hadoop-hdfs-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Evert Lammerts (Updated) (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (HDFS-3059) ssl-server.xml causes NullPointer
Date Thu, 08 Mar 2012 08:50:59 GMT

     [ https://issues.apache.org/jira/browse/HDFS-3059?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Evert Lammerts updated HDFS-3059:
---------------------------------

    Attachment: HDFS-3059.patch.2

Second try, with better feedback
                
> ssl-server.xml causes NullPointer
> ---------------------------------
>
>                 Key: HDFS-3059
>                 URL: https://issues.apache.org/jira/browse/HDFS-3059
>             Project: Hadoop HDFS
>          Issue Type: Bug
>          Components: data-node, security
>    Affects Versions: 0.20.205.0, 1.0.0
>         Environment: in core-site.xml:
> {code:xml}
>   <property>
>     <name>hadoop.security.authentication</name>
>     <value>kerberos</value>
>   </property>
>   <property>
>     <name>hadoop.security.authorization</name>
>     <value>true</value>
>   </property>
> {code}
> in hdfs-site.xml:
> {code:xml}
>   <property>
>     <name>dfs.https.server.keystore.resource</name>
>     <value>/etc/hadoop/conf/ssl-server.xml</value>
>   </property>
>   <property>
>     <name>dfs.https.enable</name>
>     <value>true</value>
>   </property>
>   <property>
>     ...other security props
>   </property>
> {code}
>            Reporter: Evert Lammerts
>            Priority: Minor
>         Attachments: HDFS-3059.patch, HDFS-3059.patch.2
>
>
> If ssl is enabled (dfs.https.enable) but ssl-server.xml is not available, a DN will crash
during startup while setting up an SSL socket with a NullPointerException:
> {noformat}12/03/07 17:08:36 DEBUG security.Krb5AndCertsSslSocketConnector: useKerb =
false, useCerts = true
> jetty.ssl.password : jetty.ssl.keypassword : 12/03/07 17:08:36 INFO mortbay.log: jetty-6.1.26.cloudera.1
> 12/03/07 17:08:36 INFO mortbay.log: Started SelectChannelConnector@p-worker35.alley.sara.nl:1006
> 12/03/07 17:08:36 DEBUG security.Krb5AndCertsSslSocketConnector: Creating new KrbServerSocket
for: 0.0.0.0
> 12/03/07 17:08:36 WARN mortbay.log: java.lang.NullPointerException
> 12/03/07 17:08:36 WARN mortbay.log: failed Krb5AndCertsSslSocketConnector@0.0.0.0:50475:
java.io.IOException: !JsseListener: java.lang.NullPointerException
> 12/03/07 17:08:36 WARN mortbay.log: failed Server@604788d5: java.io.IOException: !JsseListener:
java.lang.NullPointerException
> 12/03/07 17:08:36 INFO mortbay.log: Stopped Krb5AndCertsSslSocketConnector@0.0.0.0:50475
> 12/03/07 17:08:36 INFO mortbay.log: Stopped SelectChannelConnector@p-worker35.alley.sara.nl:1006
> 12/03/07 17:08:37 INFO datanode.DataNode: Waiting for threadgroup to exit, active threads
is 0{noformat}
> The same happens if I set an absolute path to an existing dfs.https.server.keystore.resource
- in this case the file cannot be found but not even a WARN is given.
> Since in dfs.https.server.keystore.resource we know we need to have 4 properties specified
(ssl.server.truststore.location, ssl.server.keystore.location, ssl.server.keystore.password,
and ssl.server.keystore.keypassword) we should check if they are set and throw an IOException
if they are not.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message