You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@kudu.apache.org by da...@apache.org on 2017/03/07 23:51:04 UTC
[1/2] kudu git commit: [exactly_once_rpc-test] Reduce flakyness of
TestExactlyOnceSemanticsGarbageCollection
Repository: kudu
Updated Branches:
refs/heads/master 97831eadf -> f24307db4
[exactly_once_rpc-test] Reduce flakyness of TestExactlyOnceSemanticsGarbageCollection
This test is failing frequently in the last call with either:
Bad status: Network error: Recv() got EOF from remote (error 108)
or
Bad status: Network error: recv error: Connection reset by peer (error 104)
This test waits for "--remember_clients_ttl_ms" to have elapsed
before attempting a new call (that should then see that the server
no longer remembers the client).
The problem is that keepalive is set to be precisely the same amount
of time than "--remember_clients_ttl_ms", making it possible that
when the client tries the call after the wait, the connection has
been closed.
This patch fixes this by reducing "--remember_clients_ttl_ms" to
half (500 msecs).
Change-Id: Idae93a637f3b34bf040e1f523301ccb085e4ca75
Reviewed-on: http://gerrit.cloudera.org:8080/6280
Tested-by: Kudu Jenkins
Reviewed-by: Jean-Daniel Cryans <jd...@apache.org>
Project: http://git-wip-us.apache.org/repos/asf/kudu/repo
Commit: http://git-wip-us.apache.org/repos/asf/kudu/commit/b6cf6b6b
Tree: http://git-wip-us.apache.org/repos/asf/kudu/tree/b6cf6b6b
Diff: http://git-wip-us.apache.org/repos/asf/kudu/diff/b6cf6b6b
Branch: refs/heads/master
Commit: b6cf6b6b877062f2888d94493abe9c3bf97a29a5
Parents: 97831ea
Author: David Alves <dr...@apache.org>
Authored: Mon Mar 6 18:10:17 2017 -0800
Committer: Jean-Daniel Cryans <jd...@apache.org>
Committed: Tue Mar 7 18:17:17 2017 +0000
----------------------------------------------------------------------
src/kudu/rpc/exactly_once_rpc-test.cc | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/kudu/blob/b6cf6b6b/src/kudu/rpc/exactly_once_rpc-test.cc
----------------------------------------------------------------------
diff --git a/src/kudu/rpc/exactly_once_rpc-test.cc b/src/kudu/rpc/exactly_once_rpc-test.cc
index 6941f38..d64f6be 100644
--- a/src/kudu/rpc/exactly_once_rpc-test.cc
+++ b/src/kudu/rpc/exactly_once_rpc-test.cc
@@ -484,7 +484,7 @@ TEST_F(ExactlyOnceRpcTest, TestExactlyOnceSemanticsWithConcurrentUpdaters) {
}
TEST_F(ExactlyOnceRpcTest, TestExactlyOnceSemanticsGarbageCollection) {
- FLAGS_remember_clients_ttl_ms = 1000;
+ FLAGS_remember_clients_ttl_ms = 500;
FLAGS_remember_responses_ttl_ms = 100;
StartServer();
[2/2] kudu git commit: [rpc] Do not send error reply for invalid
connection context
Posted by da...@apache.org.
[rpc] Do not send error reply for invalid connection context
We recently introduced a nonce into the KRPC protocol when using
Kerberos for authentication. The client sends the encoded nonce to the
server in the connection context message, to which the client does not
expect a reply. This commit changes the server to not reply when the
nonce is mismatched, because it causes the client to issue a warning:
I0307 14:37:44.546371 166811 connection.cc:524] client connection to 10.17.246.26:7051: Got a response for call id -33 which was not pending! Ignoring.
This message could be a red-herring since it indicates that the protocol
implementation is broken. Instead, we just have the server drop the
connection on nonce mismatch, and rely on server-side logs to indicate
the failure.
This issue was found when a client version with Kerberos support but
without nonce support connected to a server with nonce support, which
will never happen 'in the real world' with released Kudu versions.
Change-Id: Ifc7d2726c37ad59fbe409375dc6605a73a4035b3
Reviewed-on: http://gerrit.cloudera.org:8080/6302
Tested-by: Kudu Jenkins
Reviewed-by: Todd Lipcon <to...@apache.org>
Project: http://git-wip-us.apache.org/repos/asf/kudu/repo
Commit: http://git-wip-us.apache.org/repos/asf/kudu/commit/f24307db
Tree: http://git-wip-us.apache.org/repos/asf/kudu/tree/f24307db
Diff: http://git-wip-us.apache.org/repos/asf/kudu/diff/f24307db
Branch: refs/heads/master
Commit: f24307db4deda6e9da037514afc5573f1231cdfb
Parents: b6cf6b6
Author: Dan Burkert <da...@apache.org>
Authored: Tue Mar 7 15:03:28 2017 -0800
Committer: Dan Burkert <da...@apache.org>
Committed: Tue Mar 7 23:50:37 2017 +0000
----------------------------------------------------------------------
src/kudu/rpc/server_negotiation.cc | 12 +++---------
1 file changed, 3 insertions(+), 9 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/kudu/blob/f24307db/src/kudu/rpc/server_negotiation.cc
----------------------------------------------------------------------
diff --git a/src/kudu/rpc/server_negotiation.cc b/src/kudu/rpc/server_negotiation.cc
index aab311e..ab31c0b 100644
--- a/src/kudu/rpc/server_negotiation.cc
+++ b/src/kudu/rpc/server_negotiation.cc
@@ -777,17 +777,13 @@ Status ServerNegotiation::RecvConnectionContext(faststring* recv_buf) {
Status s;
// Validate that the client returned the correct SASL protected nonce.
if (!conn_context.has_encoded_nonce()) {
- s = Status::NotAuthorized("ConnectionContextPB wrapped nonce missing");
- RETURN_NOT_OK(SendError(ErrorStatusPB::FATAL_UNAUTHORIZED, s));
- return s;
+ return Status::NotAuthorized("ConnectionContextPB wrapped nonce missing");
}
string decoded_nonce;
s = SaslDecode(sasl_conn_.get(), conn_context.encoded_nonce(), &decoded_nonce);
if (!s.ok()) {
- s = Status::NotAuthorized("failed to decode nonce", s.message());
- RETURN_NOT_OK(SendError(ErrorStatusPB::FATAL_UNAUTHORIZED, s));
- return s;
+ return Status::NotAuthorized("failed to decode nonce", s.message());
}
if (*nonce_ != decoded_nonce) {
@@ -796,9 +792,7 @@ Status ServerNegotiation::RecvConnectionContext(faststring* recv_buf) {
LOG(WARNING) << "Received an invalid connection nonce from client "
<< addr.ToString()
<< ", this could indicate a replay attack";
- s = Status::NotAuthorized("nonce mismatch");
- RETURN_NOT_OK(SendError(ErrorStatusPB::FATAL_UNAUTHORIZED, s));
- return s;
+ return Status::NotAuthorized("nonce mismatch");
}
}