hadoop-common-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From w...@apache.org
Subject hadoop git commit: HADOOP-11311. Restrict uppercase key names from being created with JCEKS.
Date Mon, 17 Nov 2014 22:00:50 GMT
Repository: hadoop
Updated Branches:
  refs/heads/branch-2 7b2a88407 -> 1deefa6cf


HADOOP-11311. Restrict uppercase key names from being created with JCEKS.

(cherry picked from commit 48d62fad80aaa13ee1a26fca14437722ed46da25)


Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo
Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/1deefa6c
Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/1deefa6c
Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/1deefa6c

Branch: refs/heads/branch-2
Commit: 1deefa6cf1e1477139d93ea95421843ace52912e
Parents: 7b2a884
Author: Andrew Wang <wang@apache.org>
Authored: Mon Nov 17 13:59:46 2014 -0800
Committer: Andrew Wang <wang@apache.org>
Committed: Mon Nov 17 13:59:55 2014 -0800

----------------------------------------------------------------------
 hadoop-common-project/hadoop-common/CHANGES.txt          |  3 +++
 .../apache/hadoop/crypto/key/JavaKeyStoreProvider.java   |  3 +++
 .../apache/hadoop/crypto/key/TestKeyProviderFactory.java | 11 +++++++++++
 3 files changed, 17 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/hadoop/blob/1deefa6c/hadoop-common-project/hadoop-common/CHANGES.txt
----------------------------------------------------------------------
diff --git a/hadoop-common-project/hadoop-common/CHANGES.txt b/hadoop-common-project/hadoop-common/CHANGES.txt
index 1942b9f..875fd99 100644
--- a/hadoop-common-project/hadoop-common/CHANGES.txt
+++ b/hadoop-common-project/hadoop-common/CHANGES.txt
@@ -88,6 +88,9 @@ Release 2.7.0 - UNRELEASED
     HADOOP-11157. ZKDelegationTokenSecretManager never shuts down
     listenerThreadPool. (Arun Suresh via atm)
 
+    HADOOP-11311. Restrict uppercase key names from being created with JCEKS.
+    (wang)
+
 Release 2.6.0 - 2014-11-18
 
   INCOMPATIBLE CHANGES

http://git-wip-us.apache.org/repos/asf/hadoop/blob/1deefa6c/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/JavaKeyStoreProvider.java
----------------------------------------------------------------------
diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/JavaKeyStoreProvider.java
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/JavaKeyStoreProvider.java
index ac18e16..75981c4 100644
--- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/JavaKeyStoreProvider.java
+++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/JavaKeyStoreProvider.java
@@ -18,6 +18,7 @@
 
 package org.apache.hadoop.crypto.key;
 
+import com.google.common.base.Preconditions;
 import org.apache.commons.io.IOUtils;
 import org.apache.hadoop.classification.InterfaceAudience;
 import org.apache.hadoop.classification.InterfaceAudience.Private;
@@ -423,6 +424,8 @@ public class JavaKeyStoreProvider extends KeyProvider {
   @Override
   public KeyVersion createKey(String name, byte[] material,
                                Options options) throws IOException {
+    Preconditions.checkArgument(name.equals(name.toLowerCase()),
+        "Uppercase key names are unsupported: %s", name);
     writeLock.lock();
     try {
       try {

http://git-wip-us.apache.org/repos/asf/hadoop/blob/1deefa6c/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/crypto/key/TestKeyProviderFactory.java
----------------------------------------------------------------------
diff --git a/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/crypto/key/TestKeyProviderFactory.java
b/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/crypto/key/TestKeyProviderFactory.java
index ec1fc59..998cd6f 100644
--- a/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/crypto/key/TestKeyProviderFactory.java
+++ b/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/crypto/key/TestKeyProviderFactory.java
@@ -33,6 +33,7 @@ import org.apache.hadoop.io.Text;
 import org.apache.hadoop.security.Credentials;
 import org.apache.hadoop.security.ProviderUtils;
 import org.apache.hadoop.security.UserGroupInformation;
+import org.apache.hadoop.test.GenericTestUtils;
 import org.junit.Assert;
 import org.junit.Before;
 import org.junit.Test;
@@ -328,6 +329,16 @@ public class TestKeyProviderFactory {
     // check permission retention after explicit change
     fs.setPermission(path, new FsPermission("777"));
     checkPermissionRetention(conf, ourUrl, path);
+
+    // Check that an uppercase keyname results in an error
+    provider = KeyProviderFactory.getProviders(conf).get(0);
+    try {
+      provider.createKey("UPPERCASE", KeyProvider.options(conf));
+      Assert.fail("Expected failure on creating key name with uppercase " +
+          "characters");
+    } catch (IllegalArgumentException e) {
+      GenericTestUtils.assertExceptionContains("Uppercase key names", e);
+    }
   }
 
   private void verifyAfterReload(File file, KeyProvider provider)


Mime
View raw message