hadoop-common-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jia...@apache.org
Subject [45/50] [abbrv] hadoop git commit: YARN-5975. Remove the agent - slider AM ssl related code. Contributed by Jian He
Date Fri, 10 Feb 2017 02:35:27 GMT
http://git-wip-us.apache.org/repos/asf/hadoop/blob/7a06f940/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/SecurityUtils.java
----------------------------------------------------------------------
diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/SecurityUtils.java b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/SecurityUtils.java
deleted file mode 100644
index e82ad84..0000000
--- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/SecurityUtils.java
+++ /dev/null
@@ -1,256 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.slider.server.services.security;
-
-import org.apache.commons.io.FileUtils;
-import org.apache.commons.lang.RandomStringUtils;
-import org.apache.hadoop.fs.Path;
-import org.apache.hadoop.fs.RawLocalFileSystem;
-import org.apache.hadoop.fs.permission.FsAction;
-import org.apache.hadoop.fs.permission.FsPermission;
-import org.apache.slider.common.SliderKeys;
-import org.apache.slider.common.SliderXmlConfKeys;
-import org.apache.slider.core.conf.MapOperations;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import java.io.File;
-import java.io.IOException;
-//import java.nio.file.Files;
-//import java.nio.file.Path;
-//import java.nio.file.Paths;
-//import java.nio.file.attribute.PosixFilePermission;
-//import java.nio.file.attribute.PosixFilePermissions;
-
-
-/**
- *
- */
-public class SecurityUtils {
-  private static final Logger LOG =
-      LoggerFactory.getLogger(SecurityUtils.class);
-
-  private static String CA_CONFIG_CONTENTS =  "HOME            = .\n"
-                                            + "RANDFILE        = $ENV::HOME/.rnd\n\n"
-                                            + "[ ca ]\n"
-                                            + "default_ca             = CA_CLIENT\n"
-                                            + "[ CA_CLIENT ]\n"
-                                            + "dir                    = ${SEC_DIR}/db\n"
-                                            + "certs                  = $dir/certs\n"
-                                            + "new_certs_dir          = $dir/newcerts\n"
-                                            + "\n"
-                                            + "database               = $dir/index.txt\n"
-                                            + "serial                 = $dir/serial\n"
-                                            + "default_days           = 365    \n"
-                                            + "\n"
-                                            + "default_crl_days       = 7  \n"
-                                            + "default_md             = sha256 \n"
-                                            + "\n"
-                                            + "policy                 = policy_anything \n"
-                                            + "\n"
-                                            + "[ policy_anything ]\n"
-                                            + "countryName            = optional\n"
-                                            + "stateOrProvinceName    = optional\n"
-                                            + "localityName           = optional\n"
-                                            + "organizationName       = optional\n"
-                                            + "organizationalUnitName = optional\n"
-                                            + "commonName             = optional\n"
-                                            + "emailAddress           = optional\n"
-                                            + "\n"
-                                            + "[req]\n"
-                                            + "distinguished_name     = req_distinguished_name\n"
-                                            + "\n"
-                                            + "[ req_distinguished_name ]\n"
-                                            + "\n"
-                                            + "[ jdk7_ca ]\n"
-                                            + "subjectKeyIdentifier = hash\n"
-                                            + "authorityKeyIdentifier = keyid:always,issuer:always\n"
-                                            + "basicConstraints = CA:true\n";
-
-  private static final String PASS_TOKEN = "pass:";
-  private static String keystorePass;
-  private static String securityDir;
-
-  public static void logOpenSslExitCode(String command, int exitCode) {
-    if (exitCode == 0) {
-      LOG.info(getOpenSslCommandResult(command, exitCode));
-    } else {
-      LOG.warn(getOpenSslCommandResult(command, exitCode));
-    }
-
-  }
-
-  public static String hideOpenSslPassword(String command){
-    int start = command.indexOf(PASS_TOKEN);
-    while (start >= 0) {
-      start += PASS_TOKEN.length();
-      CharSequence cs = command.subSequence(start, command.indexOf(" ", start));
-      command = command.replace(cs, "****");
-      start = command.indexOf(PASS_TOKEN, start + 1);
-    }
-    return command;
-  }
-
-  public static String getOpenSslCommandResult(String command, int exitCode) {
-    return new StringBuilder().append("Command ")
-        .append(hideOpenSslPassword(command))
-        .append(" was finished with exit code: ")
-        .append(exitCode).append(" - ")
-        .append(getOpenSslExitCodeDescription(exitCode)).toString();
-  }
-
-  private static String getOpenSslExitCodeDescription(int exitCode) {
-    switch (exitCode) {
-      case 0: {
-        return "the operation was completed successfully.";
-      }
-      case 1: {
-        return "an error occurred parsing the command options.";
