Return-Path: X-Original-To: apmail-cassandra-commits-archive@www.apache.org Delivered-To: apmail-cassandra-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 88304101C8 for ; Fri, 30 May 2014 18:18:49 +0000 (UTC) Received: (qmail 23064 invoked by uid 500); 30 May 2014 18:18:49 -0000 Delivered-To: apmail-cassandra-commits-archive@cassandra.apache.org Received: (qmail 23030 invoked by uid 500); 30 May 2014 18:18:49 -0000 Mailing-List: contact commits-help@cassandra.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@cassandra.apache.org Delivered-To: mailing list commits@cassandra.apache.org Received: (qmail 23022 invoked by uid 99); 30 May 2014 18:18:49 -0000 Received: from tyr.zones.apache.org (HELO tyr.zones.apache.org) (140.211.11.114) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 30 May 2014 18:18:49 +0000 Received: by tyr.zones.apache.org (Postfix, from userid 65534) id 22F25832E80; Fri, 30 May 2014 18:18:49 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: aleksey@apache.org To: commits@cassandra.apache.org Date: Fri, 30 May 2014 18:18:50 -0000 Message-Id: <672dd17d7e1347108900b2538987a35a@git.apache.org> In-Reply-To: <2d369b40146846f88e45d1c089b8c75c@git.apache.org> References: <2d369b40146846f88e45d1c089b8c75c@git.apache.org> X-Mailer: ASF-Git Admin Mailer Subject: [2/2] git commit: Merge branch 'cassandra-1.2' into cassandra-2.0 Merge branch 'cassandra-1.2' into cassandra-2.0 Conflicts: CHANGES.txt src/java/org/apache/cassandra/auth/CassandraAuthorizer.java Project: http://git-wip-us.apache.org/repos/asf/cassandra/repo Commit: http://git-wip-us.apache.org/repos/asf/cassandra/commit/8480fa7b Tree: http://git-wip-us.apache.org/repos/asf/cassandra/tree/8480fa7b Diff: http://git-wip-us.apache.org/repos/asf/cassandra/diff/8480fa7b Branch: refs/heads/cassandra-2.0 Commit: 8480fa7be1bbf54c526d76aeee7ecb07c417db6d Parents: e2c74d5 d48a187 Author: Aleksey Yeschenko Authored: Fri May 30 21:16:42 2014 +0300 Committer: Aleksey Yeschenko Committed: Fri May 30 21:16:42 2014 +0300 ---------------------------------------------------------------------- CHANGES.txt | 1 + src/java/org/apache/cassandra/auth/Auth.java | 2 +- src/java/org/apache/cassandra/auth/CassandraAuthorizer.java | 2 +- src/java/org/apache/cassandra/auth/PasswordAuthenticator.java | 2 +- 4 files changed, 4 insertions(+), 3 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cassandra/blob/8480fa7b/CHANGES.txt ---------------------------------------------------------------------- diff --cc CHANGES.txt index c3145eb,e45cc72..14b43e5 --- a/CHANGES.txt +++ b/CHANGES.txt @@@ -1,57 -1,6 +1,58 @@@ -1.2.17 +2.0.9 + * Add conditional CREATE/DROP USER support (CASSANDRA-7264) + * Swap local and global default read repair chances (CASSANDRA-7320) + * Add missing iso8601 patterns for date strings (CASSANDRA-6973) + * Support selecting multiple rows in a partition using IN (CASSANDRA-6875) + * cqlsh: always emphasize the partition key in DESC output (CASSANDRA-7274) + * Copy compaction options to make sure they are reloaded (CASSANDRA-7290) + * Add option to do more aggressive tombstone compactions (CASSANDRA-6563) + * Don't try to compact already-compacting files in HHOM (CASSANDRA-7288) + * Add authentication support to shuffle (CASSANDRA-6484) + * Cqlsh counts non-empty lines for "Blank lines" warning (CASSANDRA-7325) +Merged from 1.2: + * Fix availability validation for LOCAL_ONE CL (CASSANDRA-7319) + * Use LOCAL_ONE