line 356 https://reviews.apache.org/r/31277/diff/11/?file=886448#file886448line356 do we need synchronization here? It's not obvious here. I am going to add some comments. The reason is avoid race of shared sslEngine. On March 6, 2015, 8:39 p.m., Rakesh R wrote: src/java/main/org/apache/zookeeper/ClientCnxnSocketNetty.java, line 343 https://reviews.apache.org/r/31277/diff/11/?file=886448#file886448line343 please move sslEngine,sslContext inside the method initSSL(pipeline) as local variables? They only need to be initiated once. Later on, connections will reuse the sslEngine. On March 6, 2015, 8:39 p.m., Rakesh R wrote: src/java/main/org/apache/zookeeper/ClientCnxnSocketNetty.java, line 357 https://reviews.apache.org/r/31277/diff/11/?file=886448#file886448line357 I could see new ZKClientPipelineFactory() is always created and not required to do null checks here, isn't it? Isn't ZKClientPipelineFactory() created only once? Netty 3.x docs said that channelpipeline is per connection, and cpFactory creates for each. On March 6, 2015, 8:39 p.m., Rakesh R wrote: src/java/main/org/apache/zookeeper/ClientCnxnSocketNetty.java, line 363 https://reviews.apache.org/r/31277/diff/11/?file=886448#file886448line363 this log wouldn't help much, probably you can try include info like pipeline.getChannel() details. Or can make this DEBUG level priority. Right. Adding channel details will be useful when things go wrong. On March 6, 2015, 8:39 p.m., Rakesh R wrote: src/java/main/org/apache/zookeeper/common/X509Error.java, line 21 https://reviews.apache.org/r/31277/diff/11/?file=886450#file886450line21 I prefer to use X509Exception instead of X509Error, can you rename this to X509Exception? Sure - Hongchao --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31277/#review75525 --- On March 6, 2015, 12:17 a.m., Hongchao Deng wrote: --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31277/ --- (Updated March 6, 2015, 12:17 a.m.) Review request for zookeeper. Repository: zookeeper-git Description --- ZOOKEEPER-2125: SSL on Netty client-server communication Diffs - src/docs/src/documentation/content/xdocs/zookeeperAdmin.xml 202051f1f7f517b1e1a3c561c0008449ab3c48a6 src/java/main/org/apache/zookeeper/ClientCnxnSocketNetty.java PRE-CREATION src/java/main/org/apache/zookeeper/ZooKeeper.java dd13cc9ba5096312b06999a03ae0057cd3677623 src/java/main/org/apache/zookeeper/common/X509Error.java PRE-CREATION src/java/main/org/apache/zookeeper/common/X509Util.java PRE-CREATION src/java/main/org/apache/zookeeper/server/NIOServerCnxnFactory.java acabb33f6c7a000706763ccba94cbaf5aaaca08e src/java/main/org/apache/zookeeper/server/NettyServerCnxnFactory.java 41268805fe16244aeea4db3f35f13a6987b30187 src/java/main/org/apache/zookeeper/server/ServerCnxnFactory.java 14037722c569d560acef56de0b5a7ae13464128c src/java/main/org/apache/zookeeper/server/ServerConfig.java f2b8463e871739319bdf40be1f014d5ad0af5602 src/java/main/org/apache/zookeeper/server/ZooKeeperServer.java 30a0ed390bb7473ddb36757da97bc7d5f4281887 src/java/main/org/apache/zookeeper/server/ZooKeeperServerBean.java 0eb5c7f979199f2f7dcb9e5cfa011a9b20113713 src/java/main/org/apache/zookeeper/server/ZooKeeperServerMain.java b756d349abeb1fc69534100c3633db4c1c18e031 src/java/main/org/apache/zookeeper/server/quorum/Leader.java 20589045752a7ba4ae9c9090055a4fcbe86a8eda src/java/main/org/apache/zookeeper/server/quorum/Learner.java 4dd1e947357080f3e055f3e7e2a78c979daa6ea7 src/java/main/org/apache/zookeeper/server/quorum/QuorumPeer.java 388ceeb45bd18c7cb8f0766a96ebd4a54a9e76de src/java/main/org/apache/zookeeper/server/quorum/QuorumPeerConfig.java badc8df1f05dea4be337bc8312d7ac22f6c77dc3 src/java/main/org/apache/zookeeper/server/quorum/QuorumPeerMain.java d17c58d59e0131a78adde1becb5c23ce8c7a16a7 src/java/main/org/apache/zookeeper/server/quorum/ReadOnlyZooKeeperServer.java 2aab6d09f9bd980ed76f886fb8168aae2ac8f99f src/java/test/data/ssl/README.md PRE-CREATION src/java/test/data/ssl/testKeyStore.jks PRE-CREATION src/java/test/data/ssl/testTrustStore.jks PRE-CREATION src/java/test/org/apache/zookeeper/server/quorum/QuorumPeerTestBase.java 6ab19b1eb137c8b13b8ad031d474e213267da1ea src/java/test/org/apache/zookeeper/server/quorum/Zab1_0Test.java 6ce058e48d17410d89d8348ee659dd7752bfd578
[jira] [Commented] (ZOOKEEPER-2125) SSL on Netty client-server communication
[
https://issues.apache.org/jira/browse/ZOOKEEPER-2125?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14351081#comment-14351081
]
Hongchao Deng commented on ZOOKEEPER-2125:
--
Attached a new patch addressing Rakesh's comments.
SSL on Netty client-server communication
Key: ZOOKEEPER-2125
URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2125
Project: ZooKeeper
Issue Type: Sub-task
Reporter: Hongchao Deng
Assignee: Hongchao Deng
Fix For: 3.5.1
Attachments: ZOOKEEPER-2125.patch, ZOOKEEPER-2125.patch,
ZOOKEEPER-2125.patch, ZOOKEEPER-2125.patch, ZOOKEEPER-2125.patch,
ZOOKEEPER-2125.patch, ZOOKEEPER-2125.patch, ZOOKEEPER-2125.patch
Supporting SSL on Netty client-server communication.
1. It supports keystore and trustore usage.
2. It adds an additional ZK server port which supports SSL. This would be
useful for rolling upgrade.
RB: https://reviews.apache.org/r/31277/
h2. How to use it
You need to set some parameters on both ZK server and client.
h3. Server
You need to specify a listening SSL port in zoo.cfg:
{code}
secureClientPort=2281
{code}
Just like what you did with clientPort. And then set some jvm flags:
{code}
export
SERVER_JVMFLAGS=-Dzookeeper.serverCnxnFactory=org.apache.zookeeper.server.NettyServerCnxnFactory
-Dzookeeper.ssl.keyStore.location=/root/zookeeper/ssl/testKeyStore.jks
-Dzookeeper.ssl.keyStore.password=testpass
-Dzookeeper.ssl.trustStore.location=/root/zookeeper/ssl/testTrustStore.jks
-Dzookeeper.ssl.trustStore.password=testpass
{code}
Please change keystore and truststore parameters accordingly.
h3. Client
You need to set jvm flags:
{code}
export
CLIENT_JVMFLAGS=-Dzookeeper.clientCnxnSocket=org.apache.zookeeper.ClientCnxnSocketNetty
-Dzookeeper.client.secure=true
-Dzookeeper.ssl.keyStore.location=/root/zookeeper/ssl/testKeyStore.jks
-Dzookeeper.ssl.keyStore.password=testpass
-Dzookeeper.ssl.trustStore.location=/root/zookeeper/ssl/testTrustStore.jks
-Dzookeeper.ssl.trustStore.password=testpass
{code}
change keystore and truststore parameters accordingly.
And then connect to the server's SSL port, in this case:
{code}
bin/zkCli.sh -server 127.0.0.1:2281
{code}
If you have any feedback, you are more than welcome to discuss it here!
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
Re: Review Request 31277: ZOOKEEPER-2125: SSL on Netty client-server communication
On March 7, 2015, 1:08 a.m., Raul Gutierrez Segales wrote: src/java/test/org/apache/zookeeper/server/quorum/Zab1_0Test.java, line 849 https://reviews.apache.org/r/31277/diff/12-14/?file=887835#file887835line849 can we get rid of these red tabs pls? Yes I did a few other pushes to get rid of unnecessary changes :) See the latest version. - Hongchao --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31277/#review75593 --- On March 7, 2015, 1:04 a.m., Hongchao Deng wrote: --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31277/ --- (Updated March 7, 2015, 1:04 a.m.) Review request for zookeeper. Repository: zookeeper-git Description --- ZOOKEEPER-2125: SSL on Netty client-server communication Diffs - src/docs/src/documentation/content/xdocs/zookeeperAdmin.xml 202051f1f7f517b1e1a3c561c0008449ab3c48a6 src/java/main/org/apache/zookeeper/ClientCnxnSocketNetty.java PRE-CREATION src/java/main/org/apache/zookeeper/ZooKeeper.java dd13cc9ba5096312b06999a03ae0057cd3677623 src/java/main/org/apache/zookeeper/common/X509Exception.java PRE-CREATION src/java/main/org/apache/zookeeper/common/X509Util.java PRE-CREATION src/java/main/org/apache/zookeeper/server/FinalRequestProcessor.java a97be4a5452006fbd85d355c0dcb16276cbf1c59 src/java/main/org/apache/zookeeper/server/NIOServerCnxnFactory.java acabb33f6c7a000706763ccba94cbaf5aaaca08e src/java/main/org/apache/zookeeper/server/NettyServerCnxnFactory.java 41268805fe16244aeea4db3f35f13a6987b30187 src/java/main/org/apache/zookeeper/server/ServerCnxnFactory.java 14037722c569d560acef56de0b5a7ae13464128c src/java/main/org/apache/zookeeper/server/ServerConfig.java f2b8463e871739319bdf40be1f014d5ad0af5602 src/java/main/org/apache/zookeeper/server/ZooKeeperServer.java 30a0ed390bb7473ddb36757da97bc7d5f4281887 src/java/main/org/apache/zookeeper/server/ZooKeeperServerBean.java 0eb5c7f979199f2f7dcb9e5cfa011a9b20113713 src/java/main/org/apache/zookeeper/server/ZooKeeperServerMain.java b756d349abeb1fc69534100c3633db4c1c18e031 src/java/main/org/apache/zookeeper/server/quorum/Leader.java 20589045752a7ba4ae9c9090055a4fcbe86a8eda src/java/main/org/apache/zookeeper/server/quorum/Learner.java 4dd1e947357080f3e055f3e7e2a78c979daa6ea7 src/java/main/org/apache/zookeeper/server/quorum/QuorumPeer.java 388ceeb45bd18c7cb8f0766a96ebd4a54a9e76de src/java/main/org/apache/zookeeper/server/quorum/QuorumPeerConfig.java badc8df1f05dea4be337bc8312d7ac22f6c77dc3 src/java/main/org/apache/zookeeper/server/quorum/QuorumPeerMain.java d17c58d59e0131a78adde1becb5c23ce8c7a16a7 src/java/main/org/apache/zookeeper/server/quorum/ReadOnlyZooKeeperServer.java 2aab6d09f9bd980ed76f886fb8168aae2ac8f99f src/java/test/org/apache/zookeeper/server/quorum/QuorumPeerTestBase.java 6ab19b1eb137c8b13b8ad031d474e213267da1ea src/java/test/org/apache/zookeeper/server/quorum/Zab1_0Test.java 6ce058e48d17410d89d8348ee659dd7752bfd578 src/java/test/org/apache/zookeeper/test/ReconfigTest.java 8b238ee7463508122010208ebc3e786caa2cf1b1 src/java/test/org/apache/zookeeper/test/SSLTest.java PRE-CREATION Diff: https://reviews.apache.org/r/31277/diff/ Testing --- Thanks, Hongchao Deng
Re: Review Request 31277: ZOOKEEPER-2125: SSL on Netty client-server communication
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31277/#review75593 --- src/java/test/org/apache/zookeeper/server/quorum/Zab1_0Test.java https://reviews.apache.org/r/31277/#comment122791 can we get rid of these red tabs pls? - Raul Gutierrez Segales On March 7, 2015, 1:04 a.m., Hongchao Deng wrote: --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31277/ --- (Updated March 7, 2015, 1:04 a.m.) Review request for zookeeper. Repository: zookeeper-git Description --- ZOOKEEPER-2125: SSL on Netty client-server communication Diffs - src/docs/src/documentation/content/xdocs/zookeeperAdmin.xml 202051f1f7f517b1e1a3c561c0008449ab3c48a6 src/java/main/org/apache/zookeeper/ClientCnxnSocketNetty.java PRE-CREATION src/java/main/org/apache/zookeeper/ZooKeeper.java dd13cc9ba5096312b06999a03ae0057cd3677623 src/java/main/org/apache/zookeeper/common/X509Exception.java PRE-CREATION src/java/main/org/apache/zookeeper/common/X509Util.java PRE-CREATION src/java/main/org/apache/zookeeper/server/FinalRequestProcessor.java a97be4a5452006fbd85d355c0dcb16276cbf1c59 src/java/main/org/apache/zookeeper/server/NIOServerCnxnFactory.java acabb33f6c7a000706763ccba94cbaf5aaaca08e src/java/main/org/apache/zookeeper/server/NettyServerCnxnFactory.java 41268805fe16244aeea4db3f35f13a6987b30187 src/java/main/org/apache/zookeeper/server/ServerCnxnFactory.java 14037722c569d560acef56de0b5a7ae13464128c src/java/main/org/apache/zookeeper/server/ServerConfig.java f2b8463e871739319bdf40be1f014d5ad0af5602 src/java/main/org/apache/zookeeper/server/ZooKeeperServer.java 30a0ed390bb7473ddb36757da97bc7d5f4281887 src/java/main/org/apache/zookeeper/server/ZooKeeperServerBean.java 0eb5c7f979199f2f7dcb9e5cfa011a9b20113713 src/java/main/org/apache/zookeeper/server/ZooKeeperServerMain.java b756d349abeb1fc69534100c3633db4c1c18e031 src/java/main/org/apache/zookeeper/server/quorum/Leader.java 20589045752a7ba4ae9c9090055a4fcbe86a8eda src/java/main/org/apache/zookeeper/server/quorum/Learner.java 4dd1e947357080f3e055f3e7e2a78c979daa6ea7 src/java/main/org/apache/zookeeper/server/quorum/QuorumPeer.java 388ceeb45bd18c7cb8f0766a96ebd4a54a9e76de src/java/main/org/apache/zookeeper/server/quorum/QuorumPeerConfig.java badc8df1f05dea4be337bc8312d7ac22f6c77dc3 src/java/main/org/apache/zookeeper/server/quorum/QuorumPeerMain.java d17c58d59e0131a78adde1becb5c23ce8c7a16a7 src/java/main/org/apache/zookeeper/server/quorum/ReadOnlyZooKeeperServer.java 2aab6d09f9bd980ed76f886fb8168aae2ac8f99f src/java/test/org/apache/zookeeper/server/quorum/QuorumPeerTestBase.java 6ab19b1eb137c8b13b8ad031d474e213267da1ea src/java/test/org/apache/zookeeper/server/quorum/Zab1_0Test.java 6ce058e48d17410d89d8348ee659dd7752bfd578 src/java/test/org/apache/zookeeper/test/ReconfigTest.java 8b238ee7463508122010208ebc3e786caa2cf1b1 src/java/test/org/apache/zookeeper/test/SSLTest.java PRE-CREATION Diff: https://reviews.apache.org/r/31277/diff/ Testing --- Thanks, Hongchao Deng
Re: Review Request 31277: ZOOKEEPER-2125: SSL on Netty client-server communication
