HADOOP-10870. Failed to load OpenSSL cipher error logs on systems with old openssl versions (cmccabe)
git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/branches/fs-encryption@1612440 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
parent
b57ec16567
commit
6fac3e9b61
|
@ -40,6 +40,9 @@ fs-encryption (Unreleased)
|
||||||
HADOOP-10735. Fall back AesCtrCryptoCodec implementation from OpenSSL to
|
HADOOP-10735. Fall back AesCtrCryptoCodec implementation from OpenSSL to
|
||||||
JCE if non native support. (Yi Liu)
|
JCE if non native support. (Yi Liu)
|
||||||
|
|
||||||
|
HADOOP-10870. Failed to load OpenSSL cipher error logs on systems with old
|
||||||
|
openssl versions (cmccabe)
|
||||||
|
|
||||||
OPTIMIZATIONS
|
OPTIMIZATIONS
|
||||||
|
|
||||||
BUG FIXES
|
BUG FIXES
|
||||||
|
|
|
@ -47,8 +47,9 @@ public class OpensslAesCtrCryptoCodec extends AesCtrCryptoCodec {
|
||||||
private Random random;
|
private Random random;
|
||||||
|
|
||||||
public OpensslAesCtrCryptoCodec() {
|
public OpensslAesCtrCryptoCodec() {
|
||||||
if (!OpensslCipher.isNativeCodeLoaded()) {
|
String loadingFailureReason = OpensslCipher.getLoadingFailureReason();
|
||||||
throw new RuntimeException("Failed to load OpenSSL Cipher.");
|
if (loadingFailureReason != null) {
|
||||||
|
throw new RuntimeException(loadingFailureReason);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -76,21 +76,26 @@ public final class OpensslCipher {
|
||||||
private final int alg;
|
private final int alg;
|
||||||
private final int padding;
|
private final int padding;
|
||||||
|
|
||||||
private static boolean nativeCipherLoaded = false;
|
private static final String loadingFailureReason;
|
||||||
|
|
||||||
static {
|
static {
|
||||||
if (NativeCodeLoader.isNativeCodeLoaded() &&
|
String loadingFailure = null;
|
||||||
NativeCodeLoader.buildSupportsOpenssl()) {
|
|
||||||
try {
|
try {
|
||||||
|
if (!NativeCodeLoader.buildSupportsOpenssl()) {
|
||||||
|
loadingFailure = "build does not support openssl.";
|
||||||
|
} else {
|
||||||
initIDs();
|
initIDs();
|
||||||
nativeCipherLoaded = true;
|
|
||||||
} catch (Throwable t) {
|
|
||||||
LOG.error("Failed to load OpenSSL Cipher.", t);
|
|
||||||
}
|
}
|
||||||
|
} catch (Throwable t) {
|
||||||
|
loadingFailure = t.getMessage();
|
||||||
|
LOG.debug("Failed to load OpenSSL Cipher.", t);
|
||||||
|
} finally {
|
||||||
|
loadingFailureReason = loadingFailure;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
public static boolean isNativeCodeLoaded() {
|
public static String getLoadingFailureReason() {
|
||||||
return nativeCipherLoaded;
|
return loadingFailureReason;
|
||||||
}
|
}
|
||||||
|
|
||||||
private OpensslCipher(long context, int alg, int padding) {
|
private OpensslCipher(long context, int alg, int padding) {
|
||||||
|
|
|
@ -58,14 +58,14 @@ public class NativeLibraryChecker {
|
||||||
boolean nativeHadoopLoaded = NativeCodeLoader.isNativeCodeLoaded();
|
boolean nativeHadoopLoaded = NativeCodeLoader.isNativeCodeLoaded();
|
||||||
boolean zlibLoaded = false;
|
boolean zlibLoaded = false;
|
||||||
boolean snappyLoaded = false;
|
boolean snappyLoaded = false;
|
||||||
boolean opensslLoaded = false;
|
|
||||||
// lz4 is linked within libhadoop
|
// lz4 is linked within libhadoop
|
||||||
boolean lz4Loaded = nativeHadoopLoaded;
|
boolean lz4Loaded = nativeHadoopLoaded;
|
||||||
