geode-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From hiteshkhame...@apache.org
Subject [12/24] incubator-geode git commit: GEODE-1372 Added security-udp-dhalgo property.
Date Mon, 29 Aug 2016 21:39:14 GMT
GEODE-1372 Added security-udp-dhalgo property.

Added unit test for it.
We start tcp server thread parallel with jgroup initialization. during
this there is possiblity that tcp server sees findCoordinator request.
In this case we added latct with 2 second wait to see whether jgroup
layer has been initialized or not.
If still not initialized then we add pk in GMSScript static variable.


Project: http://git-wip-us.apache.org/repos/asf/incubator-geode/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-geode/commit/453a7095
Tree: http://git-wip-us.apache.org/repos/asf/incubator-geode/tree/453a7095
Diff: http://git-wip-us.apache.org/repos/asf/incubator-geode/diff/453a7095

Branch: refs/heads/develop
Commit: 453a709528473f4293ac40de579573fdb2962381
Parents: de16ac4
Author: Hitesh Khamesra <hkhamesra@pivotal.io>
Authored: Mon Jun 13 15:33:55 2016 -0700
Committer: Hitesh Khamesra <hkhamesra@pivotal.io>
Committed: Mon Aug 29 10:39:18 2016 -0700

----------------------------------------------------------------------
 .../distributed/internal/InternalLocator.java   |  3 +-
 .../internal/membership/MemberFactory.java      |  5 +-
 .../internal/membership/MemberServices.java     |  3 +-
 .../membership/gms/GMSMemberFactory.java        |  4 +-
 .../gms/locator/FindCoordinatorRequest.java     | 14 ++++-
 .../gms/locator/FindCoordinatorResponse.java    | 11 ++++
 .../membership/gms/locator/GMSLocator.java      | 36 +++++++++--
 .../membership/gms/membership/GMSJoinLeave.java | 13 ++--
 .../membership/gms/messenger/GMSEncrypt.java    | 37 +++++++++---
 .../gemfire/distributed/LocatorDUnitTest.java   | 16 +++--
 .../LocatorUDPSecurityDUnitTest.java            | 63 +++++++++++++++++++-
 .../locator/GMSLocatorRecoveryJUnitTest.java    |  4 +-
 .../gms/membership/GMSJoinLeaveJUnitTest.java   |  4 +-
 .../messenger/JGroupsMessengerJUnitTest.java    | 11 ++--
 14 files changed, 184 insertions(+), 40 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/453a7095/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/InternalLocator.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/InternalLocator.java
b/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/InternalLocator.java
index 3c9fa97..026efb9 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/InternalLocator.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/InternalLocator.java
@@ -643,6 +643,7 @@ public class InternalLocator extends Locator implements ConnectListener
{
     // coordinator - e.g., security and network-partition detection
     boolean locatorsAreCoordinators = false;
     boolean networkPartitionDetectionEnabled = this.config.getEnableNetworkPartitionDetection();
+    String securityUDPDHAlgo = this.config.getSecurityUDPDHAlgo();
     if (networkPartitionDetectionEnabled) {
       locatorsAreCoordinators = true;
     }
@@ -656,7 +657,7 @@ public class InternalLocator extends Locator implements ConnectListener
{
     }
 
     this.locatorImpl = MemberFactory.newLocatorHandler(this.bindAddress, this.stateFile,
-        locatorsProp, locatorsAreCoordinators, networkPartitionDetectionEnabled, stats);
+        locatorsProp, locatorsAreCoordinators, networkPartitionDetectionEnabled, stats, securityUDPDHAlgo);
     this.handler.addHandler(PeerLocatorRequest.class, this.locatorImpl);
     peerLocator = true;
     if(!server.isAlive()) {

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/453a7095/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/MemberFactory.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/MemberFactory.java
b/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/MemberFactory.java
index 013ef35..1f4751b 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/MemberFactory.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/MemberFactory.java
@@ -95,14 +95,15 @@ public class MemberFactory {
   /**
    * currently this is a test method but it ought to be used by InternalLocator
    * to create the peer location TcpHandler
+   * @param securityUDPDHAlgo TODO
    */
   static public NetLocator newLocatorHandler(InetAddress bindAddress,
           File stateFile,
           String locatorString,
           boolean usePreferredCoordinators,
-          boolean networkPartitionDetectionEnabled, LocatorStats stats) {
+          boolean networkPartitionDetectionEnabled, LocatorStats stats, String securityUDPDHAlgo)
{
     return services.newLocatorHandler(bindAddress, stateFile, locatorString,
-        usePreferredCoordinators, networkPartitionDetectionEnabled, stats);
+        usePreferredCoordinators, networkPartitionDetectionEnabled, stats, securityUDPDHAlgo);
   }
 