On March 6, 2015, 8:39 p.m., Rakesh R wrote: src/java/main/org/apache/zookeeper/common/X509Error.java, line 21 https://reviews.apache.org/r/31277/diff/11/?file=886450#file886450line21 I prefer to use X509Exception instead of X509Error, can you rename this to X509Exception? Hongchao Deng wrote: Sure Hi Rakesh, findbugs complains that X509Exception didn't extend Exception. I think changing back to X509Error will work. Any opinions? - Hongchao --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31277/#review75525 --- On March 7, 2015, 1:04 a.m., Hongchao Deng wrote: --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31277/ --- (Updated March 7, 2015, 1:04 a.m.) Review request for zookeeper. Repository: zookeeper-git Description --- ZOOKEEPER-2125: SSL on Netty client-server communication Diffs - src/docs/src/documentation/content/xdocs/zookeeperAdmin.xml 202051f1f7f517b1e1a3c561c0008449ab3c48a6 src/java/main/org/apache/zookeeper/ClientCnxnSocketNetty.java PRE-CREATION src/java/main/org/apache/zookeeper/ZooKeeper.java dd13cc9ba5096312b06999a03ae0057cd3677623 src/java/main/org/apache/zookeeper/common/X509Exception.java PRE-CREATION src/java/main/org/apache/zookeeper/common/X509Util.java PRE-CREATION src/java/main/org/apache/zookeeper/server/FinalRequestProcessor.java a97be4a5452006fbd85d355c0dcb16276cbf1c59 src/java/main/org/apache/zookeeper/server/NIOServerCnxnFactory.java acabb33f6c7a000706763ccba94cbaf5aaaca08e src/java/main/org/apache/zookeeper/server/NettyServerCnxnFactory.java 41268805fe16244aeea4db3f35f13a6987b30187 src/java/main/org/apache/zookeeper/server/ServerCnxnFactory.java 14037722c569d560acef56de0b5a7ae13464128c src/java/main/org/apache/zookeeper/server/ServerConfig.java f2b8463e871739319bdf40be1f014d5ad0af5602 src/java/main/org/apache/zookeeper/server/ZooKeeperServer.java 30a0ed390bb7473ddb36757da97bc7d5f4281887 src/java/main/org/apache/zookeeper/server/ZooKeeperServerBean.java 0eb5c7f979199f2f7dcb9e5cfa011a9b20113713 src/java/main/org/apache/zookeeper/server/ZooKeeperServerMain.java b756d349abeb1fc69534100c3633db4c1c18e031 src/java/main/org/apache/zookeeper/server/quorum/Leader.java 20589045752a7ba4ae9c9090055a4fcbe86a8eda src/java/main/org/apache/zookeeper/server/quorum/Learner.java 4dd1e947357080f3e055f3e7e2a78c979daa6ea7 src/java/main/org/apache/zookeeper/server/quorum/QuorumPeer.java 388ceeb45bd18c7cb8f0766a96ebd4a54a9e76de src/java/main/org/apache/zookeeper/server/quorum/QuorumPeerConfig.java badc8df1f05dea4be337bc8312d7ac22f6c77dc3 src/java/main/org/apache/zookeeper/server/quorum/QuorumPeerMain.java d17c58d59e0131a78adde1becb5c23ce8c7a16a7 src/java/main/org/apache/zookeeper/server/quorum/ReadOnlyZooKeeperServer.java 2aab6d09f9bd980ed76f886fb8168aae2ac8f99f src/java/test/org/apache/zookeeper/server/quorum/QuorumPeerTestBase.java 6ab19b1eb137c8b13b8ad031d474e213267da1ea src/java/test/org/apache/zookeeper/server/quorum/Zab1_0Test.java 6ce058e48d17410d89d8348ee659dd7752bfd578 src/java/test/org/apache/zookeeper/test/ReconfigTest.java 8b238ee7463508122010208ebc3e786caa2cf1b1 src/java/test/org/apache/zookeeper/test/SSLTest.java PRE-CREATION Diff: https://reviews.apache.org/r/31277/diff/ Testing --- Thanks, Hongchao Deng
Re: Review Request 31277: ZOOKEEPER-2125: SSL on Netty client-server communication
On March 6, 2015, 8:44 p.m., Rakesh R wrote: src/docs/src/documentation/content/xdocs/zookeeperAdmin.xml, line 618 https://reviews.apache.org/r/31277/diff/11/?file=886447#file886447line618 Netty usage is pluggable. SSL feature will be enabled when user user plugged-in zookeeper.serverCnxnFactory, zookeeper.clientCnxnSocket as Netty. isn't it? Its good to capture in the document, whats your opinion? Sounds perfect! - Hongchao --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31277/#review75542 --- On March 6, 2015, 12:17 a.m., Hongchao Deng wrote: --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31277/ --- (Updated March 6, 2015, 12:17 a.m.) Review request for zookeeper. Repository: zookeeper-git Description --- ZOOKEEPER-2125: SSL on Netty client-server communication Diffs - src/docs/src/documentation/content/xdocs/zookeeperAdmin.xml 202051f1f7f517b1e1a3c561c0008449ab3c48a6 src/java/main/org/apache/zookeeper/ClientCnxnSocketNetty.java PRE-CREATION src/java/main/org/apache/zookeeper/ZooKeeper.java dd13cc9ba5096312b06999a03ae0057cd3677623 src/java/main/org/apache/zookeeper/common/X509Error.java PRE-CREATION src/java/main/org/apache/zookeeper/common/X509Util.java PRE-CREATION src/java/main/org/apache/zookeeper/server/NIOServerCnxnFactory.java acabb33f6c7a000706763ccba94cbaf5aaaca08e src/java/main/org/apache/zookeeper/server/NettyServerCnxnFactory.java 41268805fe16244aeea4db3f35f13a6987b30187 src/java/main/org/apache/zookeeper/server/ServerCnxnFactory.java 14037722c569d560acef56de0b5a7ae13464128c src/java/main/org/apache/zookeeper/server/ServerConfig.java f2b8463e871739319bdf40be1f014d5ad0af5602 src/java/main/org/apache/zookeeper/server/ZooKeeperServer.java 30a0ed390bb7473ddb36757da97bc7d5f4281887 src/java/main/org/apache/zookeeper/server/ZooKeeperServerBean.java 0eb5c7f979199f2f7dcb9e5cfa011a9b20113713 src/java/main/org/apache/zookeeper/server/ZooKeeperServerMain.java b756d349abeb1fc69534100c3633db4c1c18e031 src/java/main/org/apache/zookeeper/server/quorum/Leader.java 20589045752a7ba4ae9c9090055a4fcbe86a8eda src/java/main/org/apache/zookeeper/server/quorum/Learner.java 4dd1e947357080f3e055f3e7e2a78c979daa6ea7 src/java/main/org/apache/zookeeper/server/quorum/QuorumPeer.java 388ceeb45bd18c7cb8f0766a96ebd4a54a9e76de src/java/main/org/apache/zookeeper/server/quorum/QuorumPeerConfig.java badc8df1f05dea4be337bc8312d7ac22f6c77dc3 src/java/main/org/apache/zookeeper/server/quorum/QuorumPeerMain.java d17c58d59e0131a78adde1becb5c23ce8c7a16a7 src/java/main/org/apache/zookeeper/server/quorum/ReadOnlyZooKeeperServer.java 2aab6d09f9bd980ed76f886fb8168aae2ac8f99f src/java/test/data/ssl/README.md PRE-CREATION src/java/test/data/ssl/testKeyStore.jks PRE-CREATION src/java/test/data/ssl/testTrustStore.jks PRE-CREATION src/java/test/org/apache/zookeeper/server/quorum/QuorumPeerTestBase.java 6ab19b1eb137c8b13b8ad031d474e213267da1ea src/java/test/org/apache/zookeeper/server/quorum/Zab1_0Test.java 6ce058e48d17410d89d8348ee659dd7752bfd578 src/java/test/org/apache/zookeeper/test/ReconfigTest.java 8b238ee7463508122010208ebc3e786caa2cf1b1 src/java/test/org/apache/zookeeper/test/SSLTest.java PRE-CREATION Diff: https://reviews.apache.org/r/31277/diff/ Testing --- Thanks, Hongchao Deng
[jira] [Commented] (ZOOKEEPER-2125) SSL on Netty client-server communication
[
https://issues.apache.org/jira/browse/ZOOKEEPER-2125?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14351315#comment-14351315
]
Hadoop QA commented on ZOOKEEPER-2125:
--
-1 overall. Here are the results of testing the latest attachment
http://issues.apache.org/jira/secure/attachment/12703189/ZOOKEEPER-2125.patch
against trunk revision 1663127.
+1 @author. The patch does not contain any @author tags.
+1 tests included. The patch appears to include 14 new or modified tests.
+1 javadoc. The javadoc tool did not generate any warning messages.
+1 javac. The applied patch does not increase the total number of javac
compiler warnings.
-1 findbugs. The patch appears to introduce 1 new Findbugs (version 2.0.3)
warnings.
+1 release audit. The applied patch does not increase the total number of
release audit warnings.
-1 core tests. The patch failed core unit tests.
+1 contrib tests. The patch passed contrib unit tests.
Test results:
https://builds.apache.org/job/PreCommit-ZOOKEEPER-Build/2545//testReport/
Findbugs warnings:
https://builds.apache.org/job/PreCommit-ZOOKEEPER-Build/2545//artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html
Console output:
https://builds.apache.org/job/PreCommit-ZOOKEEPER-Build/2545//console
This message is automatically generated.
SSL on Netty client-server communication
Key: ZOOKEEPER-2125
URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2125
Project: ZooKeeper
Issue Type: Sub-task
Reporter: Hongchao Deng
Assignee: Hongchao Deng
Fix For: 3.5.1
Attachments: ZOOKEEPER-2125.patch, ZOOKEEPER-2125.patch,
ZOOKEEPER-2125.patch, ZOOKEEPER-2125.patch, ZOOKEEPER-2125.patch,
ZOOKEEPER-2125.patch, ZOOKEEPER-2125.patch, ZOOKEEPER-2125.patch,
ZOOKEEPER-2125.patch
Supporting SSL on Netty client-server communication.
1. It supports keystore and trustore usage.
2. It adds an additional ZK server port which supports SSL. This would be
useful for rolling upgrade.
