You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@ozone.apache.org by GitBox <gi...@apache.org> on 2023/01/06 07:42:09 UTC

[GitHub] [ozone] ashishkumar50 opened a new pull request, #4149: HDDS-7708. No check for certificate duration config scenarios.

ashishkumar50 opened a new pull request, #4149:
URL: https://github.com/apache/ozone/pull/4149

   ## What changes were proposed in this pull request?
   
   Certificate configuration validation is handled in this change, any wrong configuration done by user will not lead to wrong behaviour.
   
   ## What is the link to the Apache JIRA
   
   https://issues.apache.org/jira/browse/HDDS-7708
   
   ## How was this patch tested?
   
   Code has been built locally and manually tested.
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org
For additional commands, e-mail: issues-help@ozone.apache.org

[GitHub] [ozone] ChenSammi commented on pull request #4149: HDDS-7708. No check for certificate duration config scenarios.

Posted by GitBox <gi...@apache.org>.

ChenSammi commented on PR #4149:
URL: https://github.com/apache/ozone/pull/4149#issuecomment-1373597064

   +1, thanks @ashishkumar50 for fix the issue. 


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org
For additional commands, e-mail: issues-help@ozone.apache.org

[GitHub] [ozone] ChenSammi merged pull request #4149: HDDS-7708. No check for certificate duration config scenarios.

Posted by GitBox <gi...@apache.org>.

ChenSammi merged PR #4149:
URL: https://github.com/apache/ozone/pull/4149


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org
For additional commands, e-mail: issues-help@ozone.apache.org

[GitHub] [ozone] ashishkumar50 commented on a diff in pull request #4149: HDDS-7708. No check for certificate duration config scenarios.

Posted by GitBox <gi...@apache.org>.

ashishkumar50 commented on code in PR #4149:
URL: https://github.com/apache/ozone/pull/4149#discussion_r1063335734


##########
hadoop-hdds/common/src/main/java/org/apache/hadoop/hdds/security/x509/SecurityConfig.java:
##########
@@ -228,6 +223,44 @@ public SecurityConfig(ConfigurationSource configuration) {
         TimeUnit.MILLISECONDS);
   }
 
+  /**
+   * Check for certificate validity configuration.
+   */
+  private void validateCertificateValidityConfig() {
+    if (maxCertDuration.isNegative() || maxCertDuration.isZero()) {
+      LOG.error("Certificate maxDuration {} should not be zero or negative",

Review Comment:
   Updated.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org
For additional commands, e-mail: issues-help@ozone.apache.org

[GitHub] [ozone] ChenSammi commented on a diff in pull request #4149: HDDS-7708. No check for certificate duration config scenarios.

Posted by GitBox <gi...@apache.org>.

ChenSammi commented on code in PR #4149:
URL: https://github.com/apache/ozone/pull/4149#discussion_r1063284571


##########
hadoop-hdds/common/src/main/java/org/apache/hadoop/hdds/security/x509/SecurityConfig.java:
##########
@@ -228,6 +223,44 @@ public SecurityConfig(ConfigurationSource configuration) {
         TimeUnit.MILLISECONDS);
   }
 
+  /**
+   * Check for certificate validity configuration.
+   */
+  private void validateCertificateValidityConfig() {
+    if (maxCertDuration.isNegative() || maxCertDuration.isZero()) {
+      LOG.error("Certificate maxDuration {} should not be zero or negative",

Review Comment:
   Please add the property name in the error message, like this 
   
   String msg = "Property " + HDDS_X509_MAX_DURATION + " should not be zero or negative"; 
   Log.error(msg);
   throw new IllegalArgumentException(msg); 
   



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org
For additional commands, e-mail: issues-help@ozone.apache.org