Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id 8A9A1200BF4 for ; Thu, 22 Dec 2016 20:31:54 +0100 (CET) Received: by cust-asf.ponee.io (Postfix) id 89522160B26; Thu, 22 Dec 2016 19:31:54 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id C4185160B27 for ; Thu, 22 Dec 2016 20:31:52 +0100 (CET) Received: (qmail 7020 invoked by uid 500); 22 Dec 2016 19:31:32 -0000 Mailing-List: contact common-commits-help@hadoop.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Delivered-To: mailing list common-commits@hadoop.apache.org Received: (qmail 851 invoked by uid 99); 22 Dec 2016 19:31:28 -0000 Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 22 Dec 2016 19:31:28 +0000 Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33) id E1B33DFBAD; Thu, 22 Dec 2016 19:31:27 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: jianhe@apache.org To: common-commits@hadoop.apache.org Date: Thu, 22 Dec 2016 19:32:00 -0000 Message-Id: In-Reply-To: <00a1781260504645b47d449124968b62@git.apache.org> References: <00a1781260504645b47d449124968b62@git.apache.org> X-Mailer: ASF-Git Admin Mailer Subject: [34/51] [abbrv] hadoop git commit: YARN-5975. Remove the agent - slider AM ssl related code. Contributed by Jian He archived-at: Thu, 22 Dec 2016 19:31:54 -0000 http://git-wip-us.apache.org/repos/asf/hadoop/blob/cef1ce44/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/SecurityUtils.java ---------------------------------------------------------------------- diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/SecurityUtils.java b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/SecurityUtils.java deleted file mode 100644 index e82ad84..0000000 --- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/SecurityUtils.java +++ /dev/null @@ -1,256 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.slider.server.services.security; - -import org.apache.commons.io.FileUtils; -import org.apache.commons.lang.RandomStringUtils; -import org.apache.hadoop.fs.Path; -import org.apache.hadoop.fs.RawLocalFileSystem; -import org.apache.hadoop.fs.permission.FsAction; -import org.apache.hadoop.fs.permission.FsPermission; -import org.apache.slider.common.SliderKeys; -import org.apache.slider.common.SliderXmlConfKeys; -import org.apache.slider.core.conf.MapOperations; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import java.io.File; -import java.io.IOException; -//import java.nio.file.Files; -//import java.nio.file.Path; -//import java.nio.file.Paths; -//import java.nio.file.attribute.PosixFilePermission; -//import java.nio.file.attribute.PosixFilePermissions; - - -/** - * - */ -public class SecurityUtils { - private static final Logger LOG = - LoggerFactory.getLogger(SecurityUtils.class); - - private static String CA_CONFIG_CONTENTS = "HOME = .\n" - + "RANDFILE = $ENV::HOME/.rnd\n\n" - + "[ ca ]\n" - + "default_ca = CA_CLIENT\n" - + "[ CA_CLIENT ]\n" - + "dir = ${SEC_DIR}/db\n" - + "certs = $dir/certs\n" - + "new_certs_dir = $dir/newcerts\n" - + "\n" - + "database = $dir/index.txt\n" - + "serial = $dir/serial\n" - + "default_days = 365 \n" - + "\n" - + "default_crl_days = 7 \n" - + "default_md = sha256 \n" - + "\n" - + "policy = policy_anything \n" - + "\n" - + "[ policy_anything ]\n" - + "countryName = optional\n" - + "stateOrProvinceName = optional\n" - + "localityName = optional\n" - + "organizationName = optional\n" - + "organizationalUnitName = optional\n" - + "commonName = optional\n" - + "emailAddress = optional\n" - + "\n" - + "[req]\n" - + "distinguished_name = req_distinguished_name\n" - + "\n" - + "[ req_distinguished_name ]\n" - + "\n" - + "[ jdk7_ca ]\n" - + "subjectKeyIdentifier = hash\n" - + "authorityKeyIdentifier = keyid:always,issuer:always\n" - + "basicConstraints = CA:true\n"; - - private static final String PASS_TOKEN = "pass:"; - private static String keystorePass; - private static String securityDir; - - public static void logOpenSslExitCode(String command, int exitCode) { - if (exitCode == 0) { - LOG.info(getOpenSslCommandResult(command, exitCode)); - } else { - LOG.warn(getOpenSslCommandResult(command, exitCode)); - } - - } - - public static String hideOpenSslPassword(String command){ - int start = command.indexOf(PASS_TOKEN); - while (start >= 0) { - start += PASS_TOKEN.length(); - CharSequence cs = command.subSequence(start, command.indexOf(" ", start)); - command = command.replace(cs, "****"); - start = command.indexOf(PASS_TOKEN, start + 1); - } - return command; - } - - public static String getOpenSslCommandResult(String command, int exitCode) { - return new StringBuilder().append("Command ") - .append(hideOpenSslPassword(command)) - .append(" was finished with exit code: ") - .append(exitCode).append(" - ") - .append(getOpenSslExitCodeDescription(exitCode)).toString(); - } - - private static String getOpenSslExitCodeDescription(int exitCode) { - switch (exitCode) { - case 0: { - return "the operation was completed successfully."; - } - case 1: { - return "an error occurred parsing the command options."; - } - case 2: { - return "one of the input files could not be read."; - } - case 3: { - return "an error occurred creating the PKCS#7 file or when reading the MIME message."; - } - case 4: { - return "an error occurred decrypting or verifying the message."; - } - case 5: { - return "the message was verified correctly but an error occurred writing out the signers certificates."; - } - default: - return "unsupported code"; - } - } - - public static void writeCaConfigFile(String path) throws IOException { - String contents = CA_CONFIG_CONTENTS.replace("${SEC_DIR}", path); - FileUtils.writeStringToFile(new File(path, "ca.config"), contents); - } - - public static String getKeystorePass() { - return keystorePass; - } - - public static String getSecurityDir() { - return securityDir; - } - - public static void initializeSecurityParameters(MapOperations configMap) { - initializeSecurityParameters(configMap, false); - } - - public static void initializeSecurityParameters(MapOperations configMap, - boolean persistPassword) { - String keyStoreLocation = configMap.getOption( - SliderXmlConfKeys.KEY_KEYSTORE_LOCATION, getDefaultKeystoreLocation()); - if (keyStoreLocation == null) { - LOG.error(SliderXmlConfKeys.KEY_KEYSTORE_LOCATION - + " is not specified. Unable to initialize security params."); - return; - } - File secDirFile = new File(keyStoreLocation).getParentFile(); - if (!secDirFile.exists()) { - // create entire required directory structure - File dbDir = new File(secDirFile, "db"); - File newCertsDir = new File(dbDir, "newcerts"); - newCertsDir.mkdirs(); - RawLocalFileSystem fileSystem = null; - try { - fileSystem = new RawLocalFileSystem(); - FsPermission permissions = new FsPermission(FsAction.ALL, FsAction.NONE, - FsAction.NONE); - fileSystem.setPermission(new Path(dbDir.getAbsolutePath()), - permissions); - fileSystem.setPermission(new Path(dbDir.getAbsolutePath()), permissions); - fileSystem.setPermission(new Path(newCertsDir.getAbsolutePath()), - permissions); - File indexFile = new File(dbDir, "index.txt"); - indexFile.createNewFile(); - SecurityUtils.writeCaConfigFile(secDirFile.getAbsolutePath().replace('\\', '/')); - - } catch (IOException e) { - LOG.error("Unable to create SSL configuration directories/files", e); - } finally { - if (fileSystem != null) { - try { - fileSystem.close(); - } catch (IOException e) { - LOG.warn("Unable to close fileSystem", e); - } - } - } - // need to create the password - } - keystorePass = getKeystorePassword(secDirFile, persistPassword); - securityDir = secDirFile.getAbsolutePath(); - } - - private static String getKeystorePassword(File secDirFile, - boolean persistPassword) { - File passFile = new File(secDirFile, SliderKeys.CRT_PASS_FILE_NAME); - String password = null; - if (!passFile.exists()) { - LOG.info("Generating keystore password"); - password = RandomStringUtils.randomAlphanumeric( - Integer.valueOf(SliderKeys.PASS_LEN)); - if (persistPassword) { - try { - FileUtils.writeStringToFile(passFile, password); - passFile.setWritable(true); - passFile.setReadable(true); - } catch (IOException e) { - e.printStackTrace(); - throw new RuntimeException( - "Error creating certificate password file"); - } - } - } else { - LOG.info("Reading password from existing file"); - try { - password = FileUtils.readFileToString(passFile); - password = password.replaceAll("\\p{Cntrl}", ""); - } catch (IOException e) { - e.printStackTrace(); - } - } - - return password; - } - - private static String getDefaultKeystoreLocation() { - File workDir = null; - try { - workDir = new File(FileUtils.getTempDirectory().getAbsolutePath() - + "/sec" + System.currentTimeMillis()); - if (!workDir.mkdirs()) { - throw new IOException("Unable to create temporary security directory"); - } - } catch (IOException e) { - LOG.warn("Unable to create security directory"); - return null; - } - - return new StringBuilder().append(workDir.getAbsolutePath()) - .append(File.separator) - .append(SliderKeys.SECURITY_DIR) - .append(File.separator) - .append(SliderKeys.KEYSTORE_FILE_NAME).toString(); - } - -} http://git-wip-us.apache.org/repos/asf/hadoop/blob/cef1ce44/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/SignCertResponse.java ---------------------------------------------------------------------- diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/SignCertResponse.java b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/SignCertResponse.java deleted file mode 100644 index 8437d88..0000000 --- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/SignCertResponse.java +++ /dev/null @@ -1,67 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.slider.server.services.security; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlRootElement; -import javax.xml.bind.annotation.XmlType; - -/** - * - * Sign certificate response data model. - * - */ -@XmlRootElement -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "", propOrder = {}) -public class SignCertResponse { - - public static final String ERROR_STATUS = "ERROR"; - public static final String OK_STATUS = "OK"; - - @XmlElement - private String result; - @XmlElement - private String signedCa; - @XmlElement - private String message; - - public String getResult() { - return result; - } - public void setResult(String result) { - this.result = result; - } - public String getSignedCa() { - return signedCa; - } - public void setSignedCa(String signedCa) { - this.signedCa = signedCa; - } - - public String getMessage() { - return message; - } - public void setMessage(String message) { - this.message = message; - } -} - http://git-wip-us.apache.org/repos/asf/hadoop/blob/cef1ce44/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/SignMessage.java ---------------------------------------------------------------------- diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/SignMessage.java b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/SignMessage.java deleted file mode 100644 index 4bccb87..0000000 --- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/SignMessage.java +++ /dev/null @@ -1,54 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.slider.server.services.security; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlRootElement; -import javax.xml.bind.annotation.XmlType; - -/** - * - * Sign certificate request data model. - * - */ -@XmlRootElement -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "", propOrder = {}) -public class SignMessage { - - @XmlElement - private String csr; - @XmlElement - private String passphrase; - public String getCsr() { - return csr; - } - public void setCsr(String csr) { - this.csr = csr; - } - public String getPassphrase() { - return passphrase; - } - public void setPassphrase(String passphrase) { - this.passphrase = passphrase; - } -} - http://git-wip-us.apache.org/repos/asf/hadoop/blob/cef1ce44/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/StoresGenerator.java ---------------------------------------------------------------------- diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/StoresGenerator.java b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/StoresGenerator.java deleted file mode 100644 index 226250f..0000000 --- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/StoresGenerator.java +++ /dev/null @@ -1,68 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.slider.server.services.security; - -import org.apache.slider.core.conf.AggregateConf; -import org.apache.slider.core.conf.MapOperations; -import org.apache.slider.core.exceptions.SliderException; - -import java.io.File; -import java.io.IOException; -import java.util.ArrayList; -import java.util.List; - -/** - * - */ -public class StoresGenerator { - - static CertificateManager certMgr = new CertificateManager(); - private static SecurityStoreGenerator[] GENERATORS = { - new KeystoreGenerator(certMgr), new TruststoreGenerator(certMgr) - }; - - public static SecurityStore[] generateSecurityStores(String hostname, - String containerId, - String role, - AggregateConf instanceDefinition, - MapOperations compOps) - throws SliderException, IOException { - //discover which stores need generation based on the passwords configured - List files = new ArrayList(); - for (SecurityStoreGenerator generator : GENERATORS) { - if (generator.isStoreRequested(compOps)) { - SecurityStore store = generator.generate(hostname, - containerId, - instanceDefinition, - compOps, - role); - if (store != null) { - files.add(store); - } - } - } - - if (files.isEmpty()) { - throw new SliderException("Security stores were requested but none were " - + "generated. Check the AM logs and ensure " - + "passwords are configured for the components " - + "requiring the stores."); - } - return files.toArray(new SecurityStore[files.size()]); - } - -} http://git-wip-us.apache.org/repos/asf/hadoop/blob/cef1ce44/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/TruststoreGenerator.java ---------------------------------------------------------------------- diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/TruststoreGenerator.java b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/TruststoreGenerator.java deleted file mode 100644 index d16dcbd..0000000 --- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/TruststoreGenerator.java +++ /dev/null @@ -1,62 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.slider.server.services.security; - -import org.apache.slider.common.SliderKeys; -import org.apache.slider.core.conf.AggregateConf; -import org.apache.slider.core.conf.MapOperations; -import org.apache.slider.core.exceptions.SliderException; - -import java.io.IOException; - -/** - * - */ -public class TruststoreGenerator extends AbstractSecurityStoreGenerator { - - - public TruststoreGenerator(CertificateManager certificateMgr) { - super(certificateMgr); - } - - @Override - public SecurityStore generate(String