Merge branch 'cassandra-1.1' into cassandra-1.2 Conflicts: CHANGES.txt NEWS.txt conf/cassandra.yaml src/java/org/apache/cassandra/config/DatabaseDescriptor.java
Project: http://git-wip-us.apache.org/repos/asf/cassandra/repo Commit: http://git-wip-us.apache.org/repos/asf/cassandra/commit/7039168e Tree: http://git-wip-us.apache.org/repos/asf/cassandra/tree/7039168e Diff: http://git-wip-us.apache.org/repos/asf/cassandra/diff/7039168e Branch: refs/heads/trunk Commit: 7039168e0a32dd14416c25fd11e64af999949123 Parents: 1533f12 4a010ed Author: Aleksey Yeschenko <alek...@apache.org> Authored: Fri Apr 5 19:36:41 2013 +0300 Committer: Aleksey Yeschenko <alek...@apache.org> Committed: Fri Apr 5 19:36:41 2013 +0300 ---------------------------------------------------------------------- CHANGES.txt | 1 + conf/cassandra.yaml | 5 +- .../auth/AllowAllInternodeAuthenticator.java | 36 ++++++++++++ .../cassandra/auth/IInternodeAuthenticator.java | 44 +++++++++++++++ src/java/org/apache/cassandra/config/Config.java | 1 + .../cassandra/config/DatabaseDescriptor.java | 13 ++++ .../org/apache/cassandra/net/MessagingService.java | 10 +++- 7 files changed, 108 insertions(+), 2 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cassandra/blob/7039168e/CHANGES.txt ---------------------------------------------------------------------- diff --cc CHANGES.txt index 8bcde57,fa407b5..12f38b6 --- a/CHANGES.txt +++ b/CHANGES.txt @@@ -1,66 -1,4 +1,67 @@@ -1.1.11 +1.2.4 + * Ensure that PerRowSecondaryIndex updates see the most recent