Details
-
Type:
Sub-task
-
Status: Resolved
-
Priority:
Major
-
Resolution: Fixed
-
Affects Version/s: fs-encryption (HADOOP-10150 and HDFS-6134)
-
Fix Version/s: fs-encryption (HADOOP-10150 and HDFS-6134)
-
Component/s: security
-
Labels:None
-
Target Version/s:
Description
When users try to create an encryption zone on a system that is not configured with a KeyProvider, they will run into a NullPointerException.
For example:
[hdfs@schu-enc2 ~]$ hdfs crypto -createZone -keyName abc123 -path /user/hdfs
2014-07-22 23:18:23,273 WARN [main] crypto.CryptoCodec (CryptoCodec.java:getInstance(70)) - Crypto codec org.apache.hadoop.crypto.OpensslAesCtrCryptoCodec is not available.
RemoteException: java.lang.NullPointerException
This error happens in FSNamesystem.createEncryptionZone(FSNamesystem.java:8456):
try { if (keyName == null || keyName.isEmpty()) { keyName = UUID.randomUUID().toString(); createNewKey(keyName, src); createdKey = true; } else { KeyVersion keyVersion = provider.getCurrentKey(keyName); if (keyVersion == null) {
provider can be null.
An improvement would be to make the error message more specific/say that KeyProvider was not found.