boolean bzip2Loaded = Bzip2Factory.isNativeBzip2Loaded(conf);
|
boolean bzip2Loaded = Bzip2Factory.isNativeBzip2Loaded(conf);
|
||||||
|
boolean openSslLoaded = false;
|
||||||
|
String openSslDetail = "";
|
||||||
String hadoopLibraryName = "";
|
String hadoopLibraryName = "";
|
||||||
String zlibLibraryName = "";
|
String zlibLibraryName = "";
|
||||||
String snappyLibraryName = "";
|
String snappyLibraryName = "";
|
||||||
String opensslLibraryName = "";
|
|
||||||
String lz4LibraryName = "";
|
String lz4LibraryName = "";
|
||||||
String bzip2LibraryName = "";
|
String bzip2LibraryName = "";
|
||||||
if (nativeHadoopLoaded) {
|
if (nativeHadoopLoaded) {
|
||||||
|
@ -79,10 +79,12 @@ public class NativeLibraryChecker {
|
||||||
if (snappyLoaded && NativeCodeLoader.buildSupportsSnappy()) {
|
if (snappyLoaded && NativeCodeLoader.buildSupportsSnappy()) {
|
||||||
snappyLibraryName = SnappyCodec.getLibraryName();
|
snappyLibraryName = SnappyCodec.getLibraryName();
|
||||||
}
|
}
|
||||||
opensslLoaded = NativeCodeLoader.buildSupportsOpenssl() &&
|
if (OpensslCipher.getLoadingFailureReason() != null) {
|
||||||
OpensslCipher.isNativeCodeLoaded();
|
openSslDetail = OpensslCipher.getLoadingFailureReason();
|
||||||
if (opensslLoaded) {
|
openSslLoaded = false;
|
||||||
opensslLibraryName = OpensslCipher.getLibraryName();
|
} else {
|
||||||
|
openSslDetail = OpensslCipher.getLibraryName();
|
||||||
|
openSslLoaded = true;
|
||||||
}
|
}
|
||||||
if (lz4Loaded) {
|
if (lz4Loaded) {
|
||||||
lz4LibraryName = Lz4Codec.getLibraryName();
|
lz4LibraryName = Lz4Codec.getLibraryName();
|
||||||
|
@ -97,7 +99,7 @@ public class NativeLibraryChecker {
|
||||||
System.out.printf("snappy: %b %s\n", snappyLoaded, snappyLibraryName);
|
System.out.printf("snappy: %b %s\n", snappyLoaded, snappyLibraryName);
|
||||||
System.out.printf("lz4: %b %s\n", lz4Loaded, lz4LibraryName);
|
System.out.printf("lz4: %b %s\n", lz4Loaded, lz4LibraryName);
|
||||||
System.out.printf("bzip2: %b %s\n", bzip2Loaded, bzip2LibraryName);
|
System.out.printf("bzip2: %b %s\n", bzip2Loaded, bzip2LibraryName);
|
||||||
System.out.printf("openssl: %b %s\n", opensslLoaded, opensslLibraryName);
|
System.out.printf("openssl: %b %s\n", openSslLoaded, openSslDetail);
|
||||||
if ((!nativeHadoopLoaded) ||
|
if ((!nativeHadoopLoaded) ||
|
||||||
(checkAll && !(zlibLoaded && snappyLoaded && lz4Loaded && bzip2Loaded))) {
|
(checkAll && !(zlibLoaded && snappyLoaded && lz4Loaded && bzip2Loaded))) {
|
||||||
// return 1 to indicated check failed
|
// return 1 to indicated check failed
|
||||||
|
|
|
@ -38,6 +38,7 @@ import org.apache.hadoop.io.RandomDatum;
|
||||||
import org.apache.hadoop.util.NativeCodeLoader;
|
import org.apache.hadoop.util.NativeCodeLoader;
|
||||||
import org.apache.hadoop.util.ReflectionUtils;
|
import org.apache.hadoop.util.ReflectionUtils;
|
||||||
import org.junit.Assert;
|
import org.junit.Assert;
|
||||||
|
import org.junit.Assume;
|
||||||
import org.junit.Test;
|
import org.junit.Test;
|
||||||
|
|
||||||
public class TestCryptoCodec {
|
public class TestCryptoCodec {
|
||||||
|
@ -62,16 +63,13 @@ public class TestCryptoCodec {
|
||||||
|
|
||||||
@Test(timeout=1200000)
|
@Test(timeout=1200000)
|
||||||
public void testOpensslAesCtrCryptoCodec() throws Exception {
|
public void testOpensslAesCtrCryptoCodec() throws Exception {
|
||||||
if (NativeCodeLoader.buildSupportsOpenssl()) {
|
