Add cassandra-stress keystore option (CASSANDRA-9325) * Prevents stress tool from checking keystore at .conf/keystore even if not needed * Adds keystore -transport option in case client verification is used on server
Patch by Stefan Podkowinski; reviewed by T Jake Luciani for CASSANDRA-9325 Project: http://git-wip-us.apache.org/repos/asf/cassandra/repo Commit: http://git-wip-us.apache.org/repos/asf/cassandra/commit/106750c7 Tree: http://git-wip-us.apache.org/repos/asf/cassandra/tree/106750c7 Diff: http://git-wip-us.apache.org/repos/asf/cassandra/diff/106750c7 Branch: refs/heads/trunk Commit: 106750c78e21c6d7ad85ee2d0819a36cd65726b3 Parents: 10f25ae Author: Stefan Podkowinski <s.podkowin...@gmail.com> Authored: Tue Feb 16 17:34:26 2016 +0100 Committer: T Jake Luciani <j...@apache.org> Committed: Thu Mar 31 10:09:24 2016 -0400 ---------------------------------------------------------------------- CHANGES.txt | 1 + .../stress/settings/SettingsTransport.java | 18 +++++++++++++++++- 2 files changed, 18 insertions(+), 1 deletion(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cassandra/blob/106750c7/CHANGES.txt ---------------------------------------------------------------------- diff --git a/CHANGES.txt b/CHANGES.txt index e7aa321..3e51935 100644 --- a/CHANGES.txt +++ b/CHANGES.txt @@ -1,4 +1,5 @@ 2.2.6 + * Add cassandra-stress keystore option (CASSANDRA-9325) * Dont mark sstables as repairing with sub range repairs (CASSANDRA-11451) * Fix use of NullUpdater for 2i during compaction (CASSANDRA-11450) * Notify when sstables change after cancelling compaction (CASSANDRA-11373) http://git-wip-us.apache.org/repos/asf/cassandra/blob/106750c7/tools/stress/src/org/apache/cassandra/stress/settings/SettingsTransport.java ---------------------------------------------------------------------- diff --git a/tools/stress/src/org/apache/cassandra/stress/settings/SettingsTransport.java b/tools/stress/src/org/apache/cassandra/stress/settings/SettingsTransport.java index 8b0ef6a..b6d1d90 100644 --- a/tools/stress/src/org/apache/cassandra/stress/settings/SettingsTransport.java +++ b/tools/stress/src/org/apache/cassandra/stress/settings/SettingsTransport.java @@ -65,6 +65,10 @@ public class SettingsTransport implements Serializable factoryOptions.put(SSLTransportFactory.TRUSTSTORE, options.trustStore.value()); if (transportFactory.supportedOptions().contains(SSLTransportFactory.TRUSTSTORE_PASSWORD)) factoryOptions.put(SSLTransportFactory.TRUSTSTORE_PASSWORD, options.trustStorePw.value()); + if (transportFactory.supportedOptions().contains(SSLTransportFactory.KEYSTORE)) + factoryOptions.put(SSLTransportFactory.KEYSTORE, options.keyStore.value()); + if (transportFactory.supportedOptions().contains(SSLTransportFactory.KEYSTORE_PASSWORD)) + factoryOptions.put(SSLTransportFactory.KEYSTORE_PASSWORD, options.keyStorePw.value()); if (transportFactory.supportedOptions().contains(SSLTransportFactory.PROTOCOL)) factoryOptions.put(SSLTransportFactory.PROTOCOL, options.protocol.value()); if (transportFactory.supportedOptions().contains(SSLTransportFactory.CIPHER_SUITES)) @@ -102,6 +106,16 @@ public class SettingsTransport implements Serializable encOptions.enabled = true; encOptions.truststore = options.trustStore.value(); encOptions.truststore_password = options.trustStorePw.value(); + if (options.keyStore.present()) + { + encOptions.keystore = options.keyStore.value(); + encOptions.keystore_password = options.keyStorePw.value(); + } + else + { + // mandatory for SSLFactory.createSSLContext(), see CASSANDRA-9325 + encOptions.keystore = encOptions.truststore; + } encOptions.algorithm = options.alg.value(); encOptions.protocol = options.protocol.value(); encOptions.cipher_suites = options.ciphers.value().split(","); @@ -116,6 +130,8 @@ public class SettingsTransport implements Serializable final OptionSimple factory = new OptionSimple("factory=", ".*", TFramedTransportFactory.class.getName(), "Fully-qualified ITransportFactory class name for creating a connection. Note: For Thrift over SSL, use org.apache.cassandra.thrift.SSLTransportFactory.", false); final OptionSimple trustStore = new OptionSimple("truststore=", ".*", null, "SSL: full path to truststore", false); final OptionSimple trustStorePw = new OptionSimple("truststore-password=", ".*", null, "SSL: truststore password", false); + final OptionSimple keyStore = new OptionSimple("keystore=", ".*", null, "SSL: full path to keystore", false); + final OptionSimple keyStorePw = new OptionSimple("keystore-password=", ".*", null, "SSL: keystore password", false); final OptionSimple protocol = new OptionSimple("ssl-protocol=", ".*", "TLS", "SSL: connection protocol to use", false); final OptionSimple alg = new OptionSimple("ssl-alg=", ".*", "SunX509", "SSL: algorithm", false); final OptionSimple storeType = new OptionSimple("store-type=", ".*", "JKS", "SSL: keystore format", false); @@ -124,7 +140,7 @@ public class SettingsTransport implements Serializable @Override public List<? extends Option> options() { - return Arrays.asList(factory, trustStore, trustStorePw, protocol, alg, storeType, ciphers); + return Arrays.asList(factory, trustStore, trustStorePw, keyStore, keyStorePw, protocol, alg, storeType, ciphers); } }
