[HADOOP-19010] - NullPointerException in Hadoop Credential Check CLI (#6351)

2023-12-16 12:23:52 +05:30 · 2023-12-16 12:23:52 +05:30 · 62cc673d00
commit 62cc673d00
parent 3caabb2957
2 changed files with 26 additions and 5 deletions
--- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/alias/CredentialShell.java
+++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/alias/CredentialShell.java
@ -25,6 +25,7 @@
 import java.util.Arrays;
 import java.util.List;

+import org.apache.hadoop.security.alias.CredentialProvider.CredentialEntry;
 import org.apache.hadoop.classification.VisibleForTesting;

 import org.apache.commons.lang3.StringUtils;
@ -365,12 +366,17 @@ public void execute() throws IOException, NoSuchAlgorithmException {
        } else {
          password = c.readPassword("Enter alias password: ");
        }
-        char[] storePassword =
-            provider.getCredentialEntry(alias).getCredential();
-        String beMatch =
-            Arrays.equals(storePassword, password) ? "success" : "failed";
+        CredentialEntry credentialEntry = provider.getCredentialEntry(alias);
+        if(credentialEntry == null) {
+          // Fail the password match when alias not found
+          getOut().println("Password match failed for " + alias + ".");
+        } else {
+          char[] storePassword = credentialEntry.getCredential();
+          String beMatch =
+              Arrays.equals(storePassword, password) ? "success" : "failed";

-        getOut().println("Password match " + beMatch + " for " +  alias + ".");
+          getOut().println("Password match " + beMatch + " for " + alias + ".");
+        }
      } catch (IOException e) {
        getOut().println("Cannot check aliases for CredentialProvider: " +
            provider.toString()
--- a/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/alias/TestCredShell.java
+++ b/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/alias/TestCredShell.java
@ -165,6 +165,21 @@ public void testPromptForCredentialWithEmptyPasswd() throws Exception {
    assertTrue(outContent.toString().contains("Passwords don't match"));
  }

+  @Test
+  public void testPromptForCredentialNotFound() throws Exception {
+    String[] args1 = {"check", "credential1", "-provider",
+        jceksProvider};
+    ArrayList<String> password = new ArrayList<String>();
+    password.add("p@ssw0rd");
+    int rc = 0;
+    CredentialShell shell = new CredentialShell();
+    shell.setConf(new Configuration());
+    shell.setPasswordReader(new MockPasswordReader(password));
+    rc = shell.run(args1);
+    assertEquals(0, rc);
+    assertOutputContains("Password match failed for credential1.");
+  }
+
  @Test
  public void testPromptForCredential() throws Exception {
    String[] args1 = {"create", "credential1", "-provider",