Assume.assumeTrue(NativeCodeLoader.buildSupportsOpenssl());
|
||||||
Assert.assertTrue(OpensslCipher.isNativeCodeLoaded());
|
Assert.assertEquals(null, OpensslCipher.getLoadingFailureReason());
|
||||||
}
|
|
||||||
if (OpensslCipher.isNativeCodeLoaded()) {
|
|
||||||
cryptoCodecTest(conf, seed, 0,
|
cryptoCodecTest(conf, seed, 0,
|
||||||
"org.apache.hadoop.crypto.OpensslAesCtrCryptoCodec");
|
"org.apache.hadoop.crypto.OpensslAesCtrCryptoCodec");
|
||||||
cryptoCodecTest(conf, seed, count,
|
cryptoCodecTest(conf, seed, count,
|
||||||
"org.apache.hadoop.crypto.OpensslAesCtrCryptoCodec");
|
"org.apache.hadoop.crypto.OpensslAesCtrCryptoCodec");
|
||||||
}
|
}
|
||||||
}
|
|
||||||
|
|
||||||
private void cryptoCodecTest(Configuration conf, int seed, int count,
|
private void cryptoCodecTest(Configuration conf, int seed, int count,
|
||||||
String codecClass) throws IOException, GeneralSecurityException {
|
String codecClass) throws IOException, GeneralSecurityException {
|
||||||
|
|
|
@ -24,6 +24,7 @@ import javax.crypto.NoSuchPaddingException;
|
||||||
import javax.crypto.ShortBufferException;
|
import javax.crypto.ShortBufferException;
|
||||||
|
|
||||||
import org.apache.hadoop.test.GenericTestUtils;
|
import org.apache.hadoop.test.GenericTestUtils;
|
||||||
|
import org.junit.Assume;
|
||||||
import org.junit.Assert;
|
import org.junit.Assert;
|
||||||
import org.junit.Test;
|
import org.junit.Test;
|
||||||
|
|
||||||
|
@ -35,9 +36,7 @@ public class TestOpensslCipher {
|
||||||
|
|
||||||
@Test(timeout=120000)
|
@Test(timeout=120000)
|
||||||
public void testGetInstance() throws Exception {
|
public void testGetInstance() throws Exception {
|
||||||
if (!OpensslCipher.isNativeCodeLoaded()) {
|
Assume.assumeTrue(OpensslCipher.getLoadingFailureReason() == null);
|
||||||
return;
|
|
||||||
}
|
|
||||||
OpensslCipher cipher = OpensslCipher.getInstance("AES/CTR/NoPadding");
|
OpensslCipher cipher = OpensslCipher.getInstance("AES/CTR/NoPadding");
|
||||||
Assert.assertTrue(cipher != null);
|
Assert.assertTrue(cipher != null);
|
||||||
|
|
||||||
|
@ -58,9 +57,7 @@ public class TestOpensslCipher {
|
||||||
|
|
||||||
@Test(timeout=120000)
|
@Test(timeout=120000)
|
||||||
public void testUpdateArguments() throws Exception {
|
public void testUpdateArguments() throws Exception {
|
||||||
if (!OpensslCipher.isNativeCodeLoaded()) {
|
Assume.assumeTrue(OpensslCipher.getLoadingFailureReason() == null);
|
||||||
return;
|
|
||||||
}
|
|
||||||
OpensslCipher cipher = OpensslCipher.getInstance("AES/CTR/NoPadding");
|
OpensslCipher cipher = OpensslCipher.getInstance("AES/CTR/NoPadding");
|
||||||
Assert.assertTrue(cipher != null);
|
Assert.assertTrue(cipher != null);
|
||||||
|
|
||||||
|
@ -93,9 +90,7 @@ public class TestOpensslCipher {
|
||||||
|
|
||||||
@Test(timeout=120000)
|
@Test(timeout=120000)
|
||||||
public void testDoFinalArguments() throws Exception {
|
public void testDoFinalArguments() throws Exception {
|
||||||
if (!OpensslCipher.isNativeCodeLoaded()) {
|
Assume.assumeTrue(OpensslCipher.getLoadingFailureReason() == null);
|
||||||
return;
|
|
||||||
}
|
|
||||||
OpensslCipher cipher = OpensslCipher.getInstance("AES/CTR/NoPadding");
|
OpensslCipher cipher = OpensslCipher.getInstance("AES/CTR/NoPadding");
|
||||||
Assert.assertTrue(cipher != null);
|
Assert.assertTrue(cipher != null);
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue