thevar1able/ClickHouse
1
0
Fork 0
mirror of https://github.com/ClickHouse/ClickHouse.git synced 2024-11-25 09:02:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

Cleanup code in KerberosInit

Browse Source
This commit is contained in:
Roman Vasin 2022-06-09 11:51:15 +03:00
parent 3cfea6e76f
commit d1d6d87432
3 changed files with 10 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/Access/KerberosInit.cpp
View File

@ -14,7 +14,7 @@ int KerberosInit::init(const String & keytab_file, const String & principal, con
// Using mutex to prevent cache file corruptions
std::unique_lock<std::mutex> lck(kinit_mtx);
auto log = &Poco::Logger::get("ADQM");
auto log = &Poco::Logger::get("KerberosInit");
LOG_DEBUG(log,"Trying to authenticate to Kerberos v5");
krb5_error_code ret;
@ -39,10 +39,10 @@ int KerberosInit::init(const String & keytab_file, const String & principal, con
}
else
{
// Resolve the default ccache and get its type and default principal (if it is initialized).
// Resolve the default cache and get its type and default principal (if it is initialized).
ret = krb5_cc_default(k5.ctx, &defcache);
if (ret)
throw Exception("Error while getting default ccache", ErrorCodes::KERBEROS_ERROR);
throw Exception("Error while getting default cache", ErrorCodes::KERBEROS_ERROR);
LOG_DEBUG(log,"Resolved default cache");
deftype = krb5_cc_get_type(k5.ctx, defcache);
if (krb5_cc_get_principal(k5.ctx, defcache, &defcache_princ) != 0)
@ -116,7 +116,7 @@ int KerberosInit::init(const String & keytab_file, const String & principal, con
ret = krb5_get_renewed_creds(k5.ctx, &my_creds, k5.me, k5.out_cc, nullptr);
if (ret)
{
LOG_DEBUG(log,"Renew failed, trying to get initial credentials");
LOG_DEBUG(log,"Renew failed ({}). Trying to get initial credentials", ret);
ret = krb5_get_init_creds_keytab(k5.ctx, &my_creds, k5.me, keytab, 0, nullptr, options);
if (ret)
throw Exception("Error in getting initial credentials", ErrorCodes::KERBEROS_ERROR);
@ -139,7 +139,7 @@ int KerberosInit::init(const String & keytab_file, const String & principal, con
if (k5.switch_to_cache) {
ret = krb5_cc_switch(k5.ctx, k5.out_cc);
if (ret)
throw Exception("Error while switching to new ccache", ErrorCodes::KERBEROS_ERROR);
throw Exception("Error while switching to new cache", ErrorCodes::KERBEROS_ERROR);
}
LOG_DEBUG(log,"Authenticated to Kerberos v5");

4
src/Storages/HDFS/HDFSCommon.cpp
View File

@ -73,7 +73,7 @@ void HDFSBuilderWrapper::loadFromConfig(const Poco::Util::AbstractConfiguration
void HDFSBuilderWrapper::runKinit()
{
LOG_DEBUG(&Poco::Logger::get("HDFSClient"), "ADQM: running KerberosInit");
LOG_DEBUG(&Poco::Logger::get("HDFSClient"), "Running KerberosInit");
KerberosInit k_init;
try
{
@ -81,7 +81,7 @@ void HDFSBuilderWrapper::runKinit()
} catch (const DB::Exception & e) {
throw Exception("KerberosInit failure: "+ getExceptionMessage(e, false), ErrorCodes::KERBEROS_ERROR);
}
LOG_DEBUG(&Poco::Logger::get("HDFSClient"), "ADQM: finished KerberosInit");
LOG_DEBUG(&Poco::Logger::get("HDFSClient"), "Finished KerberosInit");
}
HDFSBuilderWrapper createHDFSBuilder(const String & uri_str, const Poco::Util::AbstractConfiguration & config)

8
src/Storages/Kafka/StorageKafka.cpp
View File

@ -519,19 +519,17 @@ void StorageKafka::updateConfiguration(cppkafka::Configuration & conf)
if (conf.has_property("sasl.kerberos.keytab") && conf.has_property("sasl.kerberos.principal"))
{
LOG_DEBUG(log, "ADQM: preparing KerberosInit");
String keytab = conf.get("sasl.kerberos.keytab");
String principal = conf.get("sasl.kerberos.principal");
LOG_DEBUG(log, "ADQM: keytab: {}, principal: {}", keytab, principal);
LOG_DEBUG(log, "ADQM: running KerberosInit");
LOG_DEBUG(log, "Running KerberosInit");
KerberosInit k_init;
try
{
k_init.init(keytab,principal);
} catch (const Exception & e) {
LOG_ERROR(log, "ADQM: KerberosInit failure: {}", getExceptionMessage(e, false));
LOG_ERROR(log, "KerberosInit failure: {}", getExceptionMessage(e, false));
}
LOG_DEBUG(log, "ADQM: finished KerberosInit");
LOG_DEBUG(log, "Finished KerberosInit");
conf.set("sasl.kerberos.kinit.cmd","");
conf.set("sasl.kerberos.min.time.before.relogin","0");
}