hadoop-common-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From a.@apache.org
Subject hadoop git commit: HADOOP-13077. Handle special characters in passwords in httpfs.sh (Xiao Chen via aw)
Date Thu, 05 May 2016 18:33:23 GMT
Repository: hadoop
Updated Branches:
  refs/heads/trunk d0da13229 -> 35cf50314


HADOOP-13077. Handle special characters in passwords in httpfs.sh (Xiao Chen via aw)


Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo
Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/35cf5031
Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/35cf5031
Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/35cf5031

Branch: refs/heads/trunk
Commit: 35cf503149d68d33ee4e20e3e57f9afa69aef7f5
Parents: d0da132
Author: Allen Wittenauer <aw@apache.org>
Authored: Thu May 5 11:32:41 2016 -0700
Committer: Allen Wittenauer <aw@apache.org>
Committed: Thu May 5 11:33:06 2016 -0700

----------------------------------------------------------------------
 .../src/main/bin/hadoop-functions.sh            | 23 ++++++++++++++
 .../src/test/scripts/hadoop_escape_chars.bats   | 32 ++++++++++++++++++++
 .../hadoop-kms/src/main/sbin/kms.sh             | 14 +++------
 .../hadoop-hdfs-httpfs/src/main/sbin/httpfs.sh  |  8 +++--
 4 files changed, 65 insertions(+), 12 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/hadoop/blob/35cf5031/hadoop-common-project/hadoop-common/src/main/bin/hadoop-functions.sh
----------------------------------------------------------------------
diff --git a/hadoop-common-project/hadoop-common/src/main/bin/hadoop-functions.sh b/hadoop-common-project/hadoop-common/src/main/bin/hadoop-functions.sh
index 48ad1e2..99c4738 100755
--- a/hadoop-common-project/hadoop-common/src/main/bin/hadoop-functions.sh
+++ b/hadoop-common-project/hadoop-common/src/main/bin/hadoop-functions.sh
@@ -2082,3 +2082,26 @@ function hadoop_parse_args
 
   hadoop_debug "hadoop_parse: asking caller to skip ${HADOOP_PARSE_COUNTER}"
 }
+
+## @description  XML-escapes the characters (&'"<>) in the given parameter.
+## @audience     private
+## @stability    evolving
+## @replaceable  yes
+## @param        string
+## @return       XML-escaped string
+function hadoop_xml_escape
+{
+  sed -e 's/&/\&amp;/g' -e 's/"/\\\&quot;/g' \
+    -e "s/'/\\\\\&apos;/g" -e 's/</\\\&lt;/g' -e 's/>/\\\&gt;/g' <<<
"$1"
+}
+
+## @description  sed-escapes the characters (\/&) in the given parameter.
+## @audience     private
+## @stability    evolving
+## @replaceable  yes
+## @param        string
+## @return       sed-escaped string
+function hadoop_sed_escape
+{
+  sed -e 's/[\/&]/\\&/g' <<< "$1"
+}
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/hadoop/blob/35cf5031/hadoop-common-project/hadoop-common/src/test/scripts/hadoop_escape_chars.bats
----------------------------------------------------------------------
diff --git a/hadoop-common-project/hadoop-common/src/test/scripts/hadoop_escape_chars.bats
b/hadoop-common-project/hadoop-common/src/test/scripts/hadoop_escape_chars.bats
new file mode 100755
index 0000000..9b031f2
--- /dev/null
+++ b/hadoop-common-project/hadoop-common/src/test/scripts/hadoop_escape_chars.bats
@@ -0,0 +1,32 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License.  You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+load hadoop-functions_test_helper
+
+@test "hadoop_escape_sed (positive 1)" {
+  ret="$(hadoop_sed_escape "\pass&&word\0#\$asdf/g  ><'\"~\`!@#$%^&*()_+-=")"
+  expected="\\\\pass\&\&word\\\0#\$asdf\/g  ><'\"~\`!@#$%^\&*()_+-="
+  echo "actual >${ret}<"
+  echo "expected >${expected}<"
+  [ "${ret}" = "${expected}" ]
+}
+
+@test "hadoop_escape_xml (positive 1)" {
+  ret="$(hadoop_xml_escape "\pass&&word\0#\$asdf/g  ><'\"~\`!@#$%^&*()_+-=")"
+  expected="\\pass&amp;&amp;word\0#\$asdf/g  \&gt;\&lt;\&apos;\&quot;~\`!@#\$%^&amp;*()_+-="
+  echo "actual >${ret}<"
+  echo "expected >${expected}<"
+  [ "${ret}" = "${expected}" ]
+}
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/hadoop/blob/35cf5031/hadoop-common-project/hadoop-kms/src/main/sbin/kms.sh
----------------------------------------------------------------------
diff --git a/hadoop-common-project/hadoop-kms/src/main/sbin/kms.sh b/hadoop-common-project/hadoop-kms/src/main/sbin/kms.sh
index 1de19f5..1d3c948 100755
--- a/hadoop-common-project/hadoop-kms/src/main/sbin/kms.sh
+++ b/hadoop-common-project/hadoop-kms/src/main/sbin/kms.sh
@@ -29,14 +29,6 @@ function hadoop_usage
   hadoop_generate_usage "${MYNAME}" false
 }
 