-      }
-      case 2: {
-        return "one of the input files could not be read.";
-      }
-      case 3: {
-        return "an error occurred creating the PKCS#7 file or when reading the MIME message.";
-      }
-      case 4: {
-        return "an error occurred decrypting or verifying the message.";
-      }
-      case 5: {
-        return "the message was verified correctly but an error occurred writing out the signers certificates.";
-      }
-      default:
-        return "unsupported code";
-    }
-  }
-
-  public static void writeCaConfigFile(String path) throws IOException {
-    String contents = CA_CONFIG_CONTENTS.replace("${SEC_DIR}", path);
-    FileUtils.writeStringToFile(new File(path, "ca.config"), contents);
-  }
-
-  public static String getKeystorePass() {
-    return keystorePass;
-  }
-
-  public static String getSecurityDir() {
-    return securityDir;
-  }
-
-  public static void    initializeSecurityParameters(MapOperations configMap) {
-    initializeSecurityParameters(configMap, false);
-  }
-
-  public static void initializeSecurityParameters(MapOperations configMap,
-                                                boolean persistPassword) {
-    String keyStoreLocation = configMap.getOption(
-        SliderXmlConfKeys.KEY_KEYSTORE_LOCATION, getDefaultKeystoreLocation());
-    if (keyStoreLocation == null) {
-      LOG.error(SliderXmlConfKeys.KEY_KEYSTORE_LOCATION
-          + " is not specified. Unable to initialize security params.");
-      return;
-    }
-    File secDirFile = new File(keyStoreLocation).getParentFile();
-    if (!secDirFile.exists()) {
-      // create entire required directory structure
-      File dbDir = new File(secDirFile, "db");
-      File newCertsDir = new File(dbDir, "newcerts");
-      newCertsDir.mkdirs();
-      RawLocalFileSystem fileSystem = null;
-      try {
-        fileSystem = new RawLocalFileSystem();
-        FsPermission permissions = new FsPermission(FsAction.ALL, FsAction.NONE,
-                                                    FsAction.NONE);
-        fileSystem.setPermission(new Path(dbDir.getAbsolutePath()),
-                                 permissions);
-        fileSystem.setPermission(new Path(dbDir.getAbsolutePath()), permissions);
-        fileSystem.setPermission(new Path(newCertsDir.getAbsolutePath()),
-                                 permissions);
-        File indexFile = new File(dbDir, "index.txt");
-        indexFile.createNewFile();
-        SecurityUtils.writeCaConfigFile(secDirFile.getAbsolutePath().replace('\\', '/'));
-
-      } catch (IOException e) {
-        LOG.error("Unable to create SSL configuration directories/files", e);
-      } finally {
-        if (fileSystem != null) {
-          try {
-            fileSystem.close();
-          } catch (IOException e) {
-            LOG.warn("Unable to close fileSystem", e);
-          }
-        }
-      }
-      // need to create the password
-    }
-    keystorePass = getKeystorePassword(secDirFile, persistPassword);
-    securityDir = secDirFile.getAbsolutePath();
-  }
-
-  private static String getKeystorePassword(File secDirFile,
-                                            boolean persistPassword) {
-    File passFile = new File(secDirFile, SliderKeys.CRT_PASS_FILE_NAME);
-    String password = null;
-    if (!passFile.exists()) {
-      LOG.info("Generating keystore password");
-      password = RandomStringUtils.randomAlphanumeric(
-          Integer.valueOf(SliderKeys.PASS_LEN));
-      if (persistPassword) {
-        try {
-          FileUtils.writeStringToFile(passFile, password);
-          passFile.setWritable(true);
-          passFile.setReadable(true);
-        } catch (IOException e) {
-          e.printStackTrace();
-          throw new RuntimeException(
-              "Error creating certificate password file");
-        }
-      }
-    } else {
-      LOG.info("Reading password from existing file");
-      try {
-        password = FileUtils.readFileToString(passFile);
-        password = password.replaceAll("\\p{Cntrl}", "");
-      } catch (IOException e) {
-        e.printStackTrace();
-      }
-    }
-
-    return password;
-  }
-
-  private static String getDefaultKeystoreLocation() {
-    File workDir = null;
-    try {
-      workDir =  new File(FileUtils.getTempDirectory().getAbsolutePath()
-                          + "/sec" + System.currentTimeMillis());
-      if (!workDir.mkdirs()) {
-        throw new IOException("Unable to create temporary security directory");
-      }
-    } catch (IOException e) {
-      LOG.warn("Unable to create security directory");
-      return null;
-    }
-
-    return new StringBuilder().append(workDir.getAbsolutePath())
-        .append(File.separator)
-        .append(SliderKeys.SECURITY_DIR)
-        .append(File.separator)
-        .append(SliderKeys.KEYSTORE_FILE_NAME).toString();
-  }
-
-}

http://git-wip-us.apache.org/repos/asf/hadoop/blob/7a06f940/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/SignCertResponse.java
----------------------------------------------------------------------
diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/SignCertResponse.java b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/SignCertResponse.java
deleted file mode 100644
index 8437d88..0000000
--- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/SignCertResponse.java
+++ /dev/null
@@ -1,67 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.slider.server.services.security;
-
-import javax.xml.bind.annotation.XmlAccessType;
-import javax.xml.bind.annotation.XmlAccessorType;
-import javax.xml.bind.annotation.XmlElement;
-import javax.xml.bind.annotation.XmlRootElement;
-import javax.xml.bind.annotation.XmlType;
-
-/**
- *
- * Sign certificate response data model.
- *
- */
-@XmlRootElement
-@XmlAccessorType(XmlAccessType.FIELD)
-@XmlType(name = "", propOrder = {})
-public class SignCertResponse {
-	
-  public static final String ERROR_STATUS = "ERROR";
-  public static final String OK_STATUS = "OK";
-
-  @XmlElement
-  private String result;
-  @XmlElement
-  private String signedCa;
-  @XmlElement
-  private String message;
-
-  public String getResult() {
-    return result;
-  }
-  public void setResult(String result) {
-    this.result = result;
-  }
-  public String getSignedCa() {
-    return signedCa;
-  }
-  public void setSignedCa(String signedCa) {
-    this.signedCa = signedCa;
-  }
-
-  public String getMessage() {
-    return message;
-  }
-  public void setMessage(String message) {
-    this.message = message;
-  }
-}
-

http://git-wip-us.apache.org/repos/asf/hadoop/blob/7a06f940/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/SignMessage.java
----------------------------------------------------------------------
diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/SignMessage.java b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/SignMessage.java
deleted file mode 100644
index 4bccb87..0000000
--- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/SignMessage.java
+++ /dev/null
@@ -1,54 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.slider.server.services.security;
-
-import javax.xml.bind.annotation.XmlAccessType;
-import javax.xml.bind.annotation.XmlAccessorType;
-import javax.xml.bind.annotation.XmlElement;
-import javax.xml.bind.annotation.XmlRootElement;
-import javax.xml.bind.annotation.XmlType;
-
-/**
- *
- * Sign certificate request data model.
- *
- */
-@XmlRootElement
-@XmlAccessorType(XmlAccessType.FIELD)
-@XmlType(name = "", propOrder = {})
-public class SignMessage {
-
-  @XmlElement
-  private String csr;
-  @XmlElement
-  private String passphrase;
-  public String getCsr() {
-    return csr;
-  }
-  public void setCsr(String csr) {
-    this.csr = csr;
-  }
-  public String getPassphrase() {
-    return passphrase;
-  }
-  public void setPassphrase(String passphrase) {
-    this.passphrase = passphrase;
-  }
-}
-

http://git-wip-us.apache.org/repos/asf/hadoop/blob/7a06f940/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/StoresGenerator.java
----------------------------------------------------------------------
diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/StoresGenerator.java b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/StoresGenerator.java
deleted file mode 100644
index 226250f..0000000
--- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/StoresGenerator.java
+++ /dev/null
@@ -1,68 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.slider.server.services.security;
-
-import org.apache.slider.core.conf.AggregateConf;
-import org.apache.slider.core.conf.MapOperations;
-import org.apache.slider.core.exceptions.SliderException;
-
-import java.io.File;
-import java.io.IOException;
-import java.util.ArrayList;
-import java.util.List;
-
-/**
- *
- */
-public class StoresGenerator {
-
-  static CertificateManager certMgr = new CertificateManager();
-  private static SecurityStoreGenerator[] GENERATORS = {
-      new KeystoreGenerator(certMgr), new TruststoreGenerator(certMgr)
-  };
-
-  public static SecurityStore[] generateSecurityStores(String hostname,
-                                                       String containerId,
-                                                       String role,
-                                                       AggregateConf instanceDefinition,
-                                                       MapOperations compOps)
-      throws SliderException, IOException {
-    //discover which stores need generation based on the passwords configured
-    List<SecurityStore> files = new ArrayList<SecurityStore>();
-    for (SecurityStoreGenerator generator : GENERATORS) {
-      if (generator.isStoreRequested(compOps)) {
-        SecurityStore store = generator.generate(hostname,
-                                                 containerId,
-                                                 instanceDefinition,
-                                                 compOps,
-                                                 role);
-        if (store != null) {
-          files.add(store);
-        }
-      }
-    }
-
-    if (files.isEmpty()) {
-      throw new SliderException("Security stores were requested but none were "
-                                + "generated. Check the AM logs and ensure "
-                                + "passwords are configured for the components "
-                                + "requiring the stores.");
-    }
-    return files.toArray(new SecurityStore[files.size()]);
-  }
-
-}

http://git-wip-us.apache.org/repos/asf/hadoop/blob/7a06f940/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/TruststoreGenerator.java
----------------------------------------------------------------------
diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/TruststoreGenerator.java b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/TruststoreGenerator.java
deleted file mode 100644
index d16dcbd..0000000
--- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/TruststoreGenerator.java
+++ /dev/null
@@ -1,62 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.slider.server.services.security;
-
-import org.apache.slider.common.SliderKeys;
-import org.apache.slider.core.conf.AggregateConf;
-import org.apache.slider.core.conf.MapOperations;
-import org.apache.slider.core.exceptions.SliderException;
-
-import java.io.IOException;
-
-/**
- *
- */
-public class TruststoreGenerator extends AbstractSecurityStoreGenerator {
-
-
-  public TruststoreGenerator(CertificateManager certificateMgr) {
-    super(certificateMgr);
-  }
-
-  @Override
-  public SecurityStore generate(String hostname, String containerId,
-                                AggregateConf instanceDefinition,
-                                MapOperations compOps, String role)
-      throws SliderException, IOException {
-    SecurityStore truststore = null;
-    String password = getStorePassword(
-        instanceDefinition.getAppConf().credentials, compOps, role);
-    if (password != null) {
-      truststore = certificateMgr.generateContainerTruststore(containerId,
-                                                              role, password);
-    }
-    return truststore;
-  }
-
-  @Override
-  String getPassword(MapOperations compOps) {
-    return compOps.get(
-        compOps.get(SliderKeys.COMP_TRUSTSTORE_PASSWORD_PROPERTY_KEY));
-  }
-
-  @Override
-  String getAlias(MapOperations compOps) {
-    return compOps.getOption(SliderKeys.COMP_TRUSTSTORE_PASSWORD_ALIAS_KEY,
-                             SliderKeys.COMP_TRUSTSTORE_PASSWORD_ALIAS_DEFAULT);
-  }
-}

http://git-wip-us.apache.org/repos/asf/hadoop/blob/7a06f940/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/proto/SliderClusterProtocol.proto
----------------------------------------------------------------------
diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/proto/SliderClusterProtocol.proto b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/proto/SliderClusterProtocol.proto
index 4221b1d..d68da2b 100644
--- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/proto/SliderClusterProtocol.proto
+++ b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/proto/SliderClusterProtocol.proto
@@ -175,10 +175,4 @@ service SliderClusterProtocolPB {
     // ConfTree getLiveResources
   rpc getLiveResources(EmptyPayloadProto) 
     returns(WrappedJsonProto);
-
-  rpc getClientCertificateStore(GetCertificateStoreRequestProto)
-    returns(GetCertificateStoreResponseProto);
-
-  
-  
 }

http://git-wip-us.apache.org/repos/asf/hadoop/blob/7a06f940/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/test/java/org/apache/slider/server/services/security/TestCertificateManager.java
----------------------------------------------------------------------
diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/test/java/org/apache/slider/server/services/security/TestCertificateManager.java b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/test/java/org/apache/slider/server/services/security/TestCertificateManager.java
deleted file mode 100644
index 7a4a586..0000000
--- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/test/java/org/apache/slider/server/services/security/TestCertificateManager.java
+++ /dev/null
@@ -1,540 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.slider.server.services.security;
-
-import org.apache.hadoop.conf.Configuration;
-import org.apache.hadoop.fs.Path;
-import org.apache.hadoop.security.alias.CredentialProvider;
-import org.apache.hadoop.security.alias.CredentialProviderFactory;
-import org.apache.hadoop.security.alias.JavaKeyStoreProvider;
-import org.apache.slider.Slider;
-import org.apache.slider.common.SliderKeys;
-import org.apache.slider.common.SliderXmlConfKeys;
-import org.apache.slider.core.conf.AggregateConf;
-import org.apache.slider.core.conf.MapOperations;
-import org.apache.slider.core.exceptions.SliderException;
-import org.junit.Assert;
-import org.junit.Before;
-import org.junit.Rule;
-import org.junit.Test;
-import org.junit.rules.TemporaryFolder;
-
-import javax.net.ssl.TrustManager;
-import javax.net.ssl.TrustManagerFactory;
-import javax.net.ssl.X509TrustManager;
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.net.InetAddress;
-import java.security.KeyStore;
-import java.security.KeyStoreException;
-import java.security.NoSuchAlgorithmException;
-import java.security.Principal;
-import java.security.cert.Certificate;
-import java.security.cert.CertificateException;
-import java.security.cert.X509Certificate;
-import java.util.ArrayList;
-import java.util.Arrays;
-
-import static org.junit.Assert.assertEquals;
-
-/**
- *
- */
-public class TestCertificateManager {
-  @Rule
-  public TemporaryFolder workDir = new TemporaryFolder();
-  private File secDir;
-  private CertificateManager certMan;
-
-  @Before
-  public void setup() throws Exception {
-    certMan = new CertificateManager();
-    MapOperations compOperations = new MapOperations();
-    secDir = new File(workDir.getRoot(), SliderKeys.SECURITY_DIR);
-    File keystoreFile = new File(secDir, SliderKeys.KEYSTORE_FILE_NAME);
-    compOperations.put(SliderXmlConfKeys.KEY_KEYSTORE_LOCATION,
-                       keystoreFile.getAbsolutePath());
-    certMan.initialize(compOperations, "cahost", null, null);
-  }
-
-  @Test
-  public void testServerCertificateGenerated() throws Exception {
-    File serverCrt = new File(secDir, SliderKeys.CRT_FILE_NAME);
-    Assert.assertTrue("Server CRD does not exist:" + serverCrt,
-                      serverCrt.exists());
-  }
-
-  @Test
-  public void testAMKeystoreGenerated() throws Exception {
-    File keystoreFile = new File(secDir, SliderKeys.KEYSTORE_FILE_NAME);
-    Assert.assertTrue("Keystore does not exist: " + keystoreFile,
-                      keystoreFile.exists());
-    InputStream is = null;
-    try {
-
-      is = new FileInputStream(keystoreFile);
-      KeyStore keystore = KeyStore.getInstance("pkcs12");
-      String password = SecurityUtils.getKeystorePass();
-      keystore.load(is, password.toCharArray());
-
-      Certificate certificate = keystore.getCertificate(
-          keystore.aliases().nextElement());
-      Assert.assertNotNull(certificate);
-
-      if (certificate instanceof X509Certificate) {
-        X509Certificate x509cert = (X509Certificate) certificate;
-
-        // Get subject
-        Principal principal = x509cert.getSubjectDN();
-        String subjectDn = principal.getName();
-        Assert.assertEquals("wrong DN",
-                            "CN=cahost",
-                            subjectDn);
-
-        // Get issuer
-        principal = x509cert.getIssuerDN();
-        String issuerDn = principal.getName();
-        Assert.assertEquals("wrong Issuer DN",
-                            "CN=cahost",
-                            issuerDn);
-      }
-    } finally {
-      if(null != is) {
-        is.close();
-      }
-    }
-  }
-
-  @Test
-  public void testContainerCertificateGeneration() throws Exception {
-    certMan.generateContainerCertificate("testhost", "container1");
-    Assert.assertTrue("container certificate not generated",
-                      new File(secDir, "container1.crt").exists());
-  }
-
-  @Test
-  public void testContainerKeystoreGeneration() throws Exception {
-    SecurityStore keystoreFile = certMan.generateContainerKeystore("testhost",
-                                                                   "container1",
-                                                                   "component1",
-                                                                   "password");
-    validateKeystore(keystoreFile.getFile(), "testhost", "cahost");
-  }
-
-  private void validateKeystore(File keystoreFile, String certHostname,
-                                String issuerHostname)
-      throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException {
-    Assert.assertTrue("container keystore not generated",
-                      keystoreFile.exists());
-
-    InputStream is = null;
-    try {
-
-      is = new FileInputStream(keystoreFile);
-      KeyStore keystore = KeyStore.getInstance("pkcs12");
-      String password = "password";
-      keystore.load(is, password.toCharArray());
-
-      Certificate certificate = keystore.getCertificate(
-          keystore.aliases().nextElement());
-      Assert.assertNotNull(certificate);
-
-      if (certificate instanceof X509Certificate) {
-        X509Certificate x509cert = (X509Certificate) certificate;
-
-        // Get subject
-        Principal principal = x509cert.getSubjectDN();
-        String subjectDn = principal.getName();
-        Assert.assertEquals("wrong DN", "CN=" + certHostname + ", OU=container1",
-                            subjectDn);
-
-        // Get issuer
-        principal = x509cert.getIssuerDN();
-        String issuerDn = principal.getName();
-        Assert.assertEquals("wrong Issuer DN",
-                            "CN=" + issuerHostname,
-                            issuerDn);
-      }
-    } finally {
-      if(null != is) {
-        is.close();
-      }
-    }
-  }
-
-  @Test
-  public void testContainerKeystoreGenerationViaStoresGenerator() throws Exception {
-    AggregateConf instanceDefinition = new AggregateConf();
-    MapOperations compOps = new MapOperations();
-    instanceDefinition.getAppConf().components.put("component1", compOps);
-    compOps.put(SliderKeys.COMP_KEYSTORE_PASSWORD_PROPERTY_KEY,
-                "app1.component1.password.property");
-    compOps.put(SliderKeys.COMP_STORES_REQUIRED_KEY, "true");
-    instanceDefinition.getAppConf().global.put(
-        "app1.component1.password.property", "password");
-    instanceDefinition.resolve();
-    SecurityStore[]
-        files = StoresGenerator.generateSecurityStores("testhost",
-                                                       "container1",
-                                                       "component1",
-                                                       instanceDefinition,
-                                                       compOps);
-    assertEquals("wrong number of stores", 1, files.length);
-    validateKeystore(files[0].getFile(), "testhost", "cahost");
-  }
-
-  @Test
-  public void testContainerKeystoreGenerationViaStoresGeneratorUsingGlobalProps() throws Exception {
-    AggregateConf instanceDefinition = new AggregateConf();
-    MapOperations compOps = new MapOperations();
-    instanceDefinition.getAppConf().components.put("component1", compOps);
-    compOps.put(SliderKeys.COMP_KEYSTORE_PASSWORD_PROPERTY_KEY,
-                "app1.component1.password.property");
-    instanceDefinition.getAppConf().global.put(SliderKeys.COMP_STORES_REQUIRED_KEY, "true");
-    compOps.put(
-        "app1.component1.password.property", "password");
-    instanceDefinition.resolve();
-    SecurityStore[]
-        files = StoresGenerator.generateSecurityStores("testhost",
-                                                       "container1",
-                                                       "component1",
-                                                       instanceDefinition,
-                                                       compOps);
-    assertEquals("wrong number of stores", 1, files.length);
-    validateKeystore(files[0].getFile(), "testhost", "cahost");
-  }
-
-  @Test
-  public void testContainerKeystoreGenerationViaStoresGeneratorOverrideGlobalSetting() throws Exception {
-    AggregateConf instanceDefinition = new AggregateConf();
-    MapOperations compOps = setupComponentOptions(true, null,
-                                                  "app1.component1.password.property",
-                                                  null, null);
-    instanceDefinition.getAppConf().components.put("component1", compOps);
-    instanceDefinition.getAppConf().global.put(
-        "app1.component1.password.property", "password");
-    instanceDefinition.getAppConf().global.put(SliderKeys.COMP_STORES_REQUIRED_KEY, "false");
-    instanceDefinition.resolve();
-    SecurityStore[]
-        files = StoresGenerator.generateSecurityStores("testhost",
-                                                       "container1",
-                                                       "component1",
-                                                       instanceDefinition,
-                                                       compOps);
-    assertEquals("wrong number of stores", 1, files.length);
-    validateKeystore(files[0].getFile(), "testhost", "cahost");
-  }
-
-  @Test
-  public void testContainerTrusttoreGeneration() throws Exception {
-    SecurityStore keystoreFile =
-        certMan.generateContainerKeystore("testhost",
-                                          "container1",
-                                          "component1",
-                                          "keypass");
-    Assert.assertTrue("container keystore not generated",
-                      keystoreFile.getFile().exists());
-    SecurityStore truststoreFile =
-        certMan.generateContainerTruststore("container1",
-                                            "component1", "trustpass"
-        );