 }

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/453a7095/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/MemberServices.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/MemberServices.java
b/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/MemberServices.java
index 7f48e46..236ac43 100755
--- a/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/MemberServices.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/MemberServices.java
@@ -81,8 +81,9 @@ public interface MemberServices {
   /**
    * currently this is a test method but it ought to be used by InternalLocator
    * to create the peer location TcpHandler
+   * @param securityUDPDHAlgo TODO
    */
   public abstract NetLocator newLocatorHandler(InetAddress bindAddress,
       File stateFile, String locatorString, boolean usePreferredCoordinators,
-      boolean networkPartitionDetectionEnabled, LocatorStats stats);
+      boolean networkPartitionDetectionEnabled, LocatorStats stats, String securityUDPDHAlgo);
 }

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/453a7095/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/gms/GMSMemberFactory.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/gms/GMSMemberFactory.java
b/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/gms/GMSMemberFactory.java
index 4328bed..3c968f6 100755
--- a/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/gms/GMSMemberFactory.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/gms/GMSMemberFactory.java
@@ -121,9 +121,9 @@ public class GMSMemberFactory implements MemberServices {
       File stateFile,
       String locatorString,
       boolean usePreferredCoordinators,
-      boolean networkPartitionDetectionEnabled, LocatorStats stats) {
+      boolean networkPartitionDetectionEnabled, LocatorStats stats, String securityUDPDHAlgo)
{
     
-    return new GMSLocator(bindAddress, stateFile, locatorString, usePreferredCoordinators,
networkPartitionDetectionEnabled, stats);
+    return new GMSLocator(bindAddress, stateFile, locatorString, usePreferredCoordinators,
networkPartitionDetectionEnabled, stats, securityUDPDHAlgo);
   }
 
 }

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/453a7095/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/gms/locator/FindCoordinatorRequest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/gms/locator/FindCoordinatorRequest.java
b/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/gms/locator/FindCoordinatorRequest.java
index c434c25..4e582d8 100755
--- a/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/gms/locator/FindCoordinatorRequest.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/gms/locator/FindCoordinatorRequest.java
@@ -38,18 +38,20 @@ public class FindCoordinatorRequest extends HighPriorityDistributionMessage
   private int lastViewId;
   private byte[] myPublicKey;
   private int requestId;   
+  private String dhalgo;
 
   public FindCoordinatorRequest(InternalDistributedMember myId) {
     this.memberID = myId;
   }
   
   public FindCoordinatorRequest(InternalDistributedMember myId, Collection<InternalDistributedMember>
rejectedCoordinators, 
-      int lastViewId, byte[] pk, int requestId) {
+      int lastViewId, byte[] pk, int requestId, String dhalgo) {
     this.memberID = myId;
     this.rejectedCoordinators = rejectedCoordinators;
     this.lastViewId = lastViewId;
     this.myPublicKey = pk;
     this.requestId = requestId;
+    this.dhalgo = dhalgo;
   }
   
   public FindCoordinatorRequest() {
@@ -63,6 +65,10 @@ public class FindCoordinatorRequest extends HighPriorityDistributionMessage
   public byte[] getMyPublicKey() {
     return myPublicKey;
   }
+  
+  public String getDHAlgo() {
+    return dhalgo;
+  }
 
   public Collection<InternalDistributedMember> getRejectedCoordinators() {
     return rejectedCoordinators;
@@ -109,6 +115,7 @@ public class FindCoordinatorRequest extends HighPriorityDistributionMessage
     }
     out.writeInt(lastViewId);
     out.writeInt(requestId);
+    InternalDataSerializer.writeString(dhalgo, out);
     InternalDataSerializer.writeByteArray(this.myPublicKey, out);
   }
 
@@ -122,6 +129,7 @@ public class FindCoordinatorRequest extends HighPriorityDistributionMessage
     }
     this.lastViewId = in.readInt();
     this.requestId = in.readInt();
+    this.dhalgo = InternalDataSerializer.readString(in);
     this.myPublicKey = InternalDataSerializer.readByteArray(in);
   }
 
@@ -135,6 +143,7 @@ public class FindCoordinatorRequest extends HighPriorityDistributionMessage
     final int prime = 31;
     int result = 1;
     result = prime * result + lastViewId;
+    result = prime * result + ((dhalgo == null) ? 0 : dhalgo.hashCode());
     result = prime * result + ((memberID == null) ? 0 : memberID.hashCode());
     result = prime * result + ((rejectedCoordinators == null) ? 0 : rejectedCoordinators.hashCode());
     return result;
@@ -151,6 +160,9 @@ public class FindCoordinatorRequest extends HighPriorityDistributionMessage
     FindCoordinatorRequest other = (FindCoordinatorRequest) obj;
     if (lastViewId != other.lastViewId)
       return false;
+    if(!dhalgo.equals(other.dhalgo)) {
+      return false;
+    }
     if (memberID == null) {
       if (other.memberID != null)
         return false;

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/453a7095/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/gms/locator/FindCoordinatorResponse.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/gms/locator/FindCoordinatorResponse.java
b/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/gms/locator/FindCoordinatorResponse.java
index 07f0e58..66e5982 100755
--- a/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/gms/locator/FindCoordinatorResponse.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/gms/locator/FindCoordinatorResponse.java
@@ -44,6 +44,7 @@ public class FindCoordinatorResponse  extends HighPriorityDistributionMessage
   private boolean usePreferredCoordinators;
   private boolean isShortForm;
   private byte[] coordinatorPublicKey;  
+  private String rejectionMessage;
 
   private int requestId;
   
@@ -71,6 +72,10 @@ public class FindCoordinatorResponse  extends HighPriorityDistributionMessage
     this.requestId = requestId;
   }
   
+  public FindCoordinatorResponse(String m) {
+    this.rejectionMessage = m;
+  }
+  
   public FindCoordinatorResponse() {
     // no-arg constructor for serialization
   }
@@ -83,6 +88,10 @@ public class FindCoordinatorResponse  extends HighPriorityDistributionMessage
     return requestId;
   }
   
+  public String getRejectionMessage() {
+    return rejectionMessage;
+  }
+  
   public boolean isNetworkPartitionDetectionEnabled() {
     return networkPartitionDetectionEnabled;
   }
@@ -146,6 +155,7 @@ public class FindCoordinatorResponse  extends HighPriorityDistributionMessage
     DataSerializer.writeObject(coordinator, out);
     DataSerializer.writeObject(senderId, out);
     InternalDataSerializer.writeByteArray(coordinatorPublicKey, out);
+    InternalDataSerializer.writeString(rejectionMessage, out);
     out.writeBoolean(isShortForm);
     out.writeBoolean(fromView);
     out.writeBoolean(networkPartitionDetectionEnabled);
@@ -159,6 +169,7 @@ public class FindCoordinatorResponse  extends HighPriorityDistributionMessage
     coordinator = DataSerializer.readObject(in);
     senderId = DataSerializer.readObject(in);
     coordinatorPublicKey = InternalDataSerializer.readByteArray(in);
+    rejectionMessage = InternalDataSerializer.readString(in);
     isShortForm = in.readBoolean();    
     if (!isShortForm) {
       fromView = in.readBoolean();

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/453a7095/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/gms/locator/GMSLocator.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/gms/locator/GMSLocator.java
b/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/gms/locator/GMSLocator.java
index 305b497..44e5ce8 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/gms/locator/GMSLocator.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/gms/locator/GMSLocator.java
@@ -49,6 +49,7 @@ import com.gemstone.gemfire.distributed.internal.membership.gms.GMSUtil;
 import com.gemstone.gemfire.distributed.internal.membership.gms.NetLocator;
 import com.gemstone.gemfire.distributed.internal.membership.gms.Services;
 import com.gemstone.gemfire.distributed.internal.membership.gms.interfaces.Locator;
+import com.gemstone.gemfire.distributed.internal.membership.gms.messenger.GMSEncrypt;
 import com.gemstone.gemfire.distributed.internal.membership.gms.mgr.GMSMembershipManager;
 import com.gemstone.gemfire.distributed.internal.tcpserver.TcpClient;
 import com.gemstone.gemfire.distributed.internal.tcpserver.TcpServer;
@@ -66,6 +67,7 @@ public class GMSLocator implements Locator, NetLocator {
 
   private final boolean usePreferredCoordinators;
   private final boolean networkPartitionDetectionEnabled;
+  private final String securityUDPDHAlgo; 
   private final String locatorString;
   private final List<InetSocketAddress> locators;
   private Services services;
@@ -89,14 +91,16 @@ public class GMSLocator implements Locator, NetLocator {
    * @param usePreferredCoordinators    true if the membership coordinator should be a Locator
    * @param networkPartitionDetectionEnabled true if network partition detection is enabled
    * @param stats the locator statistics object
+   * @param securityUDPDHAlgo TODO
    */
   public GMSLocator(  InetAddress bindAddress,
                       File stateFile,
                       String locatorString,
                       boolean usePreferredCoordinators,
-                      boolean networkPartitionDetectionEnabled, LocatorStats stats) {
+                      boolean networkPartitionDetectionEnabled, LocatorStats stats, String
securityUDPDHAlgo) {
     this.usePreferredCoordinators = usePreferredCoordinators;
     this.networkPartitionDetectionEnabled = networkPartitionDetectionEnabled;
+    this.securityUDPDHAlgo = securityUDPDHAlgo;
     this.locatorString = locatorString;
     if (this.locatorString == null || this.locatorString.length() == 0) {
       this.locators = new ArrayList<>(0);
@@ -108,7 +112,7 @@ public class GMSLocator implements Locator, NetLocator {
   }
   
   @Override
-  public boolean setMembershipManager(MembershipManager mgr) {
+  public synchronized boolean setMembershipManager(MembershipManager mgr) {
     if (services == null || services.isStopped()) {
       logger.info("Peer locator is connecting to local membership services");
       services = ((GMSMembershipManager)mgr).getServices();
@@ -118,6 +122,7 @@ public class GMSLocator implements Locator, NetLocator {
       if (newView != null) {
         this.view = newView;
       }
+      this.notifyAll();
       return true;
     }
     return false;
@@ -130,13 +135,19 @@ public class GMSLocator implements Locator, NetLocator {
     recover();
   }
   
-  private void findServices() {
+  private synchronized void findServices() {
     InternalDistributedSystem sys = InternalDistributedSystem.getAnyInstance();
     if (sys != null && services == null) {
       logger.info("Peer locator found distributed system " + sys);
       setMembershipManager(sys.getDM().getMembershipManager());
     }
-  }
+    if(services == null) {
+      try {
+        wait(2000);
+      } catch (InterruptedException e) {
+      }
+    }
+  }  
 
   @Override
   public void installView(NetView view) {
@@ -166,8 +177,16 @@ public class GMSLocator implements Locator, NetLocator {
         response = new GetViewResponse(view);
       }
     } else if (request instanceof FindCoordinatorRequest) {
+      findServices();
       FindCoordinatorRequest findRequest = (FindCoordinatorRequest)request;
-      services.getMessenger().setPublicKey(findRequest.getMyPublicKey(), findRequest.getMemberID());
+      if(!findRequest.getDHAlgo().equals(securityUDPDHAlgo)) {
+        return new FindCoordinatorResponse("Rejecting findCoordinatorRequest, as member not
configured same udp security(" + findRequest.getDHAlgo() + " )as locator (" + securityUDPDHAlgo
+ ")");
+      }
+      if(services != null) {
+        services.getMessenger().setPublicKey(findRequest.getMyPublicKey(), findRequest.getMemberID());
+      } else {
+        GMSEncrypt.registerMember(findRequest.getMyPublicKey(), findRequest.getMemberID());
+      }
       if (findRequest.getMemberID() != null) {
         InternalDistributedMember coord = null;
 
@@ -232,7 +251,11 @@ public class GMSLocator implements Locator, NetLocator {
             coordPk = (byte[])view.getPublicKey(coord);            
           }
           if (coordPk == null) {
-            coordPk = services.getMessenger().getPublickey(coord);
+            if(services != null){
+              coordPk = services.getMessenger().getPublickey(coord);
+            } else {
+              coordPk = GMSEncrypt.getRegisteredPublicKey(coord);
+            }
           }
           response = new FindCoordinatorResponse(coord, localAddress,
               fromView, view, new HashSet<InternalDistributedMember>(registrants),
@@ -288,6 +311,7 @@ public class GMSLocator implements Locator, NetLocator {
   @Override
   public void shutDown() {
     // nothing to do for GMSLocator
+    GMSEncrypt.clear();
   }
   
   

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/453a7095/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/gms/membership/GMSJoinLeave.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/gms/membership/GMSJoinLeave.java
b/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/gms/membership/GMSJoinLeave.java
index 840070c..663d989 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/gms/membership/GMSJoinLeave.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/gms/membership/GMSJoinLeave.java
@@ -991,8 +991,9 @@ public class GMSJoinLeave implements JoinLeave, MessageHandler {
       return findCoordinatorFromView();
     }
 
+    String dhalgo = services.getConfig().getDistributionConfig().getSecurityUDPDHAlgo();
     FindCoordinatorRequest request = new FindCoordinatorRequest(this.localAddress, state.alreadyTried,
state.viewId, 
-        services.getMessenger().getPublickey(localAddress), services.getMessenger().getRequestId());
+        services.getMessenger().getPublickey(localAddress), services.getMessenger().getRequestId(),
dhalgo);
     Set<InternalDistributedMember> possibleCoordinators = new HashSet<InternalDistributedMember>();
     Set<InternalDistributedMember> coordinatorsWithView = new HashSet<InternalDistributedMember>();
 
@@ -1012,6 +1013,9 @@ public class GMSJoinLeave implements JoinLeave, MessageHandler {
           Object o = tcpClientWrapper.sendCoordinatorFindRequest(addr, request, connectTimeout);
           FindCoordinatorResponse response = (o instanceof FindCoordinatorResponse) ? (FindCoordinatorResponse)
o : null;
           if (response != null) {
+            if(response.getRejectionMessage() != null ) {
+              throw new GemFireConfigException(response.getRejectionMessage());
+            }
             setCoordinatorPublicKey(response);
             state.locatorsContacted++;
             if (!state.hasContactedAJoinedLocator &&
@@ -1121,19 +1125,20 @@ public class GMSJoinLeave implements JoinLeave, MessageHandler {
         state.responses.clear();
       }
       
-      if (!services.getConfig().getDistributionConfig().getSecurityUDPDHAlgo().isEmpty())
{
+      String dhalgo = services.getConfig().getDistributionConfig().getSecurityUDPDHAlgo();