for non-superuser auth queries (CASSANDRA-7328) - * Set keepalive on MessagingService connections (CASSANDRA-7170) + + +2.0.8 + * Always reallocate buffers in HSHA (CASSANDRA-6285) + * (Hadoop) support authentication in CqlRecordReader (CASSANDRA-7221) + * (Hadoop) Close java driver Cluster in CQLRR.close (CASSANDRA-7228) + * Fix potential SlabAllocator yield-starvation (CASSANDRA-7133) + * Warn when 'USING TIMESTAMP' is used on a CAS BATCH (CASSANDRA-7067) + * Starting threads in OutboundTcpConnectionPool constructor causes race conditions (CASSANDRA-7177) + * return all cpu values from BackgroundActivityMonitor.readAndCompute (CASSANDRA-7183) + * fix c* launch issues on Russian os's due to output of linux 'free' cmd (CASSANDRA-6162) + * Fix disabling autocompaction (CASSANDRA-7187) + * Fix potential NumberFormatException when deserializing IntegerType (CASSANDRA-7088) + * cqlsh can't tab-complete disabling compaction (CASSANDRA-7185) + * cqlsh: Accept and execute CQL statement(s) from command-line parameter (CASSANDRA-7172) + * Fix IllegalStateException in CqlPagingRecordReader (CASSANDRA-7198) + * Fix the InvertedIndex trigger example (CASSANDRA-7211) + * Correctly delete scheduled range xfers (CASSANDRA-7143) + * Make batchlog replica selection rack-aware (CASSANDRA-6551) + * Allow overriding cassandra-rackdc.properties file (CASSANDRA-7072) + * Set JMX RMI port to 7199 (CASSANDRA-7087) + * Use LOCAL_QUORUM for data reads at LOCAL_SERIAL (CASSANDRA-6939) + * Log a warning for large batches (CASSANDRA-6487) + * Queries on compact tables can return more rows that requested (CASSANDRA-7052) + * USING TIMESTAMP for batches does not work (CASSANDRA-7053) + * Fix performance regression from CASSANDRA-5614 (CASSANDRA-6949) + * Merge groupable mutations in TriggerExecutor#execute() (CASSANDRA-7047) + * Fix CFMetaData#getColumnDefinitionFromColumnName() (CASSANDRA-7074) + * Plug holes in resource release when wiring up StreamSession (CASSANDRA-7073) + * Re-add parameter columns to tracing session (CASSANDRA-6942) + * Fix writetime/ttl functions for static columns (CASSANDRA-7081) + * Suggest CTRL-C or semicolon after three blank lines in cqlsh (CASSANDRA-7142) + * Add --resolve-ip option to 'nodetool ring' (CASSANDRA-7210) + * Fix duplicated error messages on directory creation error at startup (CASSANDRA-5818) + * reduce garbage on codec flag deserialization (CASSANDRA-7244) + * Proper null handle for IF with map element access (CASSANDRA-7155) + * Improve compaction visibility (CASSANDRA-7242) + * Fix 2ndary index queries with DESC clustering order (CASSANDRA-6950) + * Invalid key cache entries on DROP (CASSANDRA-6525) + * Fix flapping RecoveryManagerTest (CASSANDRA-7084) +Merged from 1.2: * Add Cloudstack snitch (CASSANDRA-7147) * Update system.peers correctly when relocating tokens (CASSANDRA-7126) * Add Google Compute Engine snitch (CASSANDRA-7132) http://git-wip-us.apache.org/repos/asf/cassandra/blob/8480fa7b/src/java/org/apache/cassandra/auth/Auth.java ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cassandra/blob/8480fa7b/src/java/org/apache/cassandra/auth/CassandraAuthorizer.java ---------------------------------------------------------------------- diff --cc src/java/org/apache/cassandra/auth/CassandraAuthorizer.java index deecfdb,0c94f57..61ad9a4 --- a/src/java/org/apache/cassandra/auth/CassandraAuthorizer.java +++ b/src/java/org/apache/cassandra/auth/CassandraAuthorizer.java @@@ -72,10 -71,10 +72,10 @@@ public class CassandraAuthorizer implem UntypedResultSet result; try { - ResultMessage.Rows rows = authorizeStatement.execute(ConsistencyLevel.LOCAL_ONE, - new QueryState(new ClientState(true)), - Lists.newArrayList(ByteBufferUtil.bytes(user.getName()), - ByteBufferUtil.bytes(resource.getName()))); + ResultMessage.Rows rows = authorizeStatement.execute(QueryState.forInternalCalls(), - new QueryOptions(ConsistencyLevel.ONE, ++ new QueryOptions(ConsistencyLevel.LOCAL_ONE, + Lists.newArrayList(ByteBufferUtil.bytes(user.getName()), + ByteBufferUtil.bytes(resource.getName())))); result = new UntypedResultSet(rows.result); } catch (RequestValidationException e) http://git-wip-us.apache.org/repos/asf/cassandra/blob/8480fa7b/src/java/org/apache/cassandra/auth/PasswordAuthenticator.java ---------------------------------------------------------------------- diff --cc src/java/org/apache/cassandra/auth/PasswordAuthenticator.java index 3d9ba98,9adbe4e..7ed9817 --- a/src/java/org/apache/cassandra/auth/PasswordAuthenticator.java +++ b/src/java/org/apache/cassandra/auth/PasswordAuthenticator.java @@@ -271,76 -262,6 +271,76 @@@ public class PasswordAuthenticator impl if (username.equals(DEFAULT_USER_NAME)) return ConsistencyLevel.QUORUM; else - return ConsistencyLevel.ONE; + return ConsistencyLevel.LOCAL_ONE; } + + private class PlainTextSaslAuthenticator implements ISaslAwareAuthenticator.SaslAuthenticator + { + private static final byte NUL = 0; + + private boolean complete = false; + private Map credentials; + + @Override + public byte[] evaluateResponse(byte[] clientResponse) throws AuthenticationException + { + credentials = decodeCredentials(clientResponse); + complete = true; + return null; + } + + @Override + public boolean isComplete() + { + return complete; + } + + @Override + public AuthenticatedUser getAuthenticatedUser() throws AuthenticationException + { + return authenticate(credentials); + } + + /** + * SASL PLAIN mechanism specifies that credentials are encoded in a + * sequence of UTF-8 bytes, delimited by 0 (US-ASCII NUL). + * The form is : {code}authzIdauthnIdpassword{code} + * authzId is optional, and in fact we don't care about it here as we'll + * set the authzId to match the authnId (that is, there is no concept of + * a user being authorized to act on behalf of another). + * + * @param bytes encoded credentials string sent by the client + * @return map containing the username/password pairs in the form an IAuthenticator + * would expect + * @throws javax.security.sasl.SaslException + */ + private Map decodeCredentials(byte[] bytes) throws AuthenticationException + { + logger.debug("Decoding credentials from client token"); + byte[] user = null; + byte[] pass = null; + int end = bytes.length; + for (int i = bytes.length - 1 ; i >= 0; i--) + { + if (bytes[i] == NUL) + { + if (pass == null) + pass = Arrays.copyOfRange(bytes, i + 1, end); + else if (user == null) + user = Arrays.copyOfRange(bytes, i + 1, end); + end = i; + } + } + + if (user == null) + throw new AuthenticationException("Authentication ID must not be null"); + if (pass == null) + throw new AuthenticationException("Password must not be null"); + + Map credentials = new HashMap(); + credentials.put(IAuthenticator.USERNAME_KEY, new String(user, StandardCharsets.UTF_8)); + credentials.put(IAuthenticator.PASSWORD_KEY, new String(pass, StandardCharsets.UTF_8)); + return credentials; + } + } }