RB: https://reviews.apache.org/r/31277/
h2. How to use it
You need to set some parameters on both ZK server and client.
h3. Server
You need to specify a listening SSL port in zoo.cfg:
{code}
secureClientPort=2281
{code}
Just like what you did with clientPort. And then set some jvm flags:
{code}
export
SERVER_JVMFLAGS=-Dzookeeper.serverCnxnFactory=org.apache.zookeeper.server.NettyServerCnxnFactory
-Dzookeeper.ssl.keyStore.location=/root/zookeeper/ssl/testKeyStore.jks
-Dzookeeper.ssl.keyStore.password=testpass
-Dzookeeper.ssl.trustStore.location=/root/zookeeper/ssl/testTrustStore.jks
-Dzookeeper.ssl.trustStore.password=testpass
{code}
Please change keystore and truststore parameters accordingly.
h3. Client
You need to set jvm flags:
{code}
export
CLIENT_JVMFLAGS=-Dzookeeper.clientCnxnSocket=org.apache.zookeeper.ClientCnxnSocketNetty
-Dzookeeper.client.secure=true
-Dzookeeper.ssl.keyStore.location=/root/zookeeper/ssl/testKeyStore.jks
-Dzookeeper.ssl.keyStore.password=testpass
-Dzookeeper.ssl.trustStore.location=/root/zookeeper/ssl/testTrustStore.jks
-Dzookeeper.ssl.trustStore.password=testpass
{code}
change keystore and truststore parameters accordingly.
And then connect to the server's SSL port, in this case:
{code}
bin/zkCli.sh -server 127.0.0.1:2281
{code}
If you have any feedback, you are more than welcome to discuss it here!
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
Failed: ZOOKEEPER-2125 PreCommit Build #2545
Jira: https://issues.apache.org/jira/browse/ZOOKEEPER-2125 Build: https://builds.apache.org/job/PreCommit-ZOOKEEPER-Build/2545/ ### ## LAST 60 LINES OF THE CONSOLE ### [...truncated 345704 lines...] [exec] [exec] +1 @author. The patch does not contain any @author tags. [exec] [exec] +1 tests included. The patch appears to include 14 new or modified tests. [exec] [exec] +1 javadoc. The javadoc tool did not generate any warning messages. [exec] [exec] +1 javac. The applied patch does not increase the total number of javac compiler warnings. [exec] [exec] -1 findbugs. The patch appears to introduce 1 new Findbugs (version 2.0.3) warnings. [exec] [exec] +1 release audit. The applied patch does not increase the total number of release audit warnings. [exec] [exec] -1 core tests. The patch failed core unit tests. [exec] [exec] +1 contrib tests. The patch passed contrib unit tests. [exec] [exec] Test results: https://builds.apache.org/job/PreCommit-ZOOKEEPER-Build/2545//testReport/ [exec] Findbugs warnings: https://builds.apache.org/job/PreCommit-ZOOKEEPER-Build/2545//artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html [exec] Console output: https://builds.apache.org/job/PreCommit-ZOOKEEPER-Build/2545//console [exec] [exec] This message is automatically generated. [exec] [exec] [exec] == [exec] == [exec] Adding comment to Jira. [exec] == [exec] == [exec] [exec] [exec] Comment added. [exec] 73db371710c076c8b9fb175b7fdda65d03585aa1 logged out [exec] [exec] [exec] == [exec] == [exec] Finished build. [exec] == [exec] == [exec] [exec] BUILD FAILED /home/jenkins/jenkins-slave/workspace/PreCommit-ZOOKEEPER-Build/trunk/build.xml:1714: exec returned: 2 Total time: 45 minutes 55 seconds Build step 'Execute shell' marked build as failure Archiving artifacts Sending artifact delta relative to PreCommit-ZOOKEEPER-Build #2489 Archived 7 artifacts Archive block size is 32768 Received 2 blocks and 495816 bytes Compression is 11.7% Took 0.93 sec Recording test results Description set: ZOOKEEPER-2125 Email was triggered for: Failure Sending email for trigger: Failure ### ## FAILED TESTS (if any) ## 1 tests failed. REGRESSION: org.apache.zookeeper.test.AsyncHammerTest.testHammer Error Message: null Stack Trace: junit.framework.AssertionFailedError at org.apache.zookeeper.test.AsyncHammerTest.testHammer(AsyncHammerTest.java:186) at org.apache.zookeeper.JUnit4ZKTestRunner$LoggedInvokeMethod.evaluate(JUnit4ZKTestRunner.java:52)
ZooKeeper_branch34_solaris - Build # 936 - Failure
See https://builds.apache.org/job/ZooKeeper_branch34_solaris/936/ ### ## LAST 60 LINES OF THE CONSOLE ### Started by timer Building remotely on solaris1 (Solaris) in workspace /export/home/hudson/hudson-slave/workspace/ZooKeeper_branch34_solaris FATAL: hudson.remoting.RequestAbortedException: hudson.remoting.Channel$OrderlyShutdown hudson.remoting.RequestAbortedException: hudson.remoting.RequestAbortedException: hudson.remoting.Channel$OrderlyShutdown at hudson.remoting.RequestAbortedException.wrapForRethrow(RequestAbortedException.java:41) at hudson.remoting.RequestAbortedException.wrapForRethrow(RequestAbortedException.java:34) at hudson.remoting.Request.call(Request.java:174) at hudson.remoting.Channel.call(Channel.java:742) at hudson.FilePath.act(FilePath.java:909) at hudson.FilePath.act(FilePath.java:893) at hudson.FilePath.mkdirs(FilePath.java:1063) at hudson.model.AbstractProject.checkout(AbstractProject.java:1245) at hudson.model.AbstractBuild$AbstractBuildExecution.defaultCheckout(AbstractBuild.java:615) at jenkins.scm.SCMCheckoutStrategy.checkout(SCMCheckoutStrategy.java:86) at hudson.model.AbstractBuild$AbstractBuildExecution.run(AbstractBuild.java:524) at hudson.model.Run.execute(Run.java:1706) at hudson.model.FreeStyleBuild.run(FreeStyleBuild.java:43) at hudson.model.ResourceController.execute(ResourceController.java:88) at hudson.model.Executor.run(Executor.java:232) Caused by: hudson.remoting.RequestAbortedException: hudson.remoting.Channel$OrderlyShutdown at hudson.remoting.Request.abort(Request.java:299) at hudson.remoting.Channel.terminate(Channel.java:805) at hudson.remoting.Channel$CloseCommand.execute(Channel.java:954) at hudson.remoting.Channel$2.handle(Channel.java:474) at hudson.remoting.SynchronousCommandTransport$ReaderThread.run(SynchronousCommandTransport.java:60) Caused by: hudson.remoting.Channel$OrderlyShutdown ... 3 more Caused by: Command close created at at hudson.remoting.Command.init(Command.java:56) at hudson.remoting.Channel$CloseCommand.init(Channel.java:948) at hudson.remoting.Channel$CloseCommand.init(Channel.java:946) at hudson.remoting.Channel.close(Channel.java:1029) at hudson.remoting.Channel.close(Channel.java:1012) at hudson.remoting.Channel$CloseCommand.execute(Channel.java:953) ... 2 more ### ## FAILED TESTS (if any) ## No tests ran.