+      if (!dhalgo.isEmpty()) {
         for (InternalDistributedMember mbr : v.getMembers()) {
           Set<InternalDistributedMember> r = new HashSet<>();
           r.add(mbr);
           FindCoordinatorRequest req = new FindCoordinatorRequest(localAddress, state.alreadyTried,
state.viewId, services.getMessenger().getPublickey(
-              localAddress), services.getMessenger().getRequestId());
+              localAddress), services.getMessenger().getRequestId(), dhalgo);
           req.setRecipients(r);
 
           services.getMessenger().send(req, v);
         }
       } else {
         FindCoordinatorRequest req = new FindCoordinatorRequest(localAddress, state.alreadyTried,
state.viewId, services.getMessenger().getPublickey(
-            localAddress), services.getMessenger().getRequestId());
+            localAddress), services.getMessenger().getRequestId(), dhalgo);
         req.setRecipients(v.getMembers());
 
         services.getMessenger().send(req, v);

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/453a7095/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/gms/messenger/GMSEncrypt.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/gms/messenger/GMSEncrypt.java
b/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/gms/messenger/GMSEncrypt.java
index fe2bb2d..ba049d2 100755
--- a/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/gms/messenger/GMSEncrypt.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/gms/messenger/GMSEncrypt.java
@@ -38,8 +38,9 @@ import com.gemstone.gemfire.distributed.internal.membership.NetView;
 import com.gemstone.gemfire.distributed.internal.membership.gms.Services;
 import com.gemstone.gemfire.distributed.internal.DistributionConfig;
 
-public class GMSEncrypt implements Cloneable{
-  
+public class GMSEncrypt implements Cloneable {
+
+  public static Map<GMSEncrypt.InternalDistributedMemberWrapper, byte[]> registrants
= new ConcurrentHashMap<>();
   public static long encodingsPerformed;
   public static long decodingsPerformed;
 
@@ -76,7 +77,7 @@ public class GMSEncrypt implements Cloneable{
   private ConcurrentHashMap<InternalDistributedMember, PeerEncryptor>[] copyOfPeerEncryptors;
   private ClusterEncryptor[] clusterEncryptors;
   
-  private Map<GMSEncrypt.InternalDistrubtedMemberWrapper, byte[]> memberToPeerEncryptor
= new ConcurrentHashMap<>();
+  private Map<GMSEncrypt.InternalDistributedMemberWrapper, byte[]> memberToPeerEncryptor
= new ConcurrentHashMap<>();
 
   private ClusterEncryptor clusterEncryptor;
 
@@ -109,7 +110,22 @@ public class GMSEncrypt implements Cloneable{
     initEncryptors();
   }
 
-  public GMSEncrypt(Services services) throws  Exception {
+  public static void registerMember(byte[] pk, InternalDistributedMember mbr) {
+    if (pk != null) {
+      registrants.put(new GMSEncrypt.InternalDistributedMemberWrapper(mbr), pk);
+    }
+  }
+  
+  public static void clear() {
+    registrants.clear();
+  }
+  
+  public static byte[] getRegisteredPublicKey(InternalDistributedMember mbr) {
+    InternalDistributedMemberWrapper m = new InternalDistributedMemberWrapper(mbr);
+    return registrants.get(m);
+  }
+  
+  public GMSEncrypt(Services services) throws Exception {
     this.services = services;
     initEncryptors();
     initDHKeys(services.getConfig().getDistributionConfig());
@@ -168,7 +184,7 @@ public class GMSEncrypt implements Cloneable{
   protected void setPublicKey(byte[] publickey, InternalDistributedMember mbr) {
     try {
       //createPeerEncryptor(mbr, publickey);
-      memberToPeerEncryptor.put(new InternalDistrubtedMemberWrapper(mbr), publickey);
+      memberToPeerEncryptor.put(new InternalDistributedMemberWrapper(mbr), publickey);
       synchronized (copyOfPeerEncryptors) {
         //remove all the existing keys..
         for(Map m : copyOfPeerEncryptors) {
@@ -227,10 +243,10 @@ public class GMSEncrypt implements Cloneable{
     }
   }
 
-  static class InternalDistrubtedMemberWrapper {
+  static class InternalDistributedMemberWrapper {
     InternalDistributedMember mbr;
     
-    public InternalDistrubtedMemberWrapper(InternalDistributedMember m) {
+    public InternalDistributedMemberWrapper(InternalDistributedMember m) {
       this.mbr = m;
     }
 
@@ -245,7 +261,7 @@ public class GMSEncrypt implements Cloneable{
 
     @Override
     public boolean equals(Object obj) {
-      InternalDistributedMember other = ((InternalDistrubtedMemberWrapper)obj).mbr;
+      InternalDistributedMember other = ((InternalDistributedMemberWrapper)obj).mbr;
       return mbr.compareTo(other, false, false) == 0;
     }
 
@@ -263,7 +279,10 @@ public class GMSEncrypt implements Cloneable{
       synchronized (this) {
         result = m.get(member);
         if (result == null) {
-          byte[] pk = (byte[])memberToPeerEncryptor.get(new InternalDistrubtedMemberWrapper(member));
+          byte[] pk = (byte[])memberToPeerEncryptor.get(new InternalDistributedMemberWrapper(member));
+          if (pk == null) {
+            pk = getRegisteredPublicKey(member);
+          }
           result = createPeerEncryptor(member, pk != null ? pk : (byte[]) view.getPublicKey(member));
           m.put(member, result);
         }

