You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@ozone.apache.org by "István Fajth (Jira)" <ji...@apache.org> on 2021/04/08 20:46:00 UTC

[jira] [Created] (HDDS-5078) NPE during secure SCM initialization with HA code updated to an already existing cluster

István Fajth created HDDS-5078:
----------------------------------

             Summary: NPE during secure SCM initialization with HA code updated to an already existing cluster
                 Key: HDDS-5078
                 URL: https://issues.apache.org/jira/browse/HDDS-5078
             Project: Apache Ozone
          Issue Type: Bug
          Components: SCM HA
            Reporter: István Fajth


During SCM initialization, the following causes an NPE:
StorageContainerManager#initializeCertificateClient initializes the scmCertificateClient only if scmStorageConfig#checkPrimarySCMIdInitialized() evaluates to true. This evaluates to true, if the VERSION file contains primaryScmNodeId with a value.

If you upgrade an existing cluster with a single SCM to this code, the VERSION file does not contain a primaryScmNodeId, so the scmCertificateClient remains null.

Later the initialization code calls the StorageContainerManager#initializeCAnSecurityProtocol method, which at the end creates the securityProtocolServer, for the constructor call the rootCACert is provided by calling the scmCertificateClient#getCACertificate method, but this is a null dereference as scmCertificateClient is null.

The scmCertificateClient being null, can cause problems later as well, as it is used multiple times unconditionally.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org
For additional commands, e-mail: issues-help@ozone.apache.org