ZooKeeper-trunk - Build # 2616 - Still Failing
See https://builds.apache.org/job/ZooKeeper-trunk/2616/ ### ## LAST 60 LINES OF THE CONSOLE ### [...truncated 352235 lines...] [junit] 2015-03-06 12:34:51,449 [myid:] - INFO [main:FileTxnSnapLog@298] - Snapshotting: 0xb to /home/jenkins/jenkins-slave/workspace/ZooKeeper-trunk/trunk/build/test/tmp/test2748872539281631827.junit.dir/version-2/snapshot.b [junit] 2015-03-06 12:34:51,451 [myid:] - INFO [main:FourLetterWordMain@43] - connecting to 127.0.0.1 11221 [junit] 2015-03-06 12:34:51,451 [myid:] - INFO [NIOServerCxnFactory.AcceptThread:0.0.0.0/0.0.0.0:11221:NIOServerCnxnFactory$AcceptThread@296] - Accepted socket connection from /127.0.0.1:57988 [junit] 2015-03-06 12:34:51,452 [myid:] - INFO [NIOWorkerThread-1:NIOServerCnxn@835] - Processing stat command from /127.0.0.1:57988 [junit] 2015-03-06 12:34:51,452 [myid:] - INFO [NIOWorkerThread-1:NIOServerCnxn$StatCommand@684] - Stat command output [junit] 2015-03-06 12:34:51,453 [myid:] - INFO [NIOWorkerThread-1:NIOServerCnxn@1006] - Closed socket connection for client /127.0.0.1:57988 (no session established for client) [junit] 2015-03-06 12:34:51,453 [myid:] - INFO [main:JMXEnv@224] - ensureParent:[InMemoryDataTree, StandaloneServer_port] [junit] 2015-03-06 12:34:51,455 [myid:] - INFO [main:JMXEnv@241] - expect:InMemoryDataTree [junit] 2015-03-06 12:34:51,455 [myid:] - INFO [main:JMXEnv@245] - found:InMemoryDataTree org.apache.ZooKeeperService:name0=StandaloneServer_port11221,name1=InMemoryDataTree [junit] 2015-03-06 12:34:51,455 [myid:] - INFO [main:JMXEnv@241] - expect:StandaloneServer_port [junit] 2015-03-06 12:34:51,455 [myid:] - INFO [main:JMXEnv@245] - found:StandaloneServer_port org.apache.ZooKeeperService:name0=StandaloneServer_port11221 [junit] 2015-03-06 12:34:51,455 [myid:] - INFO [main:JUnit4ZKTestRunner$LoggedInvokeMethod@55] - Memory used 85029 [junit] 2015-03-06 12:34:51,456 [myid:] - INFO [main:JUnit4ZKTestRunner$LoggedInvokeMethod@60] - Number of threads 24 [junit] 2015-03-06 12:34:51,456 [myid:] - INFO [main:JUnit4ZKTestRunner$LoggedInvokeMethod@65] - FINISHED TEST METHOD testQuota [junit] 2015-03-06 12:34:51,456 [myid:] - INFO [main:ClientBase@521] - tearDown starting [junit] 2015-03-06 12:34:51,523 [myid:] - INFO [main:ZooKeeper@968] - Session: 0x1007f0a22ac closed [junit] 2015-03-06 12:34:51,523 [myid:] - INFO [main:ClientBase@491] - STOPPING server [junit] 2015-03-06 12:34:51,523 [myid:] - INFO [main-EventThread:ClientCnxn$EventThread@531] - EventThread shut down [junit] 2015-03-06 12:34:51,523 [myid:] - INFO [ConnnectionExpirer:NIOServerCnxnFactory$ConnectionExpirerThread@583] - ConnnectionExpirerThread interrupted [junit] 2015-03-06 12:34:51,524 [myid:] - INFO [NIOServerCxnFactory.SelectorThread-0:NIOServerCnxnFactory$SelectorThread@420] - selector thread exitted run method [junit] 2015-03-06 12:34:51,524 [myid:] - INFO [NIOServerCxnFactory.SelectorThread-1:NIOServerCnxnFactory$SelectorThread@420] - selector thread exitted run method [junit] 2015-03-06 12:34:51,524 [myid:] - INFO [NIOServerCxnFactory.AcceptThread:0.0.0.0/0.0.0.0:11221:NIOServerCnxnFactory$AcceptThread@219] - accept thread exitted run method [junit] 2015-03-06 12:34:51,525 [myid:] - INFO [main:ZooKeeperServer@440] - shutting down [junit] 2015-03-06 12:34:51,525 [myid:] - INFO [main:SessionTrackerImpl@232] - Shutting down [junit] 2015-03-06 12:34:51,525 [myid:] - INFO [main:PrepRequestProcessor@974] - Shutting down [junit] 2015-03-06 12:34:51,525 [myid:] - INFO [main:SyncRequestProcessor@191] - Shutting down [junit] 2015-03-06 12:34:51,525 [myid:] - INFO [ProcessThread(sid:0 cport:11221)::PrepRequestProcessor@156] - PrepRequestProcessor exited loop! [junit] 2015-03-06 12:34:51,525 [myid:] - INFO [SyncThread:0:SyncRequestProcessor@169] - SyncRequestProcessor exited! [junit] 2015-03-06 12:34:51,526 [myid:] - INFO [main:FinalRequestProcessor@477] - shutdown of request processor complete [junit] 2015-03-06 12:34:51,526 [myid:] - INFO [main:MBeanRegistry@119] - Unregister MBean [org.apache.ZooKeeperService:name0=StandaloneServer_port11221,name1=InMemoryDataTree] [junit] 2015-03-06 12:34:51,527 [myid:] - INFO [main:MBeanRegistry@119] - Unregister MBean [org.apache.ZooKeeperService:name0=StandaloneServer_port11221] [junit] 2015-03-06 12:34:51,527 [myid:] - INFO [main:FourLetterWordMain@43] - connecting to 127.0.0.1 11221 [junit] 2015-03-06 12:34:51,528 [myid:] - INFO [main:JMXEnv@142] - ensureOnly:[] [junit] 2015-03-06 12:34:51,532 [myid:] - INFO [main:ClientBase@546] - fdcount after test is: 46 at start it was 34 [junit] 2015-03-06 12:34:51,532 [myid:] - INFO [main:ClientBase@548] - sleeping for 20 secs [junit] 2015-03-06
ZooKeeper_branch35_jdk7 - Build # 223 - Still Failing
See https://builds.apache.org/job/ZooKeeper_branch35_jdk7/223/ ### ## LAST 60 LINES OF THE CONSOLE ### [...truncated 345223 lines...] [junit] 2015-03-06 15:50:42,323 [myid:] - INFO [main:JMXEnv@142] - ensureOnly:[] [junit] 2015-03-06 15:50:42,325 [myid:] - INFO [main:ClientBase@444] - STARTING server [junit] 2015-03-06 15:50:42,325 [myid:] - INFO [main:ClientBase@365] - CREATING server instance 127.0.0.1:11221 [junit] 2015-03-06 15:50:42,325 [myid:] - INFO [main:NIOServerCnxnFactory@670] - Configuring NIO connection handler with 10s sessionless connection timeout, 2 selector thread(s), 32 worker threads, and 64 kB direct buffers. [junit] 2015-03-06 15:50:42,325 [myid:] - INFO [main:NIOServerCnxnFactory@683] - binding to port 0.0.0.0/0.0.0.0:11221 [junit] 2015-03-06 15:50:42,326 [myid:] - INFO [main:ClientBase@340] - STARTING server instance 127.0.0.1:11221 [junit] 2015-03-06 15:50:42,326 [myid:] - INFO [main:ZooKeeperServer@778] - minSessionTimeout set to 6000 [junit] 2015-03-06 15:50:42,326 [myid:] - INFO [main:ZooKeeperServer@787] - maxSessionTimeout set to 6 [junit] 2015-03-06 15:50:42,326 [myid:] - INFO [main:ZooKeeperServer@153] - Created server with tickTime 3000 minSessionTimeout 6000 maxSessionTimeout 6 datadir /home/jenkins/jenkins-slave/workspace/ZooKeeper_branch35_jdk7/branch-3.5/build/test/tmp/test6274107316917823211.junit.dir/version-2 snapdir /home/jenkins/jenkins-slave/workspace/ZooKeeper_branch35_jdk7/branch-3.5/build/test/tmp/test6274107316917823211.junit.dir/version-2 [junit] 2015-03-06 15:50:42,327 [myid:] - INFO [main:FileSnap@83] - Reading snapshot /home/jenkins/jenkins-slave/workspace/ZooKeeper_branch35_jdk7/branch-3.5/build/test/tmp/test6274107316917823211.junit.dir/version-2/snapshot.b [junit] 2015-03-06 15:50:42,329 [myid:] - INFO [main:FileTxnSnapLog@298] - Snapshotting: 0xb to /home/jenkins/jenkins-slave/workspace/ZooKeeper_branch35_jdk7/branch-3.5/build/test/tmp/test6274107316917823211.junit.dir/version-2/snapshot.b [junit] 2015-03-06 15:50:42,332 [myid:] - INFO [main:FourLetterWordMain@43] - connecting to 127.0.0.1 11221 [junit] 2015-03-06 15:50:42,332 [myid:] - INFO [NIOServerCxnFactory.AcceptThread:0.0.0.0/0.0.0.0:11221:NIOServerCnxnFactory$AcceptThread@296] - Accepted socket connection from /127.0.0.1:49112 [junit] 2015-03-06 15:50:42,333 [myid:] - INFO [NIOWorkerThread-1:NIOServerCnxn@835] - Processing stat command from /127.0.0.1:49112 [junit] 2015-03-06 15:50:42,333 [myid:] - INFO [NIOWorkerThread-1:NIOServerCnxn$StatCommand@684] - Stat command output [junit] 2015-03-06 15:50:42,334 [myid:] - INFO [NIOWorkerThread-1:NIOServerCnxn@1006] - Closed socket connection for client /127.0.0.1:49112 (no session established for client) [junit] 2015-03-06 15:50:42,334 [myid:] - INFO [main:JMXEnv@224] - ensureParent:[InMemoryDataTree, StandaloneServer_port] [junit] 2015-03-06 15:50:42,336 [myid:] - INFO [main:JMXEnv@241] - expect:InMemoryDataTree [junit] 2015-03-06 15:50:42,336 [myid:] - INFO [main:JMXEnv@245] - found:InMemoryDataTree org.apache.ZooKeeperService:name0=StandaloneServer_port11221,name1=InMemoryDataTree [junit] 2015-03-06 15:50:42,336 [myid:] - INFO [main:JMXEnv@241] - expect:StandaloneServer_port [junit] 2015-03-06 15:50:42,337 [myid:] - INFO [main:JMXEnv@245] - found:StandaloneServer_port org.apache.ZooKeeperService:name0=StandaloneServer_port11221 [junit] 2015-03-06 15:50:42,337 [myid:] - INFO [main:JUnit4ZKTestRunner$LoggedInvokeMethod@55] - Memory used 18104 [junit] 2015-03-06 15:50:42,337 [myid:] - INFO [main:JUnit4ZKTestRunner$LoggedInvokeMethod@60] - Number of threads 24 [junit] 2015-03-06 15:50:42,337 [myid:] - INFO [main:JUnit4ZKTestRunner$LoggedInvokeMethod@65] - FINISHED TEST METHOD testQuota [junit] 2015-03-06 15:50:42,338 [myid:] - INFO [main:ClientBase@521] - tearDown starting [junit] 2015-03-06 15:50:42,404 [myid:] - INFO [main:ZooKeeper@968] - Session: 0x103181e0ce8 closed [junit] 2015-03-06 15:50:42,404 [myid:] - INFO [main-EventThread:ClientCnxn$EventThread@531] - EventThread shut down [junit] 2015-03-06 15:50:42,404 [myid:] - INFO [main:ClientBase@491] - STOPPING server [junit] 2015-03-06 15:50:42,405 [myid:] - INFO [ConnnectionExpirer:NIOServerCnxnFactory$ConnectionExpirerThread@583] - ConnnectionExpirerThread interrupted [junit] 2015-03-06 15:50:42,405 [myid:] - INFO [NIOServerCxnFactory.SelectorThread-0:NIOServerCnxnFactory$SelectorThread@420] - selector thread exitted run method [junit] 2015-03-06 15:50:42,405 [myid:] - INFO [NIOServerCxnFactory.SelectorThread-1:NIOServerCnxnFactory$SelectorThread@420] - selector thread exitted run method [junit] 2015-03-06 15:50:42,405 [myid:] - INFO
ZooKeeper-trunk-solaris - Build # 961 - Still Failing
See https://builds.apache.org/job/ZooKeeper-trunk-solaris/961/
###
## LAST 60 LINES OF THE CONSOLE
###
Started by timer
Building remotely on solaris1 (Solaris) in workspace
/export/home/hudson/hudson-slave/workspace/ZooKeeper-trunk-solaris
Updating http://svn.apache.org/repos/asf/zookeeper/trunk at revision
'2015-03-06T11:11:54.287 +'
At revision 1664585
Updating http://svn.apache.org/repos/asf/hadoop/nightly at revision
'2015-03-06T11:11:54.287 +'
At revision 1664585
no change for http://svn.apache.org/repos/asf/zookeeper/trunk since the
previous build
no change for http://svn.apache.org/repos/asf/hadoop/nightly since the previous
build
No emails were triggered.
[locks-and-latches] Checking to see if we really have the locks
[locks-and-latches] Have all the locks, build can start
[ZooKeeper-trunk-solaris] $ /bin/bash /var/tmp/hudson6936426442336801490.sh
[trunk] $
/export/home/hudson/hudson-slave/tools/hudson.tasks.Ant_AntInstallation/ant-1.8.2/bin/ant
-DBUILD_ARGS=-Dfindbugs.home=${FINDBUGS_HOME} -Dforrest.home=${FORREST_HOME}
-Djava5.home=${JAVA5_HOME} -DBUILD_TARGETS=hudson-test-trunk
-DANALYSIS_TARGETS=test -DBUILD_FLAGS=-Dtest.junit.output.format=xml
-Dtest.output=yes -Dtest.output=yes -Dtest.junit.output.format=xml clean
test-core-java
Error: JAVA_HOME is not defined correctly.
We cannot execute /home/jenkins/tools/java/latest1.7/bin/java
Build step 'Invoke Ant' marked build as failure
[locks-and-latches] Releasing all the locks
[locks-and-latches] All the locks released
Recording test results
Email was triggered for: Failure
Sending email for trigger: Failure
###
## FAILED TESTS (if any)
##
No tests ran.
Re: Review Request 31277: ZOOKEEPER-2125: SSL on Netty client-server communication
---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/31277/#review75525
---
src/java/main/org/apache/zookeeper/ClientCnxnSocketNetty.java
https://reviews.apache.org/r/31277/#comment122666
please move sslEngine,sslContext inside the method initSSL(pipeline) as
local variables?
src/java/main/org/apache/zookeeper/ClientCnxnSocketNetty.java
https://reviews.apache.org/r/31277/#comment122662
do we need synchronization here?
src/java/main/org/apache/zookeeper/ClientCnxnSocketNetty.java
https://reviews.apache.org/r/31277/#comment122667
I could see new ZKClientPipelineFactory() is always created and not
required to do null checks here, isn't it?
src/java/main/org/apache/zookeeper/ClientCnxnSocketNetty.java
https://reviews.apache.org/r/31277/#comment122657
this log wouldn't help much, probably you can try include info like
pipeline.getChannel() details. Or can make this DEBUG level priority.
src/java/main/org/apache/zookeeper/common/X509Error.java
https://reviews.apache.org/r/31277/#comment122659
I prefer to use X509Exception instead of X509Error, can you rename this to
X509Exception?
src/java/main/org/apache/zookeeper/server/NettyServerCnxnFactory.java
https://reviews.apache.org/r/31277/#comment122665
same as above, do we need synchronization here?
src/java/main/org/apache/zookeeper/server/NettyServerCnxnFactory.java
https://reviews.apache.org/r/31277/#comment122664
this log wouldn't help much, probably you can try include info like
pipeline.getChannel() details. Or can make this DEBUG level priority.
src/java/main/org/apache/zookeeper/server/ZooKeeperServer.java
https://reviews.apache.org/r/31277/#comment122714
FinalRequestProcessor also has the logic of #closeSession(). I couldn't see
the closure of session from secureCnxnFactory in FinalRequestProcessor.
Please add the same logic of #closeSession() in FinalRequestProcessor as
well.
Refer: FinalRequestProcessor#processRequest()
if (request.type == OpCode.closeSession) {
- Rakesh R
On March 6, 2015, 12:17 a.m., Hongchao Deng wrote:
---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/31277/
---
(Updated March 6, 2015, 12:17 a.m.)
Review request for zookeeper.
Repository: zookeeper-git
Description
---
ZOOKEEPER-2125: SSL on Netty client-server communication
Diffs
-
src/docs/src/documentation/content/xdocs/zookeeperAdmin.xml
202051f1f7f517b1e1a3c561c0008449ab3c48a6
src/java/main/org/apache/zookeeper/ClientCnxnSocketNetty.java PRE-CREATION
src/java/main/org/apache/zookeeper/ZooKeeper.java
dd13cc9ba5096312b06999a03ae0057cd3677623
src/java/main/org/apache/zookeeper/common/X509Error.java PRE-CREATION
src/java/main/org/apache/zookeeper/common/X509Util.java PRE-CREATION
src/java/main/org/apache/zookeeper/server/NIOServerCnxnFactory.java
acabb33f6c7a000706763ccba94cbaf5aaaca08e
src/java/main/org/apache/zookeeper/server/NettyServerCnxnFactory.java
41268805fe16244aeea4db3f35f13a6987b30187
src/java/main/org/apache/zookeeper/server/ServerCnxnFactory.java
14037722c569d560acef56de0b5a7ae13464128c
src/java/main/org/apache/zookeeper/server/ServerConfig.java
f2b8463e871739319bdf40be1f014d5ad0af5602
src/java/main/org/apache/zookeeper/server/ZooKeeperServer.java
30a0ed390bb7473ddb36757da97bc7d5f4281887
src/java/main/org/apache/zookeeper/server/ZooKeeperServerBean.java
0eb5c7f979199f2f7dcb9e5cfa011a9b20113713
src/java/main/org/apache/zookeeper/server/ZooKeeperServerMain.java
b756d349abeb1fc69534100c3633db4c1c18e031
src/java/main/org/apache/zookeeper/server/quorum/Leader.java
20589045752a7ba4ae9c9090055a4fcbe86a8eda
src/java/main/org/apache/zookeeper/server/quorum/Learner.java
4dd1e947357080f3e055f3e7e2a78c979daa6ea7
src/java/main/org/apache/zookeeper/server/quorum/QuorumPeer.java
388ceeb45bd18c7cb8f0766a96ebd4a54a9e76de
src/java/main/org/apache/zookeeper/server/quorum/QuorumPeerConfig.java
badc8df1f05dea4be337bc8312d7ac22f6c77dc3
src/java/main/org/apache/zookeeper/server/quorum/QuorumPeerMain.java
d17c58d59e0131a78adde1becb5c23ce8c7a16a7
src/java/main/org/apache/zookeeper/server/quorum/ReadOnlyZooKeeperServer.java
2aab6d09f9bd980ed76f886fb8168aae2ac8f99f
src/java/test/data/ssl/README.md PRE-CREATION
src/java/test/data/ssl/testKeyStore.jks PRE-CREATION
src/java/test/data/ssl/testTrustStore.jks PRE-CREATION
src/java/test/org/apache/zookeeper/server/quorum/QuorumPeerTestBase.java
6ab19b1eb137c8b13b8ad031d474e213267da1ea
src/java/test/org/apache/zookeeper/server/quorum/Zab1_0Test.java
Re: Review Request 31277: ZOOKEEPER-2125: SSL on Netty client-server communication
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31277/#review75542 --- src/docs/src/documentation/content/xdocs/zookeeperAdmin.xml https://reviews.apache.org/r/31277/#comment122717 Netty usage is pluggable. SSL feature will be enabled when user user plugged-in zookeeper.serverCnxnFactory, zookeeper.clientCnxnSocket as Netty. isn't it? Its good to capture in the document, whats your opinion? - Rakesh R On March 6, 2015, 12:17 a.m., Hongchao Deng wrote: --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31277/ --- (Updated March 6, 2015, 12:17 a.m.) Review request for zookeeper. Repository: zookeeper-git Description --- ZOOKEEPER-2125: SSL on Netty client-server communication Diffs - src/docs/src/documentation/content/xdocs/zookeeperAdmin.xml 202051f1f7f517b1e1a3c561c0008449ab3c48a6 src/java/main/org/apache/zookeeper/ClientCnxnSocketNetty.java PRE-CREATION src/java/main/org/apache/zookeeper/ZooKeeper.java dd13cc9ba5096312b06999a03ae0057cd3677623 src/java/main/org/apache/zookeeper/common/X509Error.java PRE-CREATION src/java/main/org/apache/zookeeper/common/X509Util.java PRE-CREATION src/java/main/org/apache/zookeeper/server/NIOServerCnxnFactory.java acabb33f6c7a000706763ccba94cbaf5aaaca08e src/java/main/org/apache/zookeeper/server/NettyServerCnxnFactory.java 41268805fe16244aeea4db3f35f13a6987b30187 src/java/main/org/apache/zookeeper/server/ServerCnxnFactory.java 14037722c569d560acef56de0b5a7ae13464128c src/java/main/org/apache/zookeeper/server/ServerConfig.java f2b8463e871739319bdf40be1f014d5ad0af5602 src/java/main/org/apache/zookeeper/server/ZooKeeperServer.java 30a0ed390bb7473ddb36757da97bc7d5f4281887 src/java/main/org/apache/zookeeper/server/ZooKeeperServerBean.java 0eb5c7f979199f2f7dcb9e5cfa011a9b20113713 src/java/main/org/apache/zookeeper/server/ZooKeeperServerMain.java b756d349abeb1fc69534100c3633db4c1c18e031 src/java/main/org/apache/zookeeper/server/quorum/Leader.java 20589045752a7ba4ae9c9090055a4fcbe86a8eda src/java/main/org/apache/zookeeper/server/quorum/Learner.java 4dd1e947357080f3e055f3e7e2a78c979daa6ea7 src/java/main/org/apache/zookeeper/server/quorum/QuorumPeer.java 388ceeb45bd18c7cb8f0766a96ebd4a54a9e76de src/java/main/org/apache/zookeeper/server/quorum/QuorumPeerConfig.java badc8df1f05dea4be337bc8312d7ac22f6c77dc3 src/java/main/org/apache/zookeeper/server/quorum/QuorumPeerMain.java d17c58d59e0131a78adde1becb5c23ce8c7a16a7 src/java/main/org/apache/zookeeper/server/quorum/ReadOnlyZooKeeperServer.java 2aab6d09f9bd980ed76f886fb8168aae2ac8f99f src/java/test/data/ssl/README.md PRE-CREATION src/java/test/data/ssl/testKeyStore.jks PRE-CREATION src/java/test/data/ssl/testTrustStore.jks PRE-CREATION src/java/test/org/apache/zookeeper/server/quorum/QuorumPeerTestBase.java 6ab19b1eb137c8b13b8ad031d474e213267da1ea src/java/test/org/apache/zookeeper/server/quorum/Zab1_0Test.java 6ce058e48d17410d89d8348ee659dd7752bfd578 src/java/test/org/apache/zookeeper/test/ReconfigTest.java 8b238ee7463508122010208ebc3e786caa2cf1b1 src/java/test/org/apache/zookeeper/test/SSLTest.java PRE-CREATION Diff: https://reviews.apache.org/r/31277/diff/ Testing --- Thanks, Hongchao Deng
Re: Review Request 31277: ZOOKEEPER-2125: SSL on Netty client-server communication
On March 6, 2015, 8:39 p.m., Rakesh R wrote:
src/java/main/org/apache/zookeeper/common/X509Error.java, line 21
https://reviews.apache.org/r/31277/diff/11/?file=886450#file886450line21
I prefer to use X509Exception instead of X509Error, can you rename this
to X509Exception?
Hongchao Deng wrote:
Sure
Hongchao Deng wrote:
Hi Rakesh, findbugs complains that X509Exception didn't extend Exception.
I think changing back to X509Error will work. Any opinions?
Can we do like,
@SuppressWarnings(serial)
public class X509Exception extends Exception {
public X509Exception(String message) {
super(message);
}
public X509Exception(Throwable cause) {
super(cause);
}
public X509Exception(String message, Throwable cause) {
super(message, cause);
}
public static class KeyManagerException extends X509Exception {
// ... add necessary calls
}
public static class TrustManagerException extends X509Exception {
// ... add necessary calls
}
public static class SSLContextException extends X509Exception {
// ... add necessary calls
}
- Rakesh
---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/31277/#review75525
---
On March 7, 2015, 1:04 a.m., Hongchao Deng wrote:
---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/31277/
---
(Updated March 7, 2015, 1:04 a.m.)
Review request for zookeeper.