-function hadoop_escape() {
-      # Escape special chars for the later sed which saves the text as xml attribute
-      local ret
-      ret=$(sed 's/[\/&]/\\&/g' <<< "$1" | sed 's/&/\&amp;/g' |
sed 's/"/\\\&quot;/g' \
-          | sed "s/'/\\\\\&apos;/g" | sed 's/</\\\&lt;/g' | sed 's/>/\\\&gt;/g')
-      echo "$ret"
-}
-
 # let's locate libexec...
 if [[ -n "${HADOOP_HOME}" ]]; then
   HADOOP_DEFAULT_LIBEXEC_DIR="${HADOOP_HOME}/libexec"
@@ -104,8 +96,10 @@ fi
 if [[ -f "${HADOOP_CATALINA_HOME}/conf/ssl-server.xml.conf" ]]; then
   if [[ -n "${KMS_SSL_KEYSTORE_PASS+x}" ]] || [[ -n "${KMS_SSL_TRUSTSTORE_PASS}" ]]; then
       export KMS_SSL_KEYSTORE_PASS=${KMS_SSL_KEYSTORE_PASS:-password}
-      KMS_SSL_KEYSTORE_PASS_ESCAPED=$(hadoop_escape "$KMS_SSL_KEYSTORE_PASS")
-      KMS_SSL_TRUSTSTORE_PASS_ESCAPED=$(hadoop_escape "$KMS_SSL_TRUSTSTORE_PASS")
+      KMS_SSL_KEYSTORE_PASS_ESCAPED=$(hadoop_xml_escape \
+        "$(hadoop_sed_escape "$KMS_SSL_KEYSTORE_PASS")")
+      KMS_SSL_TRUSTSTORE_PASS_ESCAPED=$(hadoop_xml_escape \
+        "$(hadoop_sed_escape "$KMS_SSL_TRUSTSTORE_PASS")")
       sed -e 's/"_kms_ssl_keystore_pass_"/'"\"${KMS_SSL_KEYSTORE_PASS_ESCAPED}\""'/g' \
           -e 's/"_kms_ssl_truststore_pass_"/'"\"${KMS_SSL_TRUSTSTORE_PASS_ESCAPED}\""'/g'
\
         "${HADOOP_CATALINA_HOME}/conf/ssl-server.xml.conf" \

http://git-wip-us.apache.org/repos/asf/hadoop/blob/35cf5031/hadoop-hdfs-project/hadoop-hdfs-httpfs/src/main/sbin/httpfs.sh
----------------------------------------------------------------------
diff --git a/hadoop-hdfs-project/hadoop-hdfs-httpfs/src/main/sbin/httpfs.sh b/hadoop-hdfs-project/hadoop-hdfs-httpfs/src/main/sbin/httpfs.sh
index 3e7cdf8..a6c9f03 100755
--- a/hadoop-hdfs-project/hadoop-hdfs-httpfs/src/main/sbin/httpfs.sh
+++ b/hadoop-hdfs-project/hadoop-hdfs-httpfs/src/main/sbin/httpfs.sh
@@ -96,8 +96,12 @@ fi
 if [[ -f "${HADOOP_CATALINA_HOME}/conf/ssl-server.xml.conf" ]]; then
   if [[ -n "${HTTPFS_SSL_KEYSTORE_PASS+x}" ]] || [[ -n "${HTTPFS_SSL_TRUSTSTORE_PASS}" ]];
then
     export HTTPFS_SSL_KEYSTORE_PASS=${HTTPFS_SSL_KEYSTORE_PASS:-password}
-    sed -e 's/_httpfs_ssl_keystore_pass_/'${HTTPFS_SSL_KEYSTORE_PASS}'/g' \
-        -e 's/_httpfs_ssl_truststore_pass_/'${HTTPFS_SSL_TRUSTSTORE_PASS}'/g' \
+    HTTPFS_SSL_KEYSTORE_PASS_ESCAPED=$(hadoop_xml_escape \
+      "$(hadoop_sed_escape "$HTTPFS_SSL_KEYSTORE_PASS")")
+    HTTPFS_SSL_TRUSTSTORE_PASS_ESCAPED=$(hadoop_xml_escape \
+      "$(hadoop_sed_escape "$HTTPFS_SSL_TRUSTSTORE_PASS")")
+    sed -e 's/"_httpfs_ssl_keystore_pass_"/'"\"${HTTPFS_SSL_KEYSTORE_PASS_ESCAPED}\""'/g'
\
+        -e 's/"_httpfs_ssl_truststore_pass_"/'"\"${HTTPFS_SSL_TRUSTSTORE_PASS_ESCAPED}\""'/g'
\
       "${HADOOP_CATALINA_HOME}/conf/ssl-server.xml.conf" \
       > "${HADOOP_CATALINA_HOME}/conf/ssl-server.xml"
     chmod 700 "${HADOOP_CATALINA_HOME}/conf/ssl-server.xml" >/dev/null 2>&1


---------------------------------------------------------------------
To unsubscribe, e-mail: common-commits-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-commits-help@hadoop.apache.org


Mime
View raw message