impala-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sailesh Mukil (Code Review)" <ger...@cloudera.org>
Subject [Impala-CR](cdh5-trunk) IMPALA-3159: impala-shell does not accept wildcard or SAN certificates
Date Tue, 12 Jul 2016 02:50:41 GMT
Sailesh Mukil has uploaded a new patch set (#2).

Change subject: IMPALA-3159: impala-shell does not accept wildcard or SAN certificates
......................................................................

IMPALA-3159: impala-shell does not accept wildcard or SAN certificates

The impala-shell could not accept wildcard or SAN certificates
previously as the thrift library it depended on did not support them.
This patch subclasses TSSLSocket and adds the logic to take care of
the above mentioned cases by introducing the new
TSSLSocketWithWildcardSAN class.

The certificate matching logic is based on the python-ssl source code.

Added custom cluster tests to test both wildcard matching and SAN
matching.

This has been tested with Python2.4 and Python2.6.

Change-Id: I8908f05afe4a6da9713fd303c499c50f692985ef
---
A be/src/testutil/wildcard-cert.key
A be/src/testutil/wildcard-cert.pem
A be/src/testutil/wildcard-san-cert.key
A be/src/testutil/wildcard-san-cert.pem
A be/src/testutil/wildcardCA.key
A be/src/testutil/wildcardCA.pem
A shell/TSSLSocketWithWildcardSAN.py
M shell/impala_client.py
M tests/custom_cluster/test_client_ssl.py
9 files changed, 328 insertions(+), 10 deletions(-)


  git pull ssh://gerrit.cloudera.org:29418/Impala refs/changes/15/3615/2
-- 
To view, visit http://gerrit.cloudera.org:8080/3615
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings

Gerrit-MessageType: newpatchset
Gerrit-Change-Id: I8908f05afe4a6da9713fd303c499c50f692985ef
Gerrit-PatchSet: 2
Gerrit-Project: Impala
Gerrit-Branch: cdh5-trunk
Gerrit-Owner: Sailesh Mukil <sailesh@cloudera.com>
Gerrit-Reviewer: Henry Robinson <henry@cloudera.com>

Mime
View raw message