Bug 867148

Summary: After enabling encryption using sslsocket the agent fails to start if rhq.agent.client.security.truststore.password is missing from agent-configuration.xml
Product: [Other] RHQ Project Reporter: Larry O'Leary <loleary>
Component: AgentAssignee: Nobody <nobody>
Status: NEW --- QA Contact:
Severity: medium Docs Contact:
Priority: unspecified    
Version: 4.4CC: hrupp
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: All   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1302322    

Description Larry O'Leary 2012-10-16 21:39:30 UTC 
Description of problem:
After enabling TLS encryption for agent-to-server communication, the agent will fail to start with the following exception:

            2012-10-15 13:30:06,346 ERROR [RHQ Server Polling Thread] (jboss.remoting.transport.socket.MicroSocketClientInvoker)- Error setting up SocketClientInvoker[72e5355f, sslsocket://127.0.0.1:55555]
            java.lang.NullPointerException
	            at java.util.Hashtable.put(Hashtable.java:411)
	            at java.util.Hashtable.putAll(Hashtable.java:483)
	            at org.jboss.remoting.transport.socket.MicroSocketClientInvoker.setup(MicroSocketClientInvoker.java:404)
	            at org.jboss.remoting.transport.socket.MicroSocketClientInvoker.<init>(MicroSocketClientInvoker.java:253)
	            at org.jboss.remoting.transport.socket.SocketClientInvoker.<init>(SocketClientInvoker.java:72)
	            at org.jboss.remoting.transport.sslsocket.SSLSocketClientInvoker.<init>(SSLSocketClientInvoker.java:65)
	            at org.jboss.remoting.transport.sslsocket.TransportClientFactory.createClientInvoker(TransportClientFactory.java:38)
	            at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	            at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
	            at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	            at java.lang.reflect.Method.invoke(Method.java:616)
	            at org.jboss.remoting.InvokerRegistry.loadClientInvoker(InvokerRegistry.java:419)
	            at org.jboss.remoting.InvokerRegistry.createClientInvoker(InvokerRegistry.java:320)
	            at org.jboss.remoting.Client.connect(Client.java:459)
	            at org.rhq.enterprise.communications.command.client.JBossRemotingRemoteCommunicator.getRemotingClient(JBossRemotingRemoteCommunicator.java:659)
	            at org.rhq.enterprise.communications.command.client.JBossRemotingRemoteCommunicator.rawSend(JBossRemotingRemoteCommunicator.java:514)
	            at org.rhq.enterprise.communications.command.client.JBossRemotingRemoteCommunicator.sendWithoutCallbacks(JBossRemotingRemoteCommunicator.java:456)
	            at org.rhq.enterprise.communications.command.client.JBossRemotingRemoteCommunicator.sendWithoutInitializeCallback(JBossRemotingRemoteCommunicator.java:475)
	            at org.rhq.enterprise.communications.command.client.JBossRemotingRemoteCommunicator.send(JBossRemotingRemoteCommunicator.java:496)
	            at org.rhq.enterprise.communications.command.client.AbstractCommandClient.invoke(AbstractCommandClient.java:143)
	            at org.rhq.enterprise.communications.command.client.ClientCommandSender.send(ClientCommandSender.java:1091)
	            at org.rhq.enterprise.communications.command.client.ServerPollingThread.run(ServerPollingThread.java:115)



This is due to rhq.communications.connector.security.truststore.password and/or -- not sure which one -- rhq.agent.client.security.truststore.password not being defined in the agent's configuration. By default, these properties are commented out in agent-configuration.xml and also have an empty value.

These properties should not be defined in the configuration map if they were not specified by the agent configuration. The error occurs specifically due to the attempt to assign null as the value for the hash map.

Version-Release number of selected component (if applicable):
JON 3.1.0

How reproducible:
Always

Steps to Reproduce:
1.  Enable SSL/TLS encryption using sslsocket for agent-to-server communication.

    This can be done as per the JBoss ON documentation[1].

2.  Start the agent
  
Actual results:
ERROR [RHQ Server Polling Thread] (jboss.remoting.transport.socket.MicroSocketClientInvoker)- Error setting up SocketClientInvoker[72e5355f, sslsocket://127.0.0.1:55555]
            java.lang.NullPointerException

And agent fails to completely start and communicate with its configured server.

Expected results:
No error and agent-to-server communication should work just fine.


Additional info:
To work around the issue, one just needs to re-configure the agent with a dummy value provided for this property.



[1]: https://access.redhat.com/knowledge/docs/en-US/JBoss_Operations_Network/3.1/html/Admin_Configuring_JON_Servers_and_Agents/configuring-ssl.html
Comment 1 Larry O'Leary 2013-03-22 22:37:41 UTC 
To clarify, the offending property is rhq.agent.client.security.truststore.password. rhq.communications.connector.security.truststore.password is not required. Only rhq.agent.client.security.truststore.password must get a dummy value set in order to workaround this issue. 

In case it is not clear, this is specifically due to how the Hashtable is being built and each property, regardless of its value, is being passed in but <null> is not an allowed value for a Hashtable entry.