From 95790bb7e5f59a53cd54bc4c7c7fd93d17173e55 Mon Sep 17 00:00:00 2001 From: Ajay Yadav <7813154+ajayydv@users.noreply.github.com> Date: Mon, 29 Apr 2019 14:07:23 -0700 Subject: [PATCH] HDDS-1430. NPE if secure ozone if KMS uri is not defined. Contributed by Ajay Kumar. (#752) --- .../hadoop/ozone/client/rpc/OzoneKMSUtil.java | 3 ++ .../ozone/client/rpc/TestOzoneKMSUtil.java | 51 +++++++++++++++++++ .../hadoop/fs/ozone/OzoneFileSystem.java | 8 ++- 3 files changed, 61 insertions(+), 1 deletion(-) create mode 100644 hadoop-ozone/client/src/test/java/org/apache/hadoop/ozone/client/rpc/TestOzoneKMSUtil.java diff --git a/hadoop-ozone/client/src/main/java/org/apache/hadoop/ozone/client/rpc/OzoneKMSUtil.java b/hadoop-ozone/client/src/main/java/org/apache/hadoop/ozone/client/rpc/OzoneKMSUtil.java index ba00a31d92..6be77709d4 100644 --- a/hadoop-ozone/client/src/main/java/org/apache/hadoop/ozone/client/rpc/OzoneKMSUtil.java +++ b/hadoop-ozone/client/src/main/java/org/apache/hadoop/ozone/client/rpc/OzoneKMSUtil.java @@ -128,6 +128,9 @@ public static URI getKeyProviderUri(UserGroupInformation ugi, public static KeyProvider getKeyProvider(final Configuration conf, final URI serverProviderUri) throws IOException{ + if (serverProviderUri == null) { + throw new IOException("KMS serverProviderUri is not configured."); + } return KMSUtil.createKeyProviderFromUri(conf, serverProviderUri); } diff --git a/hadoop-ozone/client/src/test/java/org/apache/hadoop/ozone/client/rpc/TestOzoneKMSUtil.java b/hadoop-ozone/client/src/test/java/org/apache/hadoop/ozone/client/rpc/TestOzoneKMSUtil.java new file mode 100644 index 0000000000..49fb5e3351 --- /dev/null +++ b/hadoop-ozone/client/src/test/java/org/apache/hadoop/ozone/client/rpc/TestOzoneKMSUtil.java @@ -0,0 +1,51 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements.  See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership.  The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License.  You may obtain a copy of the License at + * + *      http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.hadoop.ozone.client.rpc; + +import org.apache.hadoop.hdds.conf.OzoneConfiguration; +import org.apache.hadoop.ozone.OzoneConfigKeys; +import org.junit.Before; +import org.junit.Test; + +import java.io.IOException; + +import static org.junit.Assert.*; + +/** + * Test class for {@link OzoneKMSUtil}. + * */ +public class TestOzoneKMSUtil { + private OzoneConfiguration config; + + @Before + public void setUp() { + config = new OzoneConfiguration(); + config.setBoolean(OzoneConfigKeys.OZONE_SECURITY_ENABLED_KEY, true); + } + + @Test + public void getKeyProvider() { + try { + OzoneKMSUtil.getKeyProvider(config, null); + fail("Expected IOException."); + } catch (IOException ioe) { + assertEquals(ioe.getMessage(), "KMS serverProviderUri is " + + "not configured."); + } + } +} \ No newline at end of file diff --git a/hadoop-ozone/ozonefs/src/main/java/org/apache/hadoop/fs/ozone/OzoneFileSystem.java b/hadoop-ozone/ozonefs/src/main/java/org/apache/hadoop/fs/ozone/OzoneFileSystem.java index f8e8fb44aa..983c5a9d46 100644 --- a/hadoop-ozone/ozonefs/src/main/java/org/apache/hadoop/fs/ozone/OzoneFileSystem.java +++ b/hadoop-ozone/ozonefs/src/main/java/org/apache/hadoop/fs/ozone/OzoneFileSystem.java @@ -59,7 +59,13 @@ public URI getKeyProviderUri() throws IOException { @Override public DelegationTokenIssuer[] getAdditionalTokenIssuers() throws IOException { - KeyProvider keyProvider = getKeyProvider(); + KeyProvider keyProvider; + try { + keyProvider = getKeyProvider(); + } catch (IOException ioe) { + LOG.error("Error retrieving KeyProvider.", ioe); + return null; + } if (keyProvider instanceof DelegationTokenIssuer) { return new DelegationTokenIssuer[]{(DelegationTokenIssuer)keyProvider}; }