You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-commits@hadoop.apache.org by el...@apache.org on 2019/04/02 13:54:33 UTC

[hadoop] branch ozone-0.4 updated: HDDS-1355. Only FQDN is accepted for OM rpc address in secure environment. Contributed by Ajay Kumar.

This is an automated email from the ASF dual-hosted git repository.

elek pushed a commit to branch ozone-0.4
in repository https://gitbox.apache.org/repos/asf/hadoop.git


The following commit(s) were added to refs/heads/ozone-0.4 by this push:
     new 7030e6e  HDDS-1355. Only FQDN is accepted for OM rpc address in secure environment. Contributed by Ajay Kumar.
7030e6e is described below

commit 7030e6ef92fde349b053ea43726dbe436b7522a2
Author: Ajay Kumar <aj...@apache.org>
AuthorDate: Mon Apr 1 17:06:42 2019 -0700

    HDDS-1355. Only FQDN is accepted for OM rpc address in secure environment. Contributed by Ajay Kumar.
    
    Closes #677
    
    (cherry picked from commit bfc90bdc642bb93be1a8ad30cc482d615252bc43)
---
 .../apache/hadoop/ozone/om/TestSecureOzoneManager.java  | 17 +++++++++++++++++
 .../java/org/apache/hadoop/ozone/om/OzoneManager.java   | 10 +++++++---
 2 files changed, 24 insertions(+), 3 deletions(-)

diff --git a/hadoop-ozone/integration-test/src/test/java/org/apache/hadoop/ozone/om/TestSecureOzoneManager.java b/hadoop-ozone/integration-test/src/test/java/org/apache/hadoop/ozone/om/TestSecureOzoneManager.java
index 57e697e..888a650 100644
--- a/hadoop-ozone/integration-test/src/test/java/org/apache/hadoop/ozone/om/TestSecureOzoneManager.java
+++ b/hadoop-ozone/integration-test/src/test/java/org/apache/hadoop/ozone/om/TestSecureOzoneManager.java
@@ -51,6 +51,7 @@ import static org.apache.hadoop.hdds.scm.ScmConfigKeys.OZONE_SCM_NAMES;
 import static org.apache.hadoop.ozone.OzoneConfigKeys.OZONE_ACL_ENABLED;
 import static org.apache.hadoop.ozone.OzoneConfigKeys.OZONE_OPEN_KEY_EXPIRE_THRESHOLD_SECONDS;
 import static org.apache.hadoop.ozone.OzoneConfigKeys.OZONE_SECURITY_ENABLED_KEY;
+import static org.apache.hadoop.ozone.om.OMConfigKeys.OZONE_OM_ADDRESS_KEY;
 import static org.apache.hadoop.security.UserGroupInformation.AuthenticationMethod.KERBEROS;
 import static org.apache.hadoop.test.GenericTestUtils.*;
 
@@ -221,4 +222,20 @@ public class TestSecureOzoneManager {
     omLogs.clearOutput();
   }
 
+  /**
+   * Test om bind socket address.
+   */
+  @Test
+  public void testSecureOmInitFailure() throws Exception {
+    OzoneConfiguration config = new OzoneConfiguration(conf);
+    OMStorage omStorage = new OMStorage(config);
+    omStorage.setClusterId(clusterId);
+    omStorage.setScmId(scmId);
+    omStorage.setOmId(omId);
+    config.set(OZONE_OM_ADDRESS_KEY, "om-unknown");
+    LambdaTestUtils.intercept(RuntimeException.class, "Can't get SCM signed" +
+            " certificate",
+        () -> OzoneManager.initializeSecurity(config, omStorage));
+  }
+
 }
diff --git a/hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/OzoneManager.java b/hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/OzoneManager.java
index f9d0be0..f85a203 100644
--- a/hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/OzoneManager.java
+++ b/hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/OzoneManager.java
@@ -1366,8 +1366,12 @@ public final class OzoneManager extends ServiceRuntimeInfoImpl
     KeyPair keyPair = new KeyPair(client.getPublicKey(),
         client.getPrivateKey());
     InetSocketAddress omRpcAdd;
-
     omRpcAdd = OmUtils.getOmAddress(config);
+    if (omRpcAdd == null || omRpcAdd.getAddress() == null) {
+      LOG.error("Incorrect om rpc address. omRpcAdd:{}", omRpcAdd);
+      throw new RuntimeException("Can't get SCM signed certificate. " +
+          "omRpcAdd: " + omRpcAdd);
+    }
     // Get host name.
     String hostname = omRpcAdd.getAddress().getHostName();
 
@@ -1380,7 +1384,7 @@ public final class OzoneManager extends ServiceRuntimeInfoImpl
         .setScmID(omStore.getScmId())
         .setClusterID(omStore.getClusterID())
         .setSubject(subject)
-        .addIpAddress(omRpcAdd.getAddress().getHostAddress());
+        .addIpAddress(hostname);
 
     LOG.info("Creating csr for OM->dns:{},ip:{},scmId:{},clusterId:{}," +
             "subject:{}", hostname, omRpcAdd.getAddress().getHostAddress(),
@@ -1389,7 +1393,7 @@ public final class OzoneManager extends ServiceRuntimeInfoImpl
     HddsProtos.OzoneManagerDetailsProto.Builder omDetailsProtoBuilder =
         HddsProtos.OzoneManagerDetailsProto.newBuilder()
             .setHostName(omRpcAdd.getHostName())
-            .setIpAddress(omRpcAdd.getAddress().getHostAddress())
+            .setIpAddress(hostname)
             .setUuid(omStore.getOmId())
             .addPorts(HddsProtos.Port.newBuilder()
                 .setName(RPC_PORT)


---------------------------------------------------------------------
To unsubscribe, e-mail: common-commits-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-commits-help@hadoop.apache.org