ZOOKEEPER-4477: Single Kerberos ticket renewal failure can prevent all future renewals since Java 9

[symat]

This is the ZOOKEEPER-4477 patch for branch-3.5. Similar to the same fix on newer branches but using junit 4 in the tests (the junit upgrade happened in ZooKeeper 3.6).

This bug is similar to the one fixed in https://issues.apache.org/jira/browse/KAFKA-12730.

Our Kerberos ticket refresh thread performs re-login by logging out and then logging in again. If login fails, we retry after some sleep. Every reLogin() operation performs loginContext.logout() and loginContext.login(). If login fails, we end up with two consecutive logouts. This used to work in older Java versions, but from Java 9 onwards, this results in a NullPointerException due to https://bugs.openjdk.java.net/browse/JDK-8173069. We should check if logout is required before attempting logout.

I fixed the issue and added a new unit test to test some ticket renewal scenarios. I managed to reproduce the problem in KerberosTicketRenewalTest.shouldRecoverIfKerberosNotAvailableForSomeTime() which (before the fix) failed with Java13 but succeeded with Java8.

[symat]

thanks! I'll merge this and also test the patch on branch-3.6. (looks I remembered wrong, junit4 was introduced in 3.7 and not in 3.6 as I remembered)