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/453a7095/geode-core/src/test/java/com/gemstone/gemfire/distributed/LocatorDUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/distributed/LocatorDUnitTest.java
b/geode-core/src/test/java/com/gemstone/gemfire/distributed/LocatorDUnitTest.java
index 2a35ba7..bf6d3f1 100755
--- a/geode-core/src/test/java/com/gemstone/gemfire/distributed/LocatorDUnitTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/distributed/LocatorDUnitTest.java
@@ -80,7 +80,7 @@ import com.gemstone.gemfire.test.junit.categories.DistributedTest;
 @Category(DistributedTest.class)
 public class LocatorDUnitTest extends JUnit4DistributedTestCase {
 
-  private static volatile InternalDistributedSystem system = null;
+  static volatile InternalDistributedSystem system = null;
 
   static TestHook hook;
 
@@ -96,7 +96,7 @@ public class LocatorDUnitTest extends JUnit4DistributedTestCase {
   private static final int WAIT2_MS
       = Integer.getInteger(WAIT2_MS_NAME, WAIT2_MS_DEFAULT).intValue();
 
-  private int port1;
+  protected int port1;
   private int port2;
 
   @Override
@@ -1455,7 +1455,7 @@ public class LocatorDUnitTest extends JUnit4DistributedTestCase {
     }
   }
 
-  private SerializableRunnable getDisconnectRunnable(final String locators) {
+  SerializableRunnable getDisconnectRunnable(final String locators) {
     return new SerializableRunnable("Disconnect from " + locators) {
       public void run() {
         DistributedSystem sys = InternalDistributedSystem.getAnyInstance();
@@ -1465,6 +1465,14 @@ public class LocatorDUnitTest extends JUnit4DistributedTestCase {
       }
     };
   }
+  
+  public void testLoop() throws Exception {
+    for(int i=0; i < 200; i++) {
+      testMultipleLocatorsRestartingAtSameTime();
+      tearDown();
+      setUp();
+    }
+  }
   /**
    * Tests starting multiple locators at the same time and ensuring that the locators
    * end up only have 1 master.
@@ -1959,7 +1967,7 @@ public class LocatorDUnitTest extends JUnit4DistributedTestCase {
     return MembershipManagerHelper.getLeadMember(sys);
   }
 
-  private SerializableRunnable getStopLocatorRunnable() {
+  SerializableRunnable getStopLocatorRunnable() {
     return new SerializableRunnable("stop locator") {
       public void run() {
         MembershipManagerHelper.inhibitForcedDisconnectLogging(false);

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/453a7095/geode-core/src/test/java/com/gemstone/gemfire/distributed/LocatorUDPSecurityDUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/distributed/LocatorUDPSecurityDUnitTest.java
b/geode-core/src/test/java/com/gemstone/gemfire/distributed/LocatorUDPSecurityDUnitTest.java
index be24f39..fe840db 100755
--- a/geode-core/src/test/java/com/gemstone/gemfire/distributed/LocatorUDPSecurityDUnitTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/distributed/LocatorUDPSecurityDUnitTest.java
@@ -1,10 +1,25 @@
 package com.gemstone.gemfire.distributed;
 
+import java.io.File;
+import java.io.IOException;
 import java.util.Properties;
 
+import org.junit.Assert;
 import org.junit.Test;
 
+import com.gemstone.gemfire.GemFireConfigException;
 import com.gemstone.gemfire.distributed.internal.DistributionConfig;
+import com.gemstone.gemfire.distributed.internal.InternalDistributedSystem;
+import com.gemstone.gemfire.distributed.internal.membership.gms.MembershipManagerHelper;
+import com.gemstone.gemfire.internal.AvailablePort;
+import com.gemstone.gemfire.test.dunit.DistributedTestUtils;
+import com.gemstone.gemfire.test.dunit.Host;
+import com.gemstone.gemfire.test.dunit.NetworkUtils;
+import com.gemstone.gemfire.test.dunit.SerializableRunnable;
+import com.gemstone.gemfire.test.dunit.VM;
+import com.gemstone.gemfire.test.dunit.Wait;
+import com.gemstone.gemfire.test.dunit.WaitCriterion;
+
 import static com.gemstone.gemfire.distributed.DistributedSystemConfigProperties.*;
 
 public class LocatorUDPSecurityDUnitTest extends LocatorDUnitTest{
@@ -14,7 +29,7 @@ public class LocatorUDPSecurityDUnitTest extends LocatorDUnitTest{
   
