hive-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (Jira)" <j...@apache.org>
Subject [jira] [Work logged] (HIVE-25307) Hive Server 2 crashes when Thrift library encounters particular security protocol issue
Date Sun, 25 Jul 2021 12:38:00 GMT

     [ https://issues.apache.org/jira/browse/HIVE-25307?focusedWorklogId=627451&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-627451
]

ASF GitHub Bot logged work on HIVE-25307:
-----------------------------------------

                Author: ASF GitHub Bot
            Created on: 25/Jul/21 12:37
            Start Date: 25/Jul/21 12:37
    Worklog Time Spent: 10m 
      Work Description: mattmccline-microsoft opened a new pull request #2527:
URL: https://github.com/apache/hive/pull/2527


   …icular security protocol issue
   
   <!--
   Thanks for sending a pull request!  Here are some tips for you:
     1. If this is your first time, please read our contributor guidelines: https://cwiki.apache.org/confluence/display/Hive/HowToContribute
     2. Ensure that you have created an issue on the Hive project JIRA: https://issues.apache.org/jira/projects/HIVE/summary
     3. Ensure you have added or run the appropriate tests for your PR: 
     4. If the PR is unfinished, add '[WIP]' in your PR title, e.g., '[WIP]HIVE-XXXXX:  Your
PR title ...'.
     5. Be sure to keep the PR description updated to reflect all changes.
     6. Please write your PR title to summarize what this PR proposes.
     7. If possible, provide a concise example to reproduce the issue for a faster review.
   
   -->
   
   ### What changes were proposed in this pull request?
   <!--
   Please clarify what changes you are proposing. The purpose of this section is to outline
the changes and how this PR fixes the issue. 
   If possible, please consider writing useful notes for better and faster reviews in your
PR. See the examples below.
     1. If you refactor some codes with changing classes, showing the class hierarchy will
help reviewers.
     2. If you fix some SQL features, you can provide some references of other DBMSes.
     3. If there is design documentation, please add the link.
     4. If there is a discussion in the mailing list, please add the link.
   -->
   
   
   ### Why are the changes needed?
   <!--
   Please clarify why the changes are needed. For instance,
     1. If you propose a new API, clarify the use case for a new API.
     2. If you fix a bug, you can clarify why it is a bug.
   -->
   
   
   ### Does this PR introduce _any_ user-facing change?
   <!--
   Note that it means *any* user-facing change including all aspects such as the documentation
fix.
   If yes, please clarify the previous behavior and the change this PR proposes - provide
the console output, description, screenshot and/or a reproducable example to show the behavior
difference if possible.
   If possible, please also clarify if this is a user-facing change compared to the released
Hive versions or within the unreleased branches such as master.
   If no, write 'No'.
   -->
   
   
   ### How was this patch tested?
   <!--
   If tests were added, say they were added here. Please make sure to add some test cases
that check the changes thoroughly including negative and positive cases if possible.
   If it was tested in a way different from regular unit tests, please clarify how you tested
step by step, ideally copy and paste-able, so that other reviewers can test and check, and
descendants can verify in the future.
   If tests were not added, please describe why they were not added and/or why it was difficult
to add.
   -->
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


Issue Time Tracking
-------------------

    Worklog Id:     (was: 627451)
    Time Spent: 40m  (was: 0.5h)

> Hive Server 2 crashes when Thrift library encounters particular security protocol issue
> ---------------------------------------------------------------------------------------
>
>                 Key: HIVE-25307
>                 URL: https://issues.apache.org/jira/browse/HIVE-25307
>             Project: Hive
>          Issue Type: Bug
>            Reporter: Matt McCline
>            Assignee: Matt McCline
>            Priority: Critical
>              Labels: pull-request-available
>         Attachments: hive-thrift-fix2-03-3_1.patch, hive-thrift-fix2-04-3_1.patch, hive-thrift-fix2-05-3_1.patch
>
>          Time Spent: 40m
>  Remaining Estimate: 0h
>
> A RuntimeException is thrown by the Thrift library that causes Hive Server 2 to crash
on our customer's machine. If you Google this the exception has been reported a couple of
times over the years but not fixed. A blog (see references below) says it is an occasional
security protocol issue between Hive Server 2 and a proxy like a Gateway.
> One challenge in the older 0.9.3 Thrift version was the Thrift TTransportFactory getTransport
method declaration had throws no Exceptions. Hence the likely choice of RuntimeException.
But that Exception is fatal to Hive Server 2.
> The proposed fix is a work around is we catch RuntimeException in the inner class TUGIAssumingTransportFactory
of the HadoopThriftAuthBridge class in Hive Server 2.  And throw a throw the RuntimeException's
(inner) cause (e.g. TSaslTransportException) as a TTransportException.
> Once the Thrift library stops throwing RuntimeException or we catch fatal Throwable exceptions
in the Thrift library's TThreadPoolServer's inner class WorkerProcess run method and display
them, the RuntimeException try/catch clause can be removed.
> ExceptionClassName:
>  java.lang.RuntimeException
>  ExceptionStackTrace:
>  java.lang.RuntimeException: org.apache.thrift.transport.TSaslTransportException: No
data or no sasl data in the stream
>               at org.apache.thrift.transport.TSaslServerTransport$Factory.getTransport(TSaslServerTransport.java:219)
>               at org.apache.hadoop.hive.metastore.security.HadoopThriftAuthBridge$Server$TUGIAssumingTransportFactory$1.run(HadoopThriftAuthBridge.java:694)
>               at org.apache.hadoop.hive.metastore.security.HadoopThriftAuthBridge$Server$TUGIAssumingTransportFactory$1.run(HadoopThriftAuthBridge.java:691)
>               at java.security.AccessController.doPrivileged(Native Method)
>               at javax.security.auth.Subject.doAs(Subject.java:360)
>               at org.apache.hadoop.security.UserGroupInformation.doAs(UserGroupInformation.java:1710)
>               at org.apache.hadoop.hive.metastore.security.HadoopThriftAuthBridge$Server$TUGIAssumingTransportFactory.getTransport(HadoopThriftAuthBridge.java:691)
>               at org.apache.thrift.server.TThreadPoolServer$WorkerProcess.run(TThreadPoolServer.java:269)
>               at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
>               at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
>               at java.lang.Thread.run(Thread.java:748)
> Caused by: org.apache.thrift.transport.TSaslTransportException: No data or no sasl data
in the stream
>               at org.apache.thrift.transport.TSaslTransport.open(TSaslTransport.java:326)
>               at org.apache.thrift.transport.TSaslServerTransport.open(TSaslServerTransport.java:41)
>               at org.apache.thrift.transport.TSaslServerTransport$Factory.getTransport(TSaslServerTransport.java:216)
>               ... 10 more
>  
> References:
> [Hive server 2 thrift error - Cloudera Community - 34293|https://community.cloudera.com/t5/Support-Questions/Hive-server-2-thrift-error/td-p/34293]
> Eric Lin blog "“NO DATA OR NO SASL DATA IN THE STREAM” ERROR IN HIVESERVER2 LOG"
> HIVE-12754 AuthTypes.NONE cause exception after HS2 start - ASF JIRA (apache.org)
>  



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Mime
View raw message