Uploaded image for project: 'Hadoop HDFS'
  1. Hadoop HDFS
  2. HDFS-9309

Tests that use KeyStoreUtil must call KeyStoreUtil.cleanupSSLConfig()

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Minor
    • Resolution: Cannot Reproduce
    • None
    • None
    • None

    Description

      When KeyStoreUtil.setupSSLConfig() is called, several files are created (ssl-server.xml, ssl-client.xml, trustKS.jks, clientKS.jks, serverKS.jks). However, if they are not deleted upon exit, weird thing can happen to any subsequent tests.

      For example, if ssl-client.xml is not delete, but trustKS.jks is deleted, TestWebHDFSOAuth2.listStatusReturnsAsExpected will fail with message:

      java.io.IOException: Unable to load OAuth2 connection factory.
      	at java.io.FileInputStream.open(Native Method)
      	at java.io.FileInputStream.<init>(FileInputStream.java:146)
      	at org.apache.hadoop.security.ssl.ReloadingX509TrustManager.loadTrustManager(ReloadingX509TrustManager.java:164)
      	at org.apache.hadoop.security.ssl.ReloadingX509TrustManager.<init>(ReloadingX509TrustManager.java:81)
      	at org.apache.hadoop.security.ssl.FileBasedKeyStoresFactory.init(FileBasedKeyStoresFactory.java:215)
      	at org.apache.hadoop.security.ssl.SSLFactory.init(SSLFactory.java:131)
      	at org.apache.hadoop.hdfs.web.URLConnectionFactory.newSslConnConfigurator(URLConnectionFactory.java:138)
      	at org.apache.hadoop.hdfs.web.URLConnectionFactory.newOAuth2URLConnectionFactory(URLConnectionFactory.java:112)
      	at org.apache.hadoop.hdfs.web.WebHdfsFileSystem.initialize(WebHdfsFileSystem.java:163)
      	at org.apache.hadoop.hdfs.web.TestWebHDFSOAuth2.listStatusReturnsAsExpected(TestWebHDFSOAuth2.java:147)
      

      There are currently several tests that do not clean up:

      130 ✗ weichiu@weichiu ~/trunk (trunk) $ grep -rnw . -e 'KeyStoreTestUtil\.setupSSLConfig' | cut -d: -f1 |xargs grep -L "KeyStoreTestUtil\.cleanupSSLConfig"
      ./hadoop-common-project/hadoop-kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/TestKMS.java
      ./hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-applicationhistoryservice/src/test/java/org/apache/hadoop/yarn/server/timeline/webapp/TestTimelineWebServicesWithSSL.java
      ./hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/web/TestWebHdfsTokens.java
      ./hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/protocol/datatransfer/sasl/SaslDataTransferTestCase.java
      ./hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/qjournal/TestSecureNNWithQJM.java
      ./hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/server/namenode/TestNameNodeRespectsBindHostKeys.java
      ./hadoop-hdfs-project/hadoop-hdfs-httpfs/src/test/java/org/apache/hadoop/fs/http/client/TestHttpFSFWithSWebhdfsFileSystem.java
      

      This JIRA is the effort to remove the bug.

      Attachments

        1. HDFS-9309.001.patch
          8 kB
          Wei-Chiu Chuang
        2. HDFS-9309.002.patch
          9 kB
          Wei-Chiu Chuang

        Issue Links

          Activity

            People

              Unassigned Unassigned
              weichiu Wei-Chiu Chuang
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: