• Icon: Bug Bug
    • Resolution: Duplicate
    • Icon: Major Major
    • cli, ldap-plugin
    • None

      We are issuing calls to the Jenkins CLI using ssh keys as authentication. If we set Jenkins up with an internal user database, it identifies the user and works properly. If we use LDAP to set up the users database, the cli call cause a NPE. This worked on 1.574, but is broken on 1.576. The call and response is:

      java -jar jenkins-cli.jar -s http://sandbox-jenkins.locationlabs.com:8080 who-am-i
      Exception in thread "main" java.io.EOFException
      at java.io.DataInputStream.readBoolean(DataInputStream.java:227)
      at hudson.cli.Connection.readBoolean(Connection.java:93)
      at hudson.cli.CLI.authenticate(CLI.java:560)
      at hudson.cli.CLI._main(CLI.java:471)
      at hudson.cli.CLI.main(CLI.java:382)

          [JENKINS-24356] CLI access cause NPE when using LDAP users

          Carl Molinari added a comment -

          This is the result of who-am-i on 1.574:

          Authenticated as: carl.molinari
          Authorities:
          ROLE_SPLUNK-ADMINS
          splunk-admins
          authenticated
          global
          ROLE_SUDO
          admins
          sudo
          ldap-jira-developers
          ROLE_GLOBAL
          ROLE_ADMINS
          ROLE_SYSADMIN-EMERYVILLE
          sysadmin-emeryville
          ROLE_LDAP-JIRA-DEVELOPERS

          Carl Molinari added a comment - This is the result of who-am-i on 1.574: Authenticated as: carl.molinari Authorities: ROLE_SPLUNK-ADMINS splunk-admins authenticated global ROLE_SUDO admins sudo ldap-jira-developers ROLE_GLOBAL ROLE_ADMINS ROLE_SYSADMIN-EMERYVILLE sysadmin-emeryville ROLE_LDAP-JIRA-DEVELOPERS

          Daniel Beck added a comment -

          Probably just another duplicate of JENKINS-24317.

          Please file again once the fix to that issue exists and has been released (check the changelog!) and this still occurs.

          Daniel Beck added a comment - Probably just another duplicate of JENKINS-24317 . Please file again once the fix to that issue exists and has been released (check the changelog!) and this still occurs.

          Carl Molinari added a comment -

          The issue linked has to do with users with uppercase in the names, but we have no users with uppercase in LDAP. It also shows a workaround of renaming all folders in the users directory to not have uppercase names. I took the step of deleting all the folders in the users directory and got the exact same error. This is problematic because we were hoping to update to 1.576 in order to solve a problem with using the CLI causing leaking file descriptors (JENKINS-23248). 1.576 solves this problem, but precludes the use of the CLI entirely.

          Carl Molinari added a comment - The issue linked has to do with users with uppercase in the names, but we have no users with uppercase in LDAP. It also shows a workaround of renaming all folders in the users directory to not have uppercase names. I took the step of deleting all the folders in the users directory and got the exact same error. This is problematic because we were hoping to update to 1.576 in order to solve a problem with using the CLI causing leaking file descriptors ( JENKINS-23248 ). 1.576 solves this problem, but precludes the use of the CLI entirely.

          Daniel Beck added a comment - - edited

          Are there any folders with uppercase letters in the users folder? Check again now please. Jenkins creates them on demand, as users committing to SCM are also considered users by Jenkins. If there are, it's very likely the same issue.

          Daniel Beck added a comment - - edited Are there any folders with uppercase letters in the users folder? Check again now please. Jenkins creates them on demand, as users committing to SCM are also considered users by Jenkins. If there are, it's very likely the same issue.

          Carl Molinari added a comment -

          I deleted all the directories and re-logged in. Still get the same stack trace. the contents of the users directory are as follows:

          drwxr-xr-x 3 tomcat6 tomcat6 4096 Aug 20 11:25 .
          drwxr-xr-x 16 tomcat6 tomcat6 4096 Aug 19 15:32 ..
          drwxr-xr-x 2 tomcat6 tomcat6 4096 Aug 20 11:25 carl.molinari

          Carl Molinari added a comment - I deleted all the directories and re-logged in. Still get the same stack trace. the contents of the users directory are as follows: drwxr-xr-x 3 tomcat6 tomcat6 4096 Aug 20 11:25 . drwxr-xr-x 16 tomcat6 tomcat6 4096 Aug 19 15:32 .. drwxr-xr-x 2 tomcat6 tomcat6 4096 Aug 20 11:25 carl.molinari

          Daniel Beck added a comment -

          I could provide a build of Jenkins 1.576 with JENKINS-24317 resolved if you're interested in testing. If your issue disappears, it has the same cause.

          Daniel Beck added a comment - I could provide a build of Jenkins 1.576 with JENKINS-24317 resolved if you're interested in testing. If your issue disappears, it has the same cause.

          Carl Molinari added a comment -

          I would be happy to try the fix. Please let me know how to download the jenkins.war.

          Carl Molinari added a comment - I would be happy to try the fix. Please let me know how to download the jenkins.war.

          Daniel Beck added a comment -

          Here's the branch I base the build on:
          https://github.com/daniel-beck/jenkins/tree/JENKINS-24317-1.576

          Here's the diff to Jenkins 1.576:
          https://github.com/daniel-beck/jenkins/compare/JENKINS-24317-1.576?expand=1

          Here's the build if you don't want or can build it yourself:
          https://dl.dropboxusercontent.com/u/29853/jenkins-1.576.JENKINS-24317.war

          Remarks on the build:

          • It's not a "real" Jenkins release build, so not signatures etc.
          • I set the version manually to 1.576.JENKINS-24317 to be identifiable.

          Remarks on the warranty:

          • There is none. Make sure you have backups, it's worth what you pay for it, caveat emptor, etc.

          Daniel Beck added a comment - Here's the branch I base the build on: https://github.com/daniel-beck/jenkins/tree/JENKINS-24317-1.576 Here's the diff to Jenkins 1.576: https://github.com/daniel-beck/jenkins/compare/JENKINS-24317-1.576?expand=1 Here's the build if you don't want or can build it yourself: https://dl.dropboxusercontent.com/u/29853/jenkins-1.576.JENKINS-24317.war Remarks on the build: It's not a "real" Jenkins release build, so not signatures etc. I set the version manually to 1.576. JENKINS-24317 to be identifiable. Remarks on the warranty: There is none. Make sure you have backups, it's worth what you pay for it, caveat emptor, etc.

          Carl Molinari added a comment -

          The war from dropbox does fix the problem. Looks like this is a dupe of 24317. I will close it.

          Carl Molinari added a comment - The war from dropbox does fix the problem. Looks like this is a dupe of 24317. I will close it.

            kohsuke Kohsuke Kawaguchi
            cmolinari Carl Molinari
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: