From commits-return-65890-archive-asf-public=cust-asf.ponee.io@hbase.apache.org  Mon Jan 22 18:05:28 2018
Return-Path: <commits-return-65890-archive-asf-public=cust-asf.ponee.io@hbase.apache.org>
X-Original-To: archive-asf-public@eu.ponee.io
Delivered-To: archive-asf-public@eu.ponee.io
Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183])
	by mx-eu-01.ponee.io (Postfix) with ESMTP id 35F12180609
	for <archive-asf-public@eu.ponee.io>; Mon, 22 Jan 2018 18:05:28 +0100 (CET)
Received: by cust-asf.ponee.io (Postfix)
	id 26230160C3A; Mon, 22 Jan 2018 17:05:28 +0000 (UTC)
Delivered-To: archive-asf-public@cust-asf.ponee.io
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by cust-asf.ponee.io (Postfix) with SMTP id 702E3160C4D
	for <archive-asf-public@cust-asf.ponee.io>; Mon, 22 Jan 2018 18:05:27 +0100 (CET)
Received: (qmail 86027 invoked by uid 500); 22 Jan 2018 17:05:26 -0000
Mailing-List: contact commits-help@hbase.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:commits-help@hbase.apache.org>
List-Unsubscribe: <mailto:commits-unsubscribe@hbase.apache.org>
List-Post: <mailto:commits@hbase.apache.org>
List-Id: <commits.hbase.apache.org>
Reply-To: dev@hbase.apache.org
Delivered-To: mailing list commits@hbase.apache.org
Received: (qmail 85735 invoked by uid 99); 22 Jan 2018 17:05:26 -0000
Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23)
    by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 22 Jan 2018 17:05:26 +0000
Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33)
	id 8620FF17D8; Mon, 22 Jan 2018 17:05:23 +0000 (UTC)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: elserj@apache.org
To: commits@hbase.apache.org
Date: Mon, 22 Jan 2018 17:05:28 -0000
Message-Id: <5a633505909b4437b2e900a438cb0ee6@git.apache.org>
In-Reply-To: <77aba58fab5043ddbee52369865a8ac9@git.apache.org>
References: <77aba58fab5043ddbee52369865a8ac9@git.apache.org>
X-Mailer: ASF-Git Admin Mailer
Subject: [6/6] hbase git commit: HBASE-17513 Thrift Server 1 uses different
 QOP settings than RPC and Thrift Server 2 and can easily be misconfigured so
 there is no encryption when the operator expects it

HBASE-17513 Thrift Server 1 uses different QOP settings than RPC and Thrift Server 2 and can easily be misconfigured so there is no encryption when the operator expects it

Signed-off-by: Chia-Ping Tsai <chia7712@gmail.com>
Signed-off-by: Josh Elser <elserj@apache.org>


Project: http://git-wip-us.apache.org/repos/asf/hbase/repo
Commit: http://git-wip-us.apache.org/repos/asf/hbase/commit/46e199d9
Tree: http://git-wip-us.apache.org/repos/asf/hbase/tree/46e199d9
Diff: http://git-wip-us.apache.org/repos/asf/hbase/diff/46e199d9

Branch: refs/heads/branch-1.2
Commit: 46e199d9aa515c0cf867903c35655cf503eed82c
Parents: 45e99ff
Author: Reid Chan <reidddchan@outlook.com>
Authored: Mon Jan 22 16:18:29 2018 +0800
Committer: Josh Elser <elserj@apache.org>
Committed: Mon Jan 22 11:58:41 2018 -0500

----------------------------------------------------------------------
 .../hadoop/hbase/thrift/ThriftServerRunner.java | 10 ++++++++
 .../hbase/thrift/TestThriftHttpServer.java      | 27 ++++++++++++++++++--
 2 files changed, 35 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/hbase/blob/46e199d9/hbase-thrift/src/main/java/org/apache/hadoop/hbase/thrift/ThriftServerRunner.java
----------------------------------------------------------------------
diff --git a/hbase-thrift/src/main/java/org/apache/hadoop/hbase/thrift/ThriftServerRunner.java b/hbase-thrift/src/main/java/org/apache/hadoop/hbase/thrift/ThriftServerRunner.java
index dc9e71d..b25d5bf 100644
--- a/hbase-thrift/src/main/java/org/apache/hadoop/hbase/thrift/ThriftServerRunner.java
+++ b/hbase-thrift/src/main/java/org/apache/hadoop/hbase/thrift/ThriftServerRunner.java
@@ -342,6 +342,7 @@ public class ThriftServerRunner implements Runnable {
                               QualityOfProtection.INTEGRITY.name(),
                               QualityOfProtection.PRIVACY.name()));
       }
+      checkHttpSecurity(qop, conf);
       if (!securityEnabled) {
         throw new IOException("Thrift server must"
           + " run in secure mode to support authentication");
@@ -349,6 +350,15 @@ public class ThriftServerRunner implements Runnable {
     }
   }
 
+  private void checkHttpSecurity(QualityOfProtection qop, Configuration conf) {
+    if (qop == QualityOfProtection.PRIVACY &&
+        conf.getBoolean(USE_HTTP_CONF_KEY, false) &&
+        !conf.getBoolean(THRIFT_SSL_ENABLED, false)) {
+      throw new IllegalArgumentException("Thrift HTTP Server's QoP is privacy, but " +
+          THRIFT_SSL_ENABLED + " is false");
+    }
+  }
+
   /*
    * Runs the Thrift server
    */

http://git-wip-us.apache.org/repos/asf/hbase/blob/46e199d9/hbase-thrift/src/test/java/org/apache/hadoop/hbase/thrift/TestThriftHttpServer.java
----------------------------------------------------------------------
diff --git a/hbase-thrift/src/test/java/org/apache/hadoop/hbase/thrift/TestThriftHttpServer.java b/hbase-thrift/src/test/java/org/apache/hadoop/hbase/thrift/TestThriftHttpServer.java
index 8e8e9f9..cf14e87 100644
--- a/hbase-thrift/src/test/java/org/apache/hadoop/hbase/thrift/TestThriftHttpServer.java
+++ b/hbase-thrift/src/test/java/org/apache/hadoop/hbase/thrift/TestThriftHttpServer.java
@@ -18,11 +18,16 @@
  */
 package org.apache.hadoop.hbase.thrift;
 
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.fail;
+
 import java.util.ArrayList;
 import java.util.List;
 
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
+import org.apache.hadoop.conf.Configuration;
 import org.apache.hadoop.hbase.HBaseTestingUtility;
 import org.apache.hadoop.hbase.HConstants;
 import org.apache.hadoop.hbase.testclassification.LargeTests;
@@ -38,8 +43,6 @@ import org.junit.AfterClass;
 import org.junit.BeforeClass;
 import org.junit.Test;
 import org.junit.experimental.categories.Category;
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertTrue;
 import org.junit.Rule;
 import org.junit.rules.ExpectedException;
 
@@ -83,6 +86,26 @@ public class TestThriftHttpServer {
     EnvironmentEdgeManager.reset();
   }
 
+  @Test
+  public void testExceptionThrownWhenMisConfigured() throws Exception {
+    Configuration conf = new Configuration(TEST_UTIL.getConfiguration());
+    conf.set("hbase.thrift.security.qop", "privacy");
+    conf.setBoolean("hbase.thrift.ssl.enabled", false);
+
+    ThriftServerRunner runner = null;
+    ExpectedException thrown = ExpectedException.none();
+    try {
+      thrown.expect(IllegalArgumentException.class);
+      thrown.expectMessage("Thrift HTTP Server's QoP is privacy, " +
+          "but hbase.thrift.ssl.enabled is false");
+      runner = new ThriftServerRunner(conf);
+      fail("Thrift HTTP Server starts up even with wrong security configurations.");
+    } catch (Exception e) {
+    }
+
+    assertNull(runner);
+  }
+
   private void startHttpServerThread(final String[] args) {
     LOG.info("Starting HBase Thrift server with HTTP server: " + Joiner.on(" ").join(args));