-    Assert.assertTrue("container truststore not generated",
-                      truststoreFile.getFile().exists());
-
-    validateTruststore(keystoreFile.getFile(), truststoreFile.getFile());
-  }
-
-  @Test
-  public void testContainerGenerationUsingStoresGeneratorNoTruststore() throws Exception {
-    AggregateConf instanceDefinition = new AggregateConf();
-    MapOperations compOps = new MapOperations();
-    compOps.put(SliderKeys.COMP_STORES_REQUIRED_KEY, "true");
-    compOps.put(SliderKeys.COMP_KEYSTORE_PASSWORD_ALIAS_KEY,
-                "test.keystore.password");
-
-    setupCredentials(instanceDefinition, "test.keystore.password", null);
-
-    SecurityStore[]
-        files = StoresGenerator.generateSecurityStores("testhost",
-                                                       "container1",
-                                                       "component1",
-                                                       instanceDefinition,
-                                                       compOps);
-    assertEquals("wrong number of stores", 1, files.length);
-    File keystoreFile = CertificateManager.getContainerKeystoreFilePath(
-        "container1", "component1");
-    Assert.assertTrue("container keystore not generated",
-                      keystoreFile.exists());
-
-    Assert.assertTrue("keystore not in returned list",
-                      Arrays.asList(files).contains(new SecurityStore(keystoreFile,
-                                                    SecurityStore.StoreType.keystore)));
-    File truststoreFile =
-        CertificateManager.getContainerTruststoreFilePath("component1",
-                                                          "container1");
-    Assert.assertFalse("container truststore generated",
-                      truststoreFile.exists());
-    Assert.assertFalse("truststore in returned list",
-                      Arrays.asList(files).contains(new SecurityStore(truststoreFile,
-                                                    SecurityStore.StoreType.truststore)));
-
-  }
-
-  @Test
-  public void testContainerGenerationUsingStoresGeneratorJustTruststoreWithDefaultAlias() throws Exception {
-    AggregateConf instanceDefinition = new AggregateConf();
-    MapOperations compOps = setupComponentOptions(true);
-
-    setupCredentials(instanceDefinition, null,
-                     SliderKeys.COMP_TRUSTSTORE_PASSWORD_ALIAS_DEFAULT);
-
-    SecurityStore[]
-        files = StoresGenerator.generateSecurityStores("testhost",
-                                                       "container1",
-                                                       "component1",
-                                                       instanceDefinition,
-                                                       compOps);
-    assertEquals("wrong number of stores", 1, files.length);
-    File keystoreFile = CertificateManager.getContainerKeystoreFilePath(
-        "container1", "component1");
-    Assert.assertFalse("container keystore generated",
-                       keystoreFile.exists());
-    Assert.assertFalse("keystore in returned list",
-                       Arrays.asList(files).contains(keystoreFile));
-    File truststoreFile =
-        CertificateManager.getContainerTruststoreFilePath("component1",
-                                                          "container1");
-    Assert.assertTrue("container truststore not generated",
-                      truststoreFile.exists());
-    Assert.assertTrue("truststore not in returned list",
-                      Arrays.asList(files).contains(new SecurityStore(truststoreFile,
-                                                                      SecurityStore.StoreType.truststore)));
-
-  }
-
-  @Test
-  public void testContainerTrusttoreGenerationUsingStoresGenerator() throws Exception {
-    AggregateConf instanceDefinition = new AggregateConf();
-    MapOperations compOps = setupComponentOptions(true,
-                                                  "test.keystore.password",
-                                                  null,
-                                                  "test.truststore.password",
-                                                  null);
-
-    setupCredentials(instanceDefinition, "test.keystore.password",
-                     "test.truststore.password");
-
-    SecurityStore[]
-        files = StoresGenerator.generateSecurityStores("testhost",
-                                                       "container1",
-                                                       "component1",
-                                                       instanceDefinition,
-                                                       compOps);
-    assertEquals("wrong number of stores", 2, files.length);
-    File keystoreFile = CertificateManager.getContainerKeystoreFilePath(
-        "container1", "component1");
-    Assert.assertTrue("container keystore not generated",
-                      keystoreFile.exists());
-    Assert.assertTrue("keystore not in returned list",
-                      Arrays.asList(files).contains(new SecurityStore(keystoreFile,
-                                                                      SecurityStore.StoreType.keystore)));
-    File truststoreFile =
-        CertificateManager.getContainerTruststoreFilePath("component1",
-                                                          "container1");
-    Assert.assertTrue("container truststore not generated",
-                      truststoreFile.exists());
-    Assert.assertTrue("truststore not in returned list",
-                      Arrays.asList(files).contains(new SecurityStore(truststoreFile,
-                                                                      SecurityStore.StoreType.truststore)));
-
-    validateTruststore(keystoreFile, truststoreFile);
-  }
-
-  private void setupCredentials(AggregateConf instanceDefinition,
-                                String keyAlias, String trustAlias)
-      throws Exception {
-    Configuration conf = new Configuration();
-    final Path jksPath = new Path(SecurityUtils.getSecurityDir(), "test.jks");
-    final String ourUrl =