hostname, String containerId, - AggregateConf instanceDefinition, - MapOperations compOps, String role) - throws SliderException, IOException { - SecurityStore truststore = null; - String password = getStorePassword( - instanceDefinition.getAppConf().credentials, compOps, role); - if (password != null) { - truststore = certificateMgr.generateContainerTruststore(containerId, - role, password); - } - return truststore; - } - - @Override - String getPassword(MapOperations compOps) { - return compOps.get( - compOps.get(SliderKeys.COMP_TRUSTSTORE_PASSWORD_PROPERTY_KEY)); - } - - @Override - String getAlias(MapOperations compOps) { - return compOps.getOption(SliderKeys.COMP_TRUSTSTORE_PASSWORD_ALIAS_KEY, - SliderKeys.COMP_TRUSTSTORE_PASSWORD_ALIAS_DEFAULT); - } -} http://git-wip-us.apache.org/repos/asf/hadoop/blob/cef1ce44/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/proto/SliderClusterProtocol.proto ---------------------------------------------------------------------- diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/proto/SliderClusterProtocol.proto b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/proto/SliderClusterProtocol.proto index 4221b1d..d68da2b 100644 --- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/proto/SliderClusterProtocol.proto +++ b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/proto/SliderClusterProtocol.proto @@ -175,10 +175,4 @@ service SliderClusterProtocolPB { // ConfTree getLiveResources rpc getLiveResources(EmptyPayloadProto) returns(WrappedJsonProto); - - rpc getClientCertificateStore(GetCertificateStoreRequestProto) - returns(GetCertificateStoreResponseProto); - - - } http://git-wip-us.apache.org/repos/asf/hadoop/blob/cef1ce44/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/test/java/org/apache/slider/server/services/security/TestCertificateManager.java ---------------------------------------------------------------------- diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/test/java/org/apache/slider/server/services/security/TestCertificateManager.java b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/test/java/org/apache/slider/server/services/security/TestCertificateManager.java deleted file mode 100644 index 7a4a586..0000000 --- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/test/java/org/apache/slider/server/services/security/TestCertificateManager.java +++ /dev/null @@ -1,540 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.slider.server.services.security; - -import org.apache.hadoop.conf.Configuration; -import org.apache.hadoop.fs.Path; -import org.apache.hadoop.security.alias.CredentialProvider; -import org.apache.hadoop.security.alias.CredentialProviderFactory; -import org.apache.hadoop.security.alias.JavaKeyStoreProvider; -import org.apache.slider.Slider; -import org.apache.slider.common.SliderKeys; -import org.apache.slider.common.SliderXmlConfKeys; -import org.apache.slider.core.conf.AggregateConf; -import org.apache.slider.core.conf.MapOperations; -import org.apache.slider.core.exceptions.SliderException; -import org.junit.Assert; -import org.junit.Before; -import org.junit.Rule; -import org.junit.Test; -import org.junit.rules.TemporaryFolder; - -import javax.net.ssl.TrustManager; -import javax.net.ssl.TrustManagerFactory; -import javax.net.ssl.X509TrustManager; -import java.io.File; -import java.io.FileInputStream; -import java.io.IOException; -import java.io.InputStream; -import java.net.InetAddress; -import java.security.KeyStore; -import java.security.KeyStoreException; -import java.security.NoSuchAlgorithmException; -import java.security.Principal; -import java.security.cert.Certificate; -import java.security.cert.CertificateException; -import java.security.cert.X509Certificate; -import java.util.ArrayList; -import java.util.Arrays; - -import static org.junit.Assert.assertEquals; - -/** - * - */ -public class TestCertificateManager { - @Rule - public TemporaryFolder workDir = new TemporaryFolder(); - private File secDir; - private CertificateManager certMan; - - @Before - public void setup() throws Exception { - certMan = new CertificateManager(); - MapOperations compOperations = new MapOperations(); - secDir = new File(workDir.getRoot(), SliderKeys.SECURITY_DIR); - File keystoreFile = new File(secDir, SliderKeys.KEYSTORE_FILE_NAME); - compOperations.put(SliderXmlConfKeys.KEY_KEYSTORE_LOCATION, - keystoreFile.getAbsolutePath()); - certMan.initialize(compOperations, "cahost", null, null); - } - - @Test - public void testServerCertificateGenerated() throws Exception { - File serverCrt = new File(secDir, SliderKeys.CRT_FILE_NAME); - Assert.assertTrue("Server CRD does not exist:" + serverCrt, - serverCrt.exists()); - } - - @Test - public void testAMKeystoreGenerated() throws Exception { - File keystoreFile = new File(secDir, SliderKeys.KEYSTORE_FILE_NAME); - Assert.assertTrue("Keystore does not exist: " + keystoreFile, - keystoreFile.exists()); - InputStream is = null; - try { - - is = new FileInputStream(keystoreFile); - KeyStore keystore = KeyStore.getInstance("pkcs12"); - String password = SecurityUtils.getKeystorePass(); - keystore.load(is, password.toCharArray()); - - Certificate certificate = keystore.getCertificate( - keystore.aliases().nextElement()); - Assert.assertNotNull(certificate); - - if (certificate instanceof X509Certificate) { - X509Certificate x509cert = (X509Certificate) certificate; - - // Get subject - Principal principal = x509cert.getSubjectDN(); - String subjectDn = principal.getName(); - Assert.assertEquals("wrong DN", - "CN=cahost", - subjectDn); - - // Get issuer - principal = x509cert.getIssuerDN(); - String issuerDn = principal.getName(); - Assert.assertEquals("wrong Issuer DN", - "CN=cahost", - issuerDn); - } - } finally { - if(null != is) { - is.close(); - } - } - } - - @Test - public void testContainerCertificateGeneration() throws Exception { - certMan.generateContainerCertificate("testhost", "container1"); - Assert.assertTrue("container certificate not generated", - new File(secDir, "container1.crt").exists()); - } - - @Test - public void testContainerKeystoreGeneration() throws Exception { - SecurityStore keystoreFile = certMan.generateContainerKeystore("testhost", - "container1", - "component1", - "password"); - validateKeystore(keystoreFile.getFile(), "testhost", "cahost"); - } - - private void validateKeystore(File keystoreFile, String certHostname, - String issuerHostname) - throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException { - Assert.assertTrue("container keystore not generated", - keystoreFile.exists()); - - InputStream is = null; - try { - - is = new FileInputStream(keystoreFile); - KeyStore keystore = KeyStore.getInstance("pkcs12"); - String password = "password"; - keystore.load(is, password.toCharArray()); - - Certificate certificate = keystore.getCertificate( - keystore.aliases().nextElement()); - Assert.assertNotNull(certificate); - - if (certificate instanceof X509Certificate) { - X509Certificate x509cert = (X509Certificate) certificate; - - // Get subject - Principal principal = x509cert.getSubjectDN(); - String subjectDn = principal.getName(); - Assert.assertEquals("wrong DN", "CN=" + certHostname + ", OU=container1", - subjectDn); - - // Get issuer - principal = x509cert.getIssuerDN(); - String issuerDn = principal.getName(); - Assert.assertEquals("wrong Issuer DN", - "CN=" + issuerHostname, - issuerDn); - } - } finally { - if(null != is) { - is.close(); - } - } - } - - @Test - public void testContainerKeystoreGenerationViaStoresGenerator() throws Exception { - AggregateConf instanceDefinition = new AggregateConf(); - MapOperations compOps = new MapOperations(); - instanceDefinition.getAppConf().components.put("component1", compOps); - compOps.put(SliderKeys.COMP_KEYSTORE_PASSWORD_PROPERTY_KEY, - "app1.component1.password.property"); - compOps.put(SliderKeys.COMP_STORES_REQUIRED_KEY, "true"); - instanceDefinition.getAppConf().global.put( - "app1.component1.password.property", "password"); - instanceDefinition.resolve(); - SecurityStore[] - files = StoresGenerator.generateSecurityStores("testhost", - "container1", - "component1", - instanceDefinition, - compOps); - assertEquals("wrong number of stores", 1, files.length); - validateKeystore(files[0].getFile(), "testhost", "cahost"); - } - - @Test - public void testContainerKeystoreGenerationViaStoresGeneratorUsingGlobalProps() throws Exception { - AggregateConf instanceDefinition = new AggregateConf(); - MapOperations compOps = new MapOperations(); - instanceDefinition.getAppConf().components.put("component1", compOps); - compOps.put(SliderKeys.COMP_KEYSTORE_PASSWORD_PROPERTY_KEY, - "app1.component1.password.property"); - instanceDefinition.getAppConf().global.put(SliderKeys.COMP_STORES_REQUIRED_KEY, "true"); - compOps.put( - "app1.component1.password.property", "password"); - instanceDefinition.resolve(); - SecurityStore[] - files = StoresGenerator.generateSecurityStores("testhost", - "container1", - "component1", - instanceDefinition, - compOps); - assertEquals("wrong number of stores", 1, files.length); - validateKeystore(files[0].getFile(), "testhost", "cahost"); - } - - @Test - public void testContainerKeystoreGenerationViaStoresGeneratorOverrideGlobalSetting() throws Exception { - AggregateConf instanceDefinition = new AggregateConf(); - MapOperations compOps = setupComponentOptions(true, null, - "app1.component1.password.property", - null, null); - instanceDefinition.getAppConf().components.put("component1", compOps); - instanceDefinition.getAppConf().global.put( - "app1.component1.password.property", "password"); - instanceDefinition.getAppConf().global.put(SliderKeys.COMP_STORES_REQUIRED_KEY, "false"); - instanceDefinition.resolve(); - SecurityStore[] - files = StoresGenerator.generateSecurityStores("testhost", - "container1", - "component1", - instanceDefinition, - compOps); - assertEquals("wrong number of stores", 