Repository: zookeeper-git
Description
---
ZOOKEEPER-2125: SSL on Netty client-server communication
Diffs
-
src/docs/src/documentation/content/xdocs/zookeeperAdmin.xml
202051f1f7f517b1e1a3c561c0008449ab3c48a6
src/java/main/org/apache/zookeeper/ClientCnxnSocketNetty.java PRE-CREATION
src/java/main/org/apache/zookeeper/ZooKeeper.java
dd13cc9ba5096312b06999a03ae0057cd3677623
src/java/main/org/apache/zookeeper/common/X509Exception.java PRE-CREATION
src/java/main/org/apache/zookeeper/common/X509Util.java PRE-CREATION
src/java/main/org/apache/zookeeper/server/FinalRequestProcessor.java
a97be4a5452006fbd85d355c0dcb16276cbf1c59
src/java/main/org/apache/zookeeper/server/NIOServerCnxnFactory.java
acabb33f6c7a000706763ccba94cbaf5aaaca08e
src/java/main/org/apache/zookeeper/server/NettyServerCnxnFactory.java
41268805fe16244aeea4db3f35f13a6987b30187
src/java/main/org/apache/zookeeper/server/ServerCnxnFactory.java
14037722c569d560acef56de0b5a7ae13464128c
src/java/main/org/apache/zookeeper/server/ServerConfig.java
f2b8463e871739319bdf40be1f014d5ad0af5602
src/java/main/org/apache/zookeeper/server/ZooKeeperServer.java
30a0ed390bb7473ddb36757da97bc7d5f4281887
src/java/main/org/apache/zookeeper/server/ZooKeeperServerBean.java
0eb5c7f979199f2f7dcb9e5cfa011a9b20113713
src/java/main/org/apache/zookeeper/server/ZooKeeperServerMain.java
b756d349abeb1fc69534100c3633db4c1c18e031
src/java/main/org/apache/zookeeper/server/quorum/Leader.java
20589045752a7ba4ae9c9090055a4fcbe86a8eda
src/java/main/org/apache/zookeeper/server/quorum/Learner.java
4dd1e947357080f3e055f3e7e2a78c979daa6ea7
src/java/main/org/apache/zookeeper/server/quorum/QuorumPeer.java
388ceeb45bd18c7cb8f0766a96ebd4a54a9e76de
src/java/main/org/apache/zookeeper/server/quorum/QuorumPeerConfig.java
badc8df1f05dea4be337bc8312d7ac22f6c77dc3
src/java/main/org/apache/zookeeper/server/quorum/QuorumPeerMain.java
d17c58d59e0131a78adde1becb5c23ce8c7a16a7
src/java/main/org/apache/zookeeper/server/quorum/ReadOnlyZooKeeperServer.java
2aab6d09f9bd980ed76f886fb8168aae2ac8f99f
src/java/test/org/apache/zookeeper/server/quorum/QuorumPeerTestBase.java
6ab19b1eb137c8b13b8ad031d474e213267da1ea
src/java/test/org/apache/zookeeper/server/quorum/Zab1_0Test.java
6ce058e48d17410d89d8348ee659dd7752bfd578
src/java/test/org/apache/zookeeper/test/ReconfigTest.java
8b238ee7463508122010208ebc3e786caa2cf1b1
src/java/test/org/apache/zookeeper/test/SSLTest.java PRE-CREATION
Diff: https://reviews.apache.org/r/31277/diff/
Testing
---
Thanks,
Hongchao Deng
Re: Review Request 31277: ZOOKEEPER-2125: SSL on Netty client-server communication
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31277/#review75616 --- src/java/main/org/apache/zookeeper/server/FinalRequestProcessor.java https://reviews.apache.org/r/31277/#comment122819 Can we extract this to a method to avoid duplication - Rakesh R On March 7, 2015, 1:04 a.m., Hongchao Deng wrote: --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31277/ --- (Updated March 7, 2015, 1:04 a.m.) Review request for zookeeper. Repository: zookeeper-git Description --- ZOOKEEPER-2125: SSL on Netty client-server communication Diffs - src/docs/src/documentation/content/xdocs/zookeeperAdmin.xml 202051f1f7f517b1e1a3c561c0008449ab3c48a6 src/java/main/org/apache/zookeeper/ClientCnxnSocketNetty.java PRE-CREATION src/java/main/org/apache/zookeeper/ZooKeeper.java dd13cc9ba5096312b06999a03ae0057cd3677623 src/java/main/org/apache/zookeeper/common/X509Exception.java PRE-CREATION src/java/main/org/apache/zookeeper/common/X509Util.java PRE-CREATION src/java/main/org/apache/zookeeper/server/FinalRequestProcessor.java a97be4a5452006fbd85d355c0dcb16276cbf1c59 src/java/main/org/apache/zookeeper/server/NIOServerCnxnFactory.java acabb33f6c7a000706763ccba94cbaf5aaaca08e src/java/main/org/apache/zookeeper/server/NettyServerCnxnFactory.java 41268805fe16244aeea4db3f35f13a6987b30187 src/java/main/org/apache/zookeeper/server/ServerCnxnFactory.java 14037722c569d560acef56de0b5a7ae13464128c src/java/main/org/apache/zookeeper/server/ServerConfig.java f2b8463e871739319bdf40be1f014d5ad0af5602 src/java/main/org/apache/zookeeper/server/ZooKeeperServer.java 30a0ed390bb7473ddb36757da97bc7d5f4281887 src/java/main/org/apache/zookeeper/server/ZooKeeperServerBean.java 0eb5c7f979199f2f7dcb9e5cfa011a9b20113713 src/java/main/org/apache/zookeeper/server/ZooKeeperServerMain.java b756d349abeb1fc69534100c3633db4c1c18e031 src/java/main/org/apache/zookeeper/server/quorum/Leader.java 20589045752a7ba4ae9c9090055a4fcbe86a8eda src/java/main/org/apache/zookeeper/server/quorum/Learner.java 4dd1e947357080f3e055f3e7e2a78c979daa6ea7 src/java/main/org/apache/zookeeper/server/quorum/QuorumPeer.java 388ceeb45bd18c7cb8f0766a96ebd4a54a9e76de src/java/main/org/apache/zookeeper/server/quorum/QuorumPeerConfig.java badc8df1f05dea4be337bc8312d7ac22f6c77dc3 src/java/main/org/apache/zookeeper/server/quorum/QuorumPeerMain.java d17c58d59e0131a78adde1becb5c23ce8c7a16a7 src/java/main/org/apache/zookeeper/server/quorum/ReadOnlyZooKeeperServer.java 2aab6d09f9bd980ed76f886fb8168aae2ac8f99f src/java/test/org/apache/zookeeper/server/quorum/QuorumPeerTestBase.java 6ab19b1eb137c8b13b8ad031d474e213267da1ea src/java/test/org/apache/zookeeper/server/quorum/Zab1_0Test.java 6ce058e48d17410d89d8348ee659dd7752bfd578 src/java/test/org/apache/zookeeper/test/ReconfigTest.java 8b238ee7463508122010208ebc3e786caa2cf1b1 src/java/test/org/apache/zookeeper/test/SSLTest.java PRE-CREATION Diff: https://reviews.apache.org/r/31277/diff/ Testing --- Thanks, Hongchao Deng
Re: Review Request 31277: ZOOKEEPER-2125: SSL on Netty client-server communication
On March 7, 2015, 5:24 a.m., Rakesh R wrote: src/java/main/org/apache/zookeeper/server/FinalRequestProcessor.java, line 493 https://reviews.apache.org/r/31277/diff/14/?file=888101#file888101line493 Can we extract this to a method to avoid duplication adding few more to the above comment, : both cf anf scf logic looks same, so we can extract to a closeSession method and pass cf argument. on return will check success then return else do scf. - Rakesh --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31277/#review75616 --- On March 7, 2015, 1:04 a.m., Hongchao Deng wrote: --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31277/ --- (Updated March 7, 2015, 1:04 a.m.) Review request for zookeeper. Repository: zookeeper-git Description --- ZOOKEEPER-2125: SSL on Netty client-server communication Diffs - src/docs/src/documentation/content/xdocs/zookeeperAdmin.xml 202051f1f7f517b1e1a3c561c0008449ab3c48a6 src/java/main/org/apache/zookeeper/ClientCnxnSocketNetty.java PRE-CREATION src/java/main/org/apache/zookeeper/ZooKeeper.java dd13cc9ba5096312b06999a03ae0057cd3677623 src/java/main/org/apache/zookeeper/common/X509Exception.java PRE-CREATION src/java/main/org/apache/zookeeper/common/X509Util.java PRE-CREATION src/java/main/org/apache/zookeeper/server/FinalRequestProcessor.java a97be4a5452006fbd85d355c0dcb16276cbf1c59 src/java/main/org/apache/zookeeper/server/NIOServerCnxnFactory.java acabb33f6c7a000706763ccba94cbaf5aaaca08e src/java/main/org/apache/zookeeper/server/NettyServerCnxnFactory.java 41268805fe16244aeea4db3f35f13a6987b30187 src/java/main/org/apache/zookeeper/server/ServerCnxnFactory.java 14037722c569d560acef56de0b5a7ae13464128c src/java/main/org/apache/zookeeper/server/ServerConfig.java f2b8463e871739319bdf40be1f014d5ad0af5602 src/java/main/org/apache/zookeeper/server/ZooKeeperServer.java 30a0ed390bb7473ddb36757da97bc7d5f4281887 src/java/main/org/apache/zookeeper/server/ZooKeeperServerBean.java 0eb5c7f979199f2f7dcb9e5cfa011a9b20113713 src/java/main/org/apache/zookeeper/server/ZooKeeperServerMain.java b756d349abeb1fc69534100c3633db4c1c18e031 src/java/main/org/apache/zookeeper/server/quorum/Leader.java 20589045752a7ba4ae9c9090055a4fcbe86a8eda src/java/main/org/apache/zookeeper/server/quorum/Learner.java 4dd1e947357080f3e055f3e7e2a78c979daa6ea7 src/java/main/org/apache/zookeeper/server/quorum/QuorumPeer.java 388ceeb45bd18c7cb8f0766a96ebd4a54a9e76de src/java/main/org/apache/zookeeper/server/quorum/QuorumPeerConfig.java badc8df1f05dea4be337bc8312d7ac22f6c77dc3 src/java/main/org/apache/zookeeper/server/quorum/QuorumPeerMain.java d17c58d59e0131a78adde1becb5c23ce8c7a16a7 src/java/main/org/apache/zookeeper/server/quorum/ReadOnlyZooKeeperServer.java 2aab6d09f9bd980ed76f886fb8168aae2ac8f99f src/java/test/org/apache/zookeeper/server/quorum/QuorumPeerTestBase.java 6ab19b1eb137c8b13b8ad031d474e213267da1ea src/java/test/org/apache/zookeeper/server/quorum/Zab1_0Test.java 6ce058e48d17410d89d8348ee659dd7752bfd578 src/java/test/org/apache/zookeeper/test/ReconfigTest.java 8b238ee7463508122010208ebc3e786caa2cf1b1 src/java/test/org/apache/zookeeper/test/SSLTest.java PRE-CREATION Diff: https://reviews.apache.org/r/31277/diff/ Testing --- Thanks, Hongchao Deng