   @Test
   public void testLoop() throws Exception {
-    for(int i=0; i < 1; i++) {
+    for(int i=0; i < 100; i++) {
       testMultipleLocatorsRestartingAtSameTime();
       tearDown();
       setUp();
@@ -25,4 +40,50 @@ public class LocatorUDPSecurityDUnitTest extends LocatorDUnitTest{
   protected void addDSProps(Properties p) {
     p.setProperty(SECURITY_UDP_DHALGO, "AES:128");
   }
+  
+  @Test
+  public void testLocatorWithUDPSecurityButServer() throws Exception {
+    disconnectAllFromDS();
+    Host host = Host.getHost(0);
+    VM vm0 = host.getVM(0);
+    VM vm1 = host.getVM(1);
+    VM vm2 = host.getVM(2);
+
+    final int port =
+        AvailablePort.getRandomAvailablePort(AvailablePort.SOCKET);
+    DistributedTestUtils.deleteLocatorStateFile(port1);
+    final String locators = NetworkUtils.getServerHostName(host) + "[" + port + "]";
+    final String uniqueName = getUniqueName();
+
+    vm0.invoke(new SerializableRunnable("Start locator " + locators) {
+      public void run() {
+        File logFile = new File("");
+        try {
+          Properties locProps = new Properties();
+          locProps.setProperty(MCAST_PORT, "0");
+          locProps.setProperty(MEMBER_TIMEOUT, "1000");
+          locProps.put(ENABLE_CLUSTER_CONFIGURATION, "false");
+
+          addDSProps(locProps);  
+          Locator.startLocatorAndDS(port, logFile, locProps);
+        } catch (IOException ex) {
+          com.gemstone.gemfire.test.dunit.Assert.fail("While starting locator on port " +
port, ex);
+        }
+      }
+    });
+    try {
+
+      Properties props = new Properties();
+      props.setProperty(MCAST_PORT, "0");
+      props.setProperty(LOCATORS, locators);
+      props.setProperty(MEMBER_TIMEOUT, "1000");
+     // addDSProps(props);
+      system = (InternalDistributedSystem) DistributedSystem.connect(props);
+      
+    } catch(GemFireConfigException gce){
+      Assert.assertTrue(gce.getMessage().contains("Rejecting findCoordinatorRequest"));
+    } finally {
+      vm0.invoke(getStopLocatorRunnable());
+    }
+  }
 }

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/453a7095/geode-core/src/test/java/com/gemstone/gemfire/distributed/internal/membership/gms/locator/GMSLocatorRecoveryJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/distributed/internal/membership/gms/locator/GMSLocatorRecoveryJUnitTest.java
b/geode-core/src/test/java/com/gemstone/gemfire/distributed/internal/membership/gms/locator/GMSLocatorRecoveryJUnitTest.java
index fcf77a0..d1af124 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/distributed/internal/membership/gms/locator/GMSLocatorRecoveryJUnitTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/distributed/internal/membership/gms/locator/GMSLocatorRecoveryJUnitTest.java
@@ -56,7 +56,7 @@ public class GMSLocatorRecoveryJUnitTest {
     if (tempStateFile.exists()) {
       tempStateFile.delete();
     }
-    locator = new GMSLocator(null, tempStateFile, null, false, false, new LocatorStats());
+    locator = new GMSLocator(null, tempStateFile, null, false, false, new LocatorStats(),
"");
     // System.out.println("temp state file: " + tempStateFile);
   }
 
@@ -160,7 +160,7 @@ public class GMSLocatorRecoveryJUnitTest {
       ((InternalLocator)l).getLocatorHandler().setMembershipManager(m1);
       
       GMSLocator l2 = new GMSLocator(SocketCreator.getLocalHost(), new File("l2.dat"),
-          m1.getLocalMember().getHost()+"["+port+"]", true, true, new LocatorStats());
+          m1.getLocalMember().getHost()+"["+port+"]", true, true, new LocatorStats(), "");
       l2.init(null);
       
       assertTrue("expected view to contain "

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/453a7095/geode-core/src/test/java/com/gemstone/gemfire/distributed/internal/membership/gms/membership/GMSJoinLeaveJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/distributed/internal/membership/gms/membership/GMSJoinLeaveJUnitTest.java
b/geode-core/src/test/java/com/gemstone/gemfire/distributed/internal/membership/gms/membership/GMSJoinLeaveJUnitTest.java
index c4e4181..644db2f 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/distributed/internal/membership/gms/membership/GMSJoinLeaveJUnitTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/distributed/internal/membership/gms/membership/GMSJoinLeaveJUnitTest.java
@@ -1076,7 +1076,7 @@ public class GMSJoinLeaveJUnitTest {
       
       TcpClientWrapper tcpClientWrapper = mock(TcpClientWrapper.class);
       gmsJoinLeave.setTcpClientWrapper(tcpClientWrapper);
-      FindCoordinatorRequest fcreq = new FindCoordinatorRequest(gmsJoinLeaveMemberId, new
HashSet<>(), -1, null, 0);
+      FindCoordinatorRequest fcreq = new FindCoordinatorRequest(gmsJoinLeaveMemberId, new
HashSet<>(), -1, null, 0, "");
       int connectTimeout = (int)services.getConfig().getMemberTimeout() * 2;
       when(tcpClientWrapper.sendCoordinatorFindRequest(new InetSocketAddress("localhost",
12345), fcreq, connectTimeout)).thenReturn(fcr);
       callAsnyc(()->{gmsJoinLeave.installView(view);});
@@ -1104,7 +1104,7 @@ public class GMSJoinLeaveJUnitTest {
       