1, files.length); - validateKeystore(files[0].getFile(), "testhost", "cahost"); - } - - @Test - public void testContainerTrusttoreGeneration() throws Exception { - SecurityStore keystoreFile = - certMan.generateContainerKeystore("testhost", - "container1", - "component1", - "keypass"); - Assert.assertTrue("container keystore not generated", - keystoreFile.getFile().exists()); - SecurityStore truststoreFile = - certMan.generateContainerTruststore("container1", - "component1", "trustpass" - ); - Assert.assertTrue("container truststore not generated", - truststoreFile.getFile().exists()); - - validateTruststore(keystoreFile.getFile(), truststoreFile.getFile()); - } - - @Test - public void testContainerGenerationUsingStoresGeneratorNoTruststore() throws Exception { - AggregateConf instanceDefinition = new AggregateConf(); - MapOperations compOps = new MapOperations(); - compOps.put(SliderKeys.COMP_STORES_REQUIRED_KEY, "true"); - compOps.put(SliderKeys.COMP_KEYSTORE_PASSWORD_ALIAS_KEY, - "test.keystore.password"); - - setupCredentials(instanceDefinition, "test.keystore.password", null); - - SecurityStore[] - files = StoresGenerator.generateSecurityStores("testhost", - "container1", - "component1", - instanceDefinition, - compOps); - assertEquals("wrong number of stores", 1, files.length); - File keystoreFile = CertificateManager.getContainerKeystoreFilePath( - "container1", "component1"); - Assert.assertTrue("container keystore not generated", - keystoreFile.exists()); - - Assert.assertTrue("keystore not in returned list", - Arrays.asList(files).contains(new SecurityStore(keystoreFile, - SecurityStore.StoreType.keystore))); - File truststoreFile = - CertificateManager.getContainerTruststoreFilePath("component1", - "container1"); - Assert.assertFalse("container truststore generated", - truststoreFile.exists()); - Assert.assertFalse("truststore in returned list", - Arrays.asList(files).contains(new SecurityStore(truststoreFile, - SecurityStore.StoreType.truststore))); - - } - - @Test - public void testContainerGenerationUsingStoresGeneratorJustTruststoreWithDefaultAlias() throws Exception { - AggregateConf instanceDefinition = new AggregateConf(); - MapOperations compOps = setupComponentOptions(true); - - setupCredentials(instanceDefinition, null, - SliderKeys.COMP_TRUSTSTORE_PASSWORD_ALIAS_DEFAULT); - - SecurityStore[] - files = StoresGenerator.generateSecurityStores("testhost", - "container1", - "component1", - instanceDefinition, - compOps); - assertEquals("wrong number of stores", 1, files.length); - File keystoreFile = CertificateManager.getContainerKeystoreFilePath( - "container1", "component1"); - Assert.assertFalse("container keystore generated", - keystoreFile.exists()); - Assert.assertFalse("keystore in returned list", - Arrays.asList(files).contains(keystoreFile)); - File truststoreFile = - CertificateManager.getContainerTruststoreFilePath("component1", - "container1"); - Assert.assertTrue("container truststore not generated", - truststoreFile.exists()); - Assert.assertTrue("truststore not in returned list", - Arrays.asList(files).contains(new SecurityStore(truststoreFile, - SecurityStore.StoreType.truststore))); - - } - - @Test - public void testContainerTrusttoreGenerationUsingStoresGenerator() throws Exception { - AggregateConf instanceDefinition = new AggregateConf(); - MapOperations compOps = setupComponentOptions(true, - "test.keystore.password", - null, - "test.truststore.password", - null); - - setupCredentials(instanceDefinition, "test.keystore.password", - "test.truststore.password"); - - SecurityStore[] - files = StoresGenerator.generateSecurityStores("testhost", - "container1", - "component1", - instanceDefinition, - compOps); - assertEquals("wrong number of stores", 2, files.length); - File keystoreFile = CertificateManager.getContainerKeystoreFilePath( - "container1", "component1"); - Assert.assertTrue("container keystore not generated", - keystoreFile.exists()); - Assert.assertTrue("keystore not in returned list", - Arrays.asList(files).contains(new SecurityStore(keystoreFile, - SecurityStore.StoreType.keystore))); - File truststoreFile = - CertificateManager.getContainerTruststoreFilePath("component1", - "container1"); - Assert.assertTrue("container truststore not generated", - truststoreFile.exists()); - Assert.assertTrue("truststore not in returned list", - Arrays.asList(files).contains(new SecurityStore(truststoreFile, - SecurityStore.StoreType.truststore))); - - validateTruststore(keystoreFile, truststoreFile); - } - - private void setupCredentials(AggregateConf instanceDefinition, - String keyAlias, String trustAlias) - throws Exception { - Configuration conf = new Configuration(); - final Path jksPath = new Path(SecurityUtils.getSecurityDir(), "test.jks"); - final String ourUrl = - JavaKeyStoreProvider.SCHEME_NAME + "://file" + jksPath.toUri(); - - File file = new