-        JavaKeyStoreProvider.SCHEME_NAME + "://file" + jksPath.toUri();
-
-    File file = new File(SecurityUtils.getSecurityDir(), "test.jks");
-    file.delete();
-    conf.set(CredentialProviderFactory.CREDENTIAL_PROVIDER_PATH, ourUrl);
-
-    instanceDefinition.getAppConf().credentials.put(ourUrl, new ArrayList<String>());
-
-    CredentialProvider provider =
-        CredentialProviderFactory.getProviders(conf).get(0);
-
-    // create new aliases
-    try {
-
-      if (keyAlias != null) {
-        char[] storepass = {'k', 'e', 'y', 'p', 'a', 's', 's'};
-        provider.createCredentialEntry(
-            keyAlias, storepass);
-      }
-
-      if (trustAlias != null) {
-        char[] trustpass = {'t', 'r', 'u', 's', 't', 'p', 'a', 's', 's'};
-        provider.createCredentialEntry(
-            trustAlias, trustpass);
-      }
-
-      // write out so that it can be found in checks
-      provider.flush();
-    } catch (Exception e) {
-      e.printStackTrace();
-      throw e;
-    }
-  }
-
-  private MapOperations setupComponentOptions(boolean storesRequired) {
-    return this.setupComponentOptions(storesRequired, null, null, null, null);
-  }
-
-  private MapOperations setupComponentOptions(boolean storesRequired,
-                                              String keyAlias,
-                                              String keyPwd,
-                                              String trustAlias,
-                                              String trustPwd) {
-    MapOperations compOps = new MapOperations();
-    compOps.put(SliderKeys.COMP_STORES_REQUIRED_KEY,
-                Boolean.toString(storesRequired));
-    if (keyAlias != null) {
-      compOps.put(SliderKeys.COMP_KEYSTORE_PASSWORD_ALIAS_KEY,
-                  "test.keystore.password");
-    }
-    if (trustAlias != null) {
-      compOps.put(SliderKeys.COMP_TRUSTSTORE_PASSWORD_ALIAS_KEY,
-                  "test.truststore.password");
-    }
-    if (keyPwd != null) {
-      compOps.put(SliderKeys.COMP_KEYSTORE_PASSWORD_PROPERTY_KEY,
-                  keyPwd);
-    }
-    if (trustPwd != null) {
-      compOps.put(SliderKeys.COMP_TRUSTSTORE_PASSWORD_PROPERTY_KEY,
-                  trustPwd);
-    }
-    return compOps;
-  }
-
-  @Test
-  public void testContainerStoresGenerationKeystoreOnly() throws Exception {
-    AggregateConf instanceDefinition = new AggregateConf();
-    MapOperations compOps = new MapOperations();
-    compOps.put(SliderKeys.COMP_STORES_REQUIRED_KEY, "true");
-
-    setupCredentials(instanceDefinition,
-                     SliderKeys.COMP_KEYSTORE_PASSWORD_ALIAS_DEFAULT, null);
-
-    SecurityStore[]
-        files = StoresGenerator.generateSecurityStores("testhost",
-                                                       "container1",
-                                                       "component1",
-                                                       instanceDefinition,
-                                                       compOps);
-    assertEquals("wrong number of stores", 1, files.length);
-    File keystoreFile = CertificateManager.getContainerKeystoreFilePath(
-        "container1", "component1");
-    Assert.assertTrue("container keystore not generated",
-                      keystoreFile.exists());
-    Assert.assertTrue("keystore not in returned list",
-                      Arrays.asList(files).contains(new SecurityStore(keystoreFile,
-                                                                      SecurityStore.StoreType.keystore)));
-    File truststoreFile =
-        CertificateManager.getContainerTruststoreFilePath("component1",
-                                                          "container1");
-    Assert.assertFalse("container truststore generated",
-                       truststoreFile.exists());
-    Assert.assertFalse("truststore in returned list",
-                       Arrays.asList(files).contains(new SecurityStore(truststoreFile,
-                                                                       SecurityStore.StoreType.truststore)));
-
-  }
-
-  @Test
-  public void testContainerStoresGenerationMisconfiguration() throws Exception {
-    AggregateConf instanceDefinition = new AggregateConf();
-    MapOperations compOps = new MapOperations();
-    compOps.put(SliderKeys.COMP_STORES_REQUIRED_KEY, "true");
-
-    setupCredentials(instanceDefinition, "cant.be.found", null);
-
-    try {
-      StoresGenerator.generateSecurityStores("testhost", "container1",
-                                                            "component1", instanceDefinition,
-                                                            compOps);
-      Assert.fail("SliderException should have been generated");
-    } catch (SliderException e) {
-      // ignore - should be thrown
-    }
-  }
-
-  private void validateTruststore(File keystoreFile, File truststoreFile)
-      throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException {
-    InputStream keyis = null;
-    InputStream trustis = null;
-    try {
-
-      // create keystore
-      keyis = new FileInputStream(keystoreFile);
-      KeyStore keystore = KeyStore.getInstance("pkcs12");
-      String password = "keypass";
-      keystore.load(keyis, password.toCharArray());
-
-      // obtain server cert
-      Certificate certificate = keystore.getCertificate(
-          keystore.aliases().nextElement());
-      Assert.assertNotNull(certificate);
-
-      // create trust store from generated trust store file
-      trustis = new FileInputStream(truststoreFile);
-      KeyStore truststore = KeyStore.getInstance("pkcs12");
-      password = "trustpass";
-      truststore.load(trustis, password.toCharArray());
-
-      // validate keystore cert using trust store
-      TrustManagerFactory
-          trustManagerFactory =
-          TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
-      trustManagerFactory.init(truststore);
-
-      for (TrustManager trustManager: trustManagerFactory.getTrustManagers()) {
-        if (trustManager instanceof X509TrustManager) {
-          X509TrustManager x509TrustManager = (X509TrustManager)trustManager;
-          x509TrustManager.checkServerTrusted(
-              new X509Certificate[] {(X509Certificate) certificate},
-              "RSA_EXPORT");
-        }
-      }
-
-    } finally {
-      if(null != keyis) {
-        keyis.close();
-      }
-      if(null != trustis) {
-        trustis.close();
-      }
-    }
-  }
-
-}

http://git-wip-us.apache.org/repos/asf/hadoop/blob/7a06f940/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/test/java/org/apache/slider/server/services/security/TestMultiThreadedStoreGeneration.java
----------------------------------------------------------------------
diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/test/java/org/apache/slider/server/services/security/TestMultiThreadedStoreGeneration.java b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/test/java/org/apache/slider/server/services/security/TestMultiThreadedStoreGeneration.java
deleted file mode 100644
index 2e2ffce..0000000
--- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/test/java/org/apache/slider/server/services/security/TestMultiThreadedStoreGeneration.java
+++ /dev/null
@@ -1,156 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.slider.server.services.security;
-
-import org.apache.hadoop.conf.Configuration;
-import org.apache.hadoop.fs.Path;
-import org.apache.hadoop.security.alias.CredentialProvider;
-import org.apache.hadoop.security.alias.CredentialProviderFactory;
-import org.apache.hadoop.security.alias.JavaKeyStoreProvider;
-import org.apache.slider.common.SliderKeys;
-import org.apache.slider.common.SliderXmlConfKeys;
-import org.apache.slider.core.conf.AggregateConf;
-import org.apache.slider.core.conf.MapOperations;
-import org.apache.slider.core.exceptions.SliderException;
-import org.junit.Rule;
-import org.junit.Test;
-import org.junit.rules.TemporaryFolder;
-
-import java.io.File;
-import java.io.IOException;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.List;
-import java.util.concurrent.CountDownLatch;
-
-import static org.junit.Assert.assertTrue;
-
-/**
- *
- */
-public class TestMultiThreadedStoreGeneration {
-
-  public static final int NUM_THREADS = 30;
-  @Rule
-  public TemporaryFolder workDir = new TemporaryFolder();;
-
-  private void setupCredentials(AggregateConf instanceDefinition,
-                                String keyAlias, String trustAlias)
-      throws Exception {
-    Configuration conf = new Configuration();
-    final Path jksPath = new Path(SecurityUtils.getSecurityDir(), "test.jks");
-    final String ourUrl =
-        JavaKeyStoreProvider.SCHEME_NAME + "://file" + jksPath.toUri();
-
-    File file = new File(SecurityUtils.getSecurityDir(), "test.jks");
-    file.delete();
-    conf.set(CredentialProviderFactory.CREDENTIAL_PROVIDER_PATH, ourUrl);
-
-    instanceDefinition.getAppConf().credentials.put(ourUrl, new ArrayList<String>());
-
-    CredentialProvider provider =
-        CredentialProviderFactory.getProviders(conf).get(0);
-
-    // create new aliases
-    try {
-
-      if (keyAlias != null) {
-        char[] storepass = {'k', 'e', 'y', 'p', 'a', 's', 's'};
-        provider.createCredentialEntry(
-            keyAlias, storepass);
-      }
-
-      if (trustAlias != null) {
-        char[] trustpass = {'t', 'r', 'u', 's', 't', 'p', 'a', 's', 's'};
-        provider.createCredentialEntry(
-            trustAlias, trustpass);
-      }
-
-      // write out so that it can be found in checks
-      provider.flush();
-    } catch (Exception e) {
-      e.printStackTrace();
-      throw e;
-    }
-  }
-
-
-  @Test
-  public void testMultiThreadedStoreGeneration() throws Exception {
-
-    CertificateManager certMan = new CertificateManager();
-    MapOperations compOperations = new MapOperations();
-    File secDir = new File(workDir.getRoot(), SliderKeys.SECURITY_DIR);
-    File keystoreFile = new File(secDir, SliderKeys.KEYSTORE_FILE_NAME);
-    compOperations.put(SliderXmlConfKeys.KEY_KEYSTORE_LOCATION,
-                       keystoreFile.getAbsolutePath());
-    certMan.initialize(compOperations, "cahost", null, null);
-
-    final CountDownLatch latch = new CountDownLatch(1);
-    final List<SecurityStore> stores = new ArrayList<>();
-    List<Thread> threads = new ArrayList<>();
-    final AggregateConf instanceDefinition = new AggregateConf();
-
-    setupCredentials(instanceDefinition,
-                     SliderKeys.COMP_KEYSTORE_PASSWORD_ALIAS_DEFAULT, null);
-    final MapOperations compOps = new MapOperations();
-    compOps.put(SliderKeys.COMP_STORES_REQUIRED_KEY, "true");
-
-    for (int i=0; i<NUM_THREADS; ++i) {
-      final int finalI = i;
-      Runnable runner = new Runnable() {
-        public void run() {
-          System.out.println ("----> In run");
-          try {
-            latch.await();
-            SecurityStore[] stores1 = StoresGenerator.generateSecurityStores(
-                "testhost",
-                "container" + finalI,
-                "component" + finalI,
-                instanceDefinition,
-                compOps);
-            System.out.println ("----> stores1" + stores1);
-            List<SecurityStore>
-                securityStores =
-                Arrays.asList(stores1);
-            stores.addAll(securityStores);
-          } catch (InterruptedException e) {
-            e.printStackTrace();
-          } catch (SliderException e) {
-            e.printStackTrace();
-          } catch (IOException e) {
-            e.printStackTrace();
-          } catch (Exception e) {
-            e.printStackTrace();
-          }
-        }
-      };
-      Thread thread = new Thread(runner, "TestThread" + i);
-      threads.add(thread);
-      thread.start();
-    }
-    latch.countDown();
-    for (Thread t : threads) {
-      t.join();
-    }
-
-    for (int i=0; i < NUM_THREADS; i++) {
-      assertTrue("keystore " + i + " not generated", stores.get(i).getFile().exists());
-    }
-  }
-
-}


---------------------------------------------------------------------
To unsubscribe, e-mail: common-commits-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-commits-help@hadoop.apache.org


Mime
View raw message