       TcpClientWrapper tcpClientWrapper = mock(TcpClientWrapper.class);
       gmsJoinLeave.setTcpClientWrapper(tcpClientWrapper);
-      FindCoordinatorRequest fcreq = new FindCoordinatorRequest(gmsJoinLeaveMemberId, new
HashSet<>(), -1, null, 0);
+      FindCoordinatorRequest fcreq = new FindCoordinatorRequest(gmsJoinLeaveMemberId, new
HashSet<>(), -1, null, 0, "");
       int connectTimeout = (int)services.getConfig().getMemberTimeout() * 2;
       //passing wrong port here, so ot will fail
       when(tcpClientWrapper.sendCoordinatorFindRequest(new InetSocketAddress("localhost",
12346), fcreq, connectTimeout)).thenReturn(fcr);

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/453a7095/geode-core/src/test/java/com/gemstone/gemfire/distributed/internal/membership/gms/messenger/JGroupsMessengerJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/distributed/internal/membership/gms/messenger/JGroupsMessengerJUnitTest.java
b/geode-core/src/test/java/com/gemstone/gemfire/distributed/internal/membership/gms/messenger/JGroupsMessengerJUnitTest.java
index 5c672e3..4608f1d 100755
--- a/geode-core/src/test/java/com/gemstone/gemfire/distributed/internal/membership/gms/messenger/JGroupsMessengerJUnitTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/distributed/internal/membership/gms/messenger/JGroupsMessengerJUnitTest.java
@@ -49,6 +49,7 @@ import org.junit.experimental.categories.Category;
 
 import com.gemstone.gemfire.ForcedDisconnectException;
 import com.gemstone.gemfire.GemFireIOException;
+import com.gemstone.gemfire.distributed.DistributedSystemConfigProperties;
 import com.gemstone.gemfire.distributed.DistributedSystemDisconnectedException;
 import com.gemstone.gemfire.distributed.internal.DM;
 import com.gemstone.gemfire.distributed.internal.DistributionConfig;
@@ -920,7 +921,7 @@ public class JGroupsMessengerJUnitTest {
     InternalDistributedMember otherMbr = new InternalDistributedMember("localhost", 8888);
     
     Properties p = new Properties();    
-    p.put(DistributionConfig.SECURITY_CLIENT_DHALGO_NAME, "AES:128");
+    p.put(DistributedSystemConfigProperties.SECURITY_UDP_DHALGO, "AES:128");
     initMocks(false, p);
     
     NetView v = createView(otherMbr);
@@ -930,7 +931,7 @@ public class JGroupsMessengerJUnitTest {
     messenger.setPublicKey(otherMbrEncrptor.getPublicKeyBytes(), otherMbr);
     messenger.initClusterKey();
     
-    FindCoordinatorRequest gfmsg = new FindCoordinatorRequest(messenger.getMemberID(), new
ArrayList<InternalDistributedMember>(2), 1, messenger.getPublickey(messenger.getMemberID()),
1);
+    FindCoordinatorRequest gfmsg = new FindCoordinatorRequest(messenger.getMemberID(), new
ArrayList<InternalDistributedMember>(2), 1, messenger.getPublickey(messenger.getMemberID()),
1, "");
     Set<InternalDistributedMember> recipients = new HashSet<>();
     recipients.add(otherMbr);
     gfmsg.setRecipients(recipients);
@@ -955,7 +956,7 @@ public class JGroupsMessengerJUnitTest {
     InternalDistributedMember otherMbr = new InternalDistributedMember("localhost", 8888);
     
     Properties p = new Properties();    
-    p.put(DistributionConfig.SECURITY_CLIENT_DHALGO_NAME, "AES:128");
+    p.put(DistributedSystemConfigProperties.SECURITY_UDP_DHALGO, "AES:128");
     initMocks(false, p);
     
     NetView v = createView(otherMbr);
@@ -993,7 +994,7 @@ public class JGroupsMessengerJUnitTest {
     InternalDistributedMember otherMbr = new InternalDistributedMember("localhost", 8888);
     
     Properties p = new Properties();    
-    p.put(DistributionConfig.SECURITY_CLIENT_DHALGO_NAME, "AES:128");
+    p.put(DistributedSystemConfigProperties.SECURITY_UDP_DHALGO, "AES:128");
     initMocks(false, p);
     
     NetView v = createView(otherMbr);
@@ -1025,7 +1026,7 @@ public class JGroupsMessengerJUnitTest {
     InternalDistributedMember otherMbr = new InternalDistributedMember("localhost", 8888);
     
     Properties p = new Properties();    
-    p.put(DistributionConfig.SECURITY_CLIENT_DHALGO_NAME, "AES:128");
+    p.put(DistributedSystemConfigProperties.SECURITY_UDP_DHALGO, "AES:128");
     initMocks(false, p);
     
     NetView v = createView(otherMbr);



Mime
View raw message