hbase-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From e...@apache.org
Subject hbase git commit: HBASE-12984: SSL cannot be used by the InfoPort in branch-1
Date Tue, 10 Feb 2015 00:46:43 GMT
Repository: hbase
Updated Branches:
  refs/heads/branch-1 4c4eb58ea -> 93bfa2670


HBASE-12984: SSL cannot be used by the InfoPort in branch-1


Project: http://git-wip-us.apache.org/repos/asf/hbase/repo
Commit: http://git-wip-us.apache.org/repos/asf/hbase/commit/93bfa267
Tree: http://git-wip-us.apache.org/repos/asf/hbase/tree/93bfa267
Diff: http://git-wip-us.apache.org/repos/asf/hbase/diff/93bfa267

Branch: refs/heads/branch-1
Commit: 93bfa26705d9d0c596b919c92fd73092b218ee16
Parents: 4c4eb58
Author: Esteban Gutierrez <esteban@cloudera.com>
Authored: Sat Feb 7 00:16:23 2015 -0800
Committer: Enis Soztutar <enis@apache.org>
Committed: Mon Feb 9 16:45:03 2015 -0800

----------------------------------------------------------------------
 .../apache/hadoop/hbase/http/HttpConfig.java    | 25 +++++++++--------
 .../apache/hadoop/hbase/http/InfoServer.java    | 24 +++++++++++-----
 .../hadoop/hbase/TestHBaseTestingUtility.java   | 29 ++++++++++++++++++++
 3 files changed, 60 insertions(+), 18 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/hbase/blob/93bfa267/hbase-server/src/main/java/org/apache/hadoop/hbase/http/HttpConfig.java
----------------------------------------------------------------------
diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/http/HttpConfig.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/http/HttpConfig.java
index d6180b5..4ed7fbd 100644
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/http/HttpConfig.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/http/HttpConfig.java
@@ -27,13 +27,13 @@ import org.apache.hadoop.conf.Configuration;
 @InterfaceAudience.Private
 @InterfaceStability.Unstable
 public class HttpConfig {
-  private static Policy policy;
+  private Policy policy;
   public enum Policy {
     HTTP_ONLY,
     HTTPS_ONLY,
     HTTP_AND_HTTPS;
 
-    public static Policy fromString(String value) {
+    public Policy fromString(String value) {
       if (HTTPS_ONLY.name().equalsIgnoreCase(value)) {
         return HTTPS_ONLY;
       } else if (HTTP_AND_HTTPS.name().equalsIgnoreCase(value)) {
@@ -51,27 +51,30 @@ public class HttpConfig {
     }
   }
 
-  static {
-    Configuration conf = new Configuration();
+   public HttpConfig(final Configuration conf) {
     boolean sslEnabled = conf.getBoolean(
-            ServerConfigurationKeys.HBASE_SSL_ENABLED_KEY,
-            ServerConfigurationKeys.HBASE_SSL_ENABLED_DEFAULT);
+      ServerConfigurationKeys.HBASE_SSL_ENABLED_KEY,
+      ServerConfigurationKeys.HBASE_SSL_ENABLED_DEFAULT);
     policy = sslEnabled ? Policy.HTTPS_ONLY : Policy.HTTP_ONLY;
+    if (sslEnabled) {
+      conf.addResource("ssl-server.xml");
+      conf.addResource("ssl-client.xml");
+    }
   }
 
-  public static void setPolicy(Policy policy) {
-    HttpConfig.policy = policy;
+  public void setPolicy(Policy policy) {
+    this.policy = policy;
   }
 
-  public static boolean isSecure() {
+  public boolean isSecure() {
     return policy == Policy.HTTPS_ONLY;
   }
 
-  public static String getSchemePrefix() {
+  public String getSchemePrefix() {
     return (isSecure()) ? "https://" : "http://";
   }
 
-  public static String getScheme(Policy policy) {
+  public String getScheme(Policy policy) {
     return policy == Policy.HTTPS_ONLY ? "https://" : "http://";
   }
 }

http://git-wip-us.apache.org/repos/asf/hbase/blob/93bfa267/hbase-server/src/main/java/org/apache/hadoop/hbase/http/InfoServer.java
----------------------------------------------------------------------
diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/http/InfoServer.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/http/InfoServer.java
index ffaaeaa..e9b76bc 100644
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/http/InfoServer.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/http/InfoServer.java
@@ -54,15 +54,25 @@ public class InfoServer {
   public InfoServer(String name, String bindAddress, int port, boolean findPort,
       final Configuration c)
   throws IOException {
+    HttpConfig httpConfig = new HttpConfig(c);
     HttpServer.Builder builder =
       new org.apache.hadoop.hbase.http.HttpServer.Builder();
-    builder
-      .setName(name)
-      .addEndpoint(URI.create("http://" + bindAddress + ":" + port))
-      .setAppDir(HBASE_APP_DIR).setFindPort(findPort).setConf(c);
-    String logDir = System.getProperty("hbase.log.dir");
-    if (logDir != null) {
-      builder.setLogDir(logDir);
+
+      builder.setName(name).addEndpoint(URI.create(httpConfig.getSchemePrefix() +
+        bindAddress + ":" +
+        port)).setAppDir(HBASE_APP_DIR).setFindPort(findPort).setConf(c);
+      String logDir = System.getProperty("hbase.log.dir");
+      if (logDir != null) {
+        builder.setLogDir(logDir);
+      }
+    if (httpConfig.isSecure()) {
+    builder.keyPassword(c.get("ssl.server.keystore.keypassword"))
+      .keyStore(c.get("ssl.server.keystore.location"),
+        c.get("ssl.server.keystore.password"),
+        c.get("ssl.server.keystore.type", "jks"))
+      .trustStore(c.get("ssl.server.truststore.location"),
+        c.get("ssl.server.truststore.password"),
+        c.get("ssl.server.truststore.type", "jks"));
     }
     this.httpServer = builder.build();
   }

http://git-wip-us.apache.org/repos/asf/hbase/blob/93bfa267/hbase-server/src/test/java/org/apache/hadoop/hbase/TestHBaseTestingUtility.java
----------------------------------------------------------------------
diff --git a/hbase-server/src/test/java/org/apache/hadoop/hbase/TestHBaseTestingUtility.java
b/hbase-server/src/test/java/org/apache/hadoop/hbase/TestHBaseTestingUtility.java
index 856cc9e..84ee963 100644
--- a/hbase-server/src/test/java/org/apache/hadoop/hbase/TestHBaseTestingUtility.java
+++ b/hbase-server/src/test/java/org/apache/hadoop/hbase/TestHBaseTestingUtility.java
@@ -26,6 +26,7 @@ import static org.junit.Assert.assertTrue;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.apache.hadoop.fs.FileSystem;
+import org.apache.hadoop.fs.FileUtil;
 import org.apache.hadoop.fs.Path;
 import org.apache.hadoop.hbase.client.Get;
 import org.apache.hadoop.hbase.client.Put;
@@ -35,8 +36,10 @@ import org.apache.hadoop.hbase.testclassification.LargeTests;
 import org.apache.hadoop.hbase.util.Bytes;
 import org.apache.hadoop.hbase.zookeeper.MiniZooKeeperCluster;
 import org.apache.hadoop.hdfs.MiniDFSCluster;
+import org.apache.hadoop.hbase.http.ssl.KeyStoreTestUtil;
 import org.junit.Test;
 import org.junit.experimental.categories.Category;
+import java.io.File;
 
 /**
  * Test our testing utility class
@@ -136,6 +139,32 @@ public class TestHBaseTestingUtility {
     }
   }
 
+  @Test
+  public void testMiniClusterWithSSLOn() throws Exception {
+    final String BASEDIR = System.getProperty("test.build.dir",
+        "target/test-dir") + "/" + TestHBaseTestingUtility.class.getSimpleName();
+    String sslConfDir = KeyStoreTestUtil.getClasspathDir(TestHBaseTestingUtility.class);
+    String keystoresDir = new File(BASEDIR).getAbsolutePath();
+
+    HBaseTestingUtility hbt = new HBaseTestingUtility();
+    File base = new File(BASEDIR);
+    FileUtil.fullyDelete(base);
+    base.mkdirs();
+
+    KeyStoreTestUtil.setupSSLConfig(keystoresDir, sslConfDir, hbt.getConfiguration(), false);
+
+    hbt.getConfiguration().set("hbase.ssl.enabled", "true");
+    hbt.getConfiguration().addResource("ssl-server.xml");
+    hbt.getConfiguration().addResource("ssl-client.xml");
+
+    MiniHBaseCluster cluster = hbt.startMiniCluster();
+    try {
+      assertEquals(1, cluster.getLiveRegionServerThreads().size());
+    } finally {
+      hbt.shutdownMiniCluster();
+    }
+  }
+
   /**
    *  Test that we can start and stop multiple time a cluster
    *   with the same HBaseTestingUtility.


Mime
View raw message