File(SecurityUtils.getSecurityDir(), "test.jks"); - file.delete(); - conf.set(CredentialProviderFactory.CREDENTIAL_PROVIDER_PATH, ourUrl); - - instanceDefinition.getAppConf().credentials.put(ourUrl, new ArrayList()); - - CredentialProvider provider = - CredentialProviderFactory.getProviders(conf).get(0); - - // create new aliases - try { - - if (keyAlias != null) { - char[] storepass = {'k', 'e', 'y', 'p', 'a', 's', 's'}; - provider.createCredentialEntry( - keyAlias, storepass); - } - - if (trustAlias != null) { - char[] trustpass = {'t', 'r', 'u', 's', 't', 'p', 'a', 's', 's'}; - provider.createCredentialEntry( - trustAlias, trustpass); - } - - // write out so that it can be found in checks - provider.flush(); - } catch (Exception e) { - e.printStackTrace(); - throw e; - } - } - - private MapOperations setupComponentOptions(boolean storesRequired) { - return this.setupComponentOptions(storesRequired, null, null, null, null); - } - - private MapOperations setupComponentOptions(boolean storesRequired, - String keyAlias, - String keyPwd, - String trustAlias, - String trustPwd) { - MapOperations compOps = new MapOperations(); - compOps.put(SliderKeys.COMP_STORES_REQUIRED_KEY, - Boolean.toString(storesRequired)); - if (keyAlias != null) { - compOps.put(SliderKeys.COMP_KEYSTORE_PASSWORD_ALIAS_KEY, - "test.keystore.password"); - } - if (trustAlias != null) { - compOps.put(SliderKeys.COMP_TRUSTSTORE_PASSWORD_ALIAS_KEY, - "test.truststore.password"); - } - if (keyPwd != null) { - compOps.put(SliderKeys.COMP_KEYSTORE_PASSWORD_PROPERTY_KEY, - keyPwd); - } - if (trustPwd != null) { - compOps.put(SliderKeys.COMP_TRUSTSTORE_PASSWORD_PROPERTY_KEY, - trustPwd); - } - return compOps; - } - - @Test - public void testContainerStoresGenerationKeystoreOnly() throws Exception { - AggregateConf instanceDefinition = new AggregateConf(); - MapOperations compOps = new MapOperations(); - compOps.put(SliderKeys.COMP_STORES_REQUIRED_KEY, "true"); - - setupCredentials(instanceDefinition, - SliderKeys.COMP_KEYSTORE_PASSWORD_ALIAS_DEFAULT, null); - - SecurityStore[] - files = StoresGenerator.generateSecurityStores("testhost", - "container1", - "component1", - instanceDefinition, - compOps); - assertEquals("wrong number of stores", 1, files.length); - File keystoreFile = CertificateManager.getContainerKeystoreFilePath( - "container1", "component1"); - Assert.assertTrue("container keystore not generated", - keystoreFile.exists()); - Assert.assertTrue("keystore not in returned list", - Arrays.asList(files).contains(new SecurityStore(keystoreFile, - SecurityStore.StoreType.keystore))); - File truststoreFile = - CertificateManager.getContainerTruststoreFilePath("component1", - "container1"); - Assert.assertFalse("container truststore generated", - truststoreFile.exists()); - Assert.assertFalse("truststore in returned list", - Arrays.asList(files).contains(new SecurityStore(truststoreFile, - SecurityStore.StoreType.truststore))); - - } - - @Test - public void testContainerStoresGenerationMisconfiguration() throws Exception { - AggregateConf instanceDefinition = new AggregateConf(); - MapOperations compOps = new MapOperations(); - compOps.put(SliderKeys.COMP_STORES_REQUIRED_KEY, "true"); - - setupCredentials(instanceDefinition, "cant.be.found", null); - - try { - StoresGenerator.generateSecurityStores("testhost", "container1", - "component1", instanceDefinition, - compOps); - Assert.fail("SliderException should have been generated"); - } catch (SliderException e) { - // ignore - should be thrown - } - } - - private void validateTruststore(File keystoreFile, File truststoreFile) - throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException { - InputStream keyis = null; - InputStream trustis = null; - try { - - // create keystore - keyis = new FileInputStream(keystoreFile); - KeyStore keystore = KeyStore.getInstance("pkcs12"); - String password = "keypass"; - keystore.load(keyis, password.toCharArray()); - - // obtain server cert - Certificate certificate = keystore.getCertificate( - keystore.aliases().nextElement()); - Assert.assertNotNull(certificate); - - // create trust store from generated trust store file - trustis = new FileInputStream(truststoreFile); - KeyStore truststore = KeyStore.getInstance("pkcs12"); - password = "trustpass"; - truststore.load(trustis, password.toCharArray()); - - // validate keystore cert using trust store - TrustManagerFactory - trustManagerFactory = - TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); - trustManagerFactory.init(truststore); - - for (TrustManager trustManager: trustManagerFactory.getTrustManagers()) { - if (trustManager instanceof X509TrustManager) { - X509TrustManager x509TrustManager = (X509TrustManager)trustManager; - x509TrustManager.checkServerTrusted( - new X509Certificate[] {(X509Certificate) certificate}, - "RSA_EXPORT"); - } - } - - } finally { - if(null != keyis) { - keyis.close(); - } - if(null != trustis) { - trustis.close(); - } - } - } - -} http://git-wip-us.apache.org/repos/asf/hadoop/blob/cef1ce44/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/test/java/org/apache/slider/server/services/security/TestMultiThreadedStoreGeneration.java ---------------------------------------------------------------------- diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/test/java/org/apache/slider/server/services/security/TestMultiThreadedStoreGeneration.java b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/test/java/org/apache/slider/server/services/security/TestMultiThreadedStoreGeneration.java deleted file mode 100644 index 2e2ffce..0000000 --- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/test/java/org/apache/slider/server/services/security/TestMultiThreadedStoreGeneration.java +++ /dev/null @@ -1,156 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.slider.server.services.security; - -import org.apache.hadoop.conf.Configuration; -import org.apache.hadoop.fs.Path; -import org.apache.hadoop.security.alias.CredentialProvider; -import org.apache.hadoop.security.alias.CredentialProviderFactory; -import org.apache.hadoop.security.alias.JavaKeyStoreProvider; -import org.apache.slider.common.SliderKeys; -import org.apache.slider.common.SliderXmlConfKeys; -import org.apache.slider.core.conf.AggregateConf; -import org.apache.slider.core.conf.MapOperations; -import org.apache.slider.core.exceptions.SliderException; -import org.junit.Rule; -import org.junit.Test; -import org.junit.rules.TemporaryFolder; - -import java.io.File; -import java.io.IOException; -import java.util.ArrayList; -import java.util.Arrays; -import java.util.List; -import java.util.concurrent.CountDownLatch; - -import static org.junit.Assert.assertTrue; - -/** - * - */ -public class TestMultiThreadedStoreGeneration { - - public static final int NUM_THREADS = 30; - @Rule - public TemporaryFolder workDir = new TemporaryFolder();; - - private void setupCredentials(AggregateConf instanceDefinition, - String keyAlias, String trustAlias) - throws Exception { - Configuration conf = new Configuration(); - final Path jksPath = new Path(SecurityUtils.getSecurityDir(), "test.jks"); - final String ourUrl = - JavaKeyStoreProvider.SCHEME_NAME + "://file" + jksPath.toUri(); - - File file = new File(SecurityUtils.getSecurityDir(), "test.jks"); - file.delete(); - conf.set(CredentialProviderFactory.CREDENTIAL_PROVIDER_PATH, ourUrl); - - instanceDefinition.getAppConf().credentials.put(ourUrl, new ArrayList()); - - CredentialProvider provider = - CredentialProviderFactory.getProviders(conf).get(0); - - // create new aliases - try { - - if (keyAlias != null) { - char[] storepass = {'k', 'e', 'y', 'p', 'a', 's', 's'}; - provider.createCredentialEntry( - keyAlias, storepass); - } - - if (trustAlias != null) { - char[] trustpass = {'t', 'r', 'u', 's', 't', 'p', 'a', 's', 's'}; - provider.createCredentialEntry( - trustAlias, trustpass); - } - - // write out so that it can be found in checks - provider.flush(); - } catch (Exception e) { - e.printStackTrace(); - throw e; - } - } - - - @Test - public void testMultiThreadedStoreGeneration() throws Exception { - - CertificateManager certMan = new CertificateManager(); - MapOperations compOperations = new MapOperations(); - File secDir = new File(workDir.getRoot(), SliderKeys.SECURITY_DIR); - File keystoreFile = new File(secDir, SliderKeys.KEYSTORE_FILE_NAME); - compOperations.put(SliderXmlConfKeys.KEY_KEYSTORE_LOCATION, - keystoreFile.getAbsolutePath()); - certMan.initialize(compOperations, "cahost", null, null); - - final CountDownLatch latch = new CountDownLatch(1); - final List stores = new ArrayList<>(); - List threads = new ArrayList<>(); - final AggregateConf instanceDefinition = new AggregateConf(); - - setupCredentials(instanceDefinition, - SliderKeys.COMP_KEYSTORE_PASSWORD_ALIAS_DEFAULT, null); - final MapOperations compOps = new MapOperations(); - compOps.put(SliderKeys.COMP_STORES_REQUIRED_KEY, "true"); - - for (int i=0; i In run"); - try { - latch.await(); - SecurityStore[] stores1 = StoresGenerator.generateSecurityStores( - "testhost", - "container" + finalI, - "component" + finalI, - instanceDefinition, - compOps); - System.out.println ("----> stores1" + stores1); - List - securityStores = - Arrays.asList(stores1); - stores.addAll(securityStores); - } catch (InterruptedException e) { - e.printStackTrace(); - } catch (SliderException e) { - e.printStackTrace(); - } catch (IOException e) { - e.printStackTrace(); - } catch (Exception e) { - e.printStackTrace(); - } - } - }; - Thread thread = new Thread(runner, "TestThread" + i); - threads.add(thread); - thread.start(); - } - latch.countDown(); - for (Thread t : threads) { - t.join(); - } - - for (int i=0; i < NUM_THREADS; i++) { - assertTrue("keystore " + i + " not generated", stores.get(i).getFile().exists()); - } - } - -} --------------------------------------------------------------------- To unsubscribe, e-mail: common-commits-unsubscribe@hadoop.apache.org For additional commands, e-mail: common-commits-help@hadoop.apache.org