hadoop-hdfs-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Stephen Chu (JIRA)" <j...@apache.org>
Subject [jira] [Created] (HDFS-6733) Creating encryption zone results in NPE when KeyProvider is null
Date Tue, 22 Jul 2014 23:24:38 GMT
Stephen Chu created HDFS-6733:

             Summary: Creating encryption zone results in NPE when KeyProvider is null
                 Key: HDFS-6733
                 URL: https://issues.apache.org/jira/browse/HDFS-6733
             Project: Hadoop HDFS
          Issue Type: Sub-task
          Components: security
    Affects Versions: fs-encryption (HADOOP-10150 and HDFS-6134)
            Reporter: Stephen Chu

When users try to create an encryption zone on a system that is not configured with a KeyProvider,
they will run into a NullPointerException.

For example:
[hdfs@schu-enc2 ~]$ hdfs crypto -createZone -keyName abc123 -path /user/hdfs
2014-07-22 23:18:23,273 WARN  [main] crypto.CryptoCodec (CryptoCodec.java:getInstance(70))
- Crypto codec org.apache.hadoop.crypto.OpensslAesCtrCryptoCodec is not available.
RemoteException: java.lang.NullPointerException

This error happens in FSNamesystem.createEncryptionZone(FSNamesystem.java:8456):

    try {
      if (keyName == null || keyName.isEmpty()) {
        keyName = UUID.randomUUID().toString();
        createNewKey(keyName, src);
        createdKey = true;
      } else {
        KeyVersion keyVersion = provider.getCurrentKey(keyName);
        if (keyVersion == null) {

provider can be null.

An improvement would be to make the error message more specific/say that KeyProvider was not

This message was sent by Atlassian JIRA

View raw message