[CASSANDRA-16280] SSTableLoader will fail if encryption parameters are used due to CASSANDRA-16144 - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Normal
Resolution: Fixed
Fix Version/s: 4.0-beta4, 4.0
Component/s: Tool/bulk load
Labels:
None

Bug Category:
Availability - Process Crash
Severity:
Critical
Complexity:
Normal
Discovered By:
User Report
Platform:

All
Impacts:

None
Since Version:

4.0-beta3
Source Control Link:

https://github.com/apache/cassandra/commit/d031c445f6fe9f3639537d69fef1538e09d18410
Test and Documentation Plan:
Hide

Regression test added under LoaderOptionsTest.testEncryptionSettings, invoking LoaderOptions.builder().parseArgs() with all the encryption options.

Failure with the current trunk:

test: [echo] Number of test runners: 3 [mkdir] Created dir: /Users/adejanovski/projets/cassandra/thelastpickle/cassandra/build/test/cassandra [mkdir] Created dir: /Users/adejanovski/projets/cassandra/thelastpickle/cassandra/build/test/output [junit-timeout] Testsuite: org.apache.cassandra.tools.LoaderOptionsTest [junit-timeout] Testsuite: org.apache.cassandra.tools.LoaderOptionsTest Tests run: 2, Failures: 0, Errors: 1, Skipped: 0, Time elapsed: 0,824 sec [junit-timeout] [junit-timeout] Testcase: testEncryptionSettings(org.apache.cassandra.tools.LoaderOptionsTest): Caused an ERROR [junit-timeout] EncryptionOptions cannot be changed after configuration applied [junit-timeout] java.lang.IllegalStateException: EncryptionOptions cannot be changed after configuration applied [junit-timeout] at org.apache.cassandra.config.EncryptionOptions.ensureConfigNotApplied(EncryptionOptions.java:162) [junit-timeout] at org.apache.cassandra.config.EncryptionOptions.applyConfig(EncryptionOptions.java:130) [junit-timeout] at org.apache.cassandra.tools.LoaderOptions$Builder.parseArgs(LoaderOptions.java:478) [junit-timeout] at org.apache.cassandra.tools.LoaderOptionsTest.testEncryptionSettings(LoaderOptionsTest.java:55) [junit-timeout] [junit-timeout] [junit-timeout] Test org.apache.cassandra.tools.LoaderOptionsTest FAILED

The test passes with the patch:

test: [echo] Number of test runners: 3 [junit-timeout] Testsuite: org.apache.cassandra.tools.LoaderOptionsTest [junit-timeout] Testsuite: org.apache.cassandra.tools.LoaderOptionsTest Tests run: 2, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 0,5 sec BUILD SUCCESSFUL
Show
Regression test added under LoaderOptionsTest.testEncryptionSettings , invoking LoaderOptions.builder().parseArgs() with all the encryption options. Failure with the current trunk: test: [echo] Number of test runners: 3 [mkdir] Created dir: /Users/adejanovski/projets/cassandra/thelastpickle/cassandra/build/test/cassandra [mkdir] Created dir: /Users/adejanovski/projets/cassandra/thelastpickle/cassandra/build/test/output [junit-timeout] Testsuite: org.apache.cassandra.tools.LoaderOptionsTest [junit-timeout] Testsuite: org.apache.cassandra.tools.LoaderOptionsTest Tests run: 2, Failures: 0, Errors: 1, Skipped: 0, Time elapsed: 0,824 sec [junit-timeout] [junit-timeout] Testcase: testEncryptionSettings(org.apache.cassandra.tools.LoaderOptionsTest): Caused an ERROR [junit-timeout] EncryptionOptions cannot be changed after configuration applied [junit-timeout] java.lang.IllegalStateException: EncryptionOptions cannot be changed after configuration applied [junit-timeout] at org.apache.cassandra.config.EncryptionOptions.ensureConfigNotApplied(EncryptionOptions.java:162) [junit-timeout] at org.apache.cassandra.config.EncryptionOptions.applyConfig(EncryptionOptions.java:130) [junit-timeout] at org.apache.cassandra.tools.LoaderOptions$Builder.parseArgs(LoaderOptions.java:478) [junit-timeout] at org.apache.cassandra.tools.LoaderOptionsTest.testEncryptionSettings(LoaderOptionsTest.java:55) [junit-timeout] [junit-timeout] [junit-timeout] Test org.apache.cassandra.tools.LoaderOptionsTest FAILED The test passes with the patch: test: [echo] Number of test runners: 3 [junit-timeout] Testsuite: org.apache.cassandra.tools.LoaderOptionsTest [junit-timeout] Testsuite: org.apache.cassandra.tools.LoaderOptionsTest Tests run: 2, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 0,5 sec BUILD SUCCESSFUL

Description

~~CASSANDRA-16144~~ recently introduced repeated calls to clientEncOptions.applyConfig() for each encryption parameter passed to the sstableloader command line.
This consistently fails because applyConfig() can be called only once due to the ensureConfigNotApplied() check at the beginning of the method.

This call is not necessary since the with...() methods will invoke applyConfig() each time:

public EncryptionOptions withTrustStore(String truststore)
{
    return new EncryptionOptions(keystore, keystore_password, truststore, truststore_password, cipher_suites,
                                        protocol, algorithm, store_type, require_client_auth, require_endpoint_verification,
                                        enabled, optional).applyConfig();
}

I'll build a patch for this with the appropriate unit test.

Attachments

Issue Links

is caused by

CASSANDRA-16144 TLS connections to the storage port on a node without server encryption configured causes java.io.IOException accessing missing keystore

Resolved

Activity

People

Assignee:: Alexander Dejanovski

Reporter:: Alexander Dejanovski

Authors:: Alexander Dejanovski

Reviewers:: David Capwell, Jon Meredith

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 17/Nov/20 14:35

Updated:: 03/Jan/21 16:58

Resolved:: 17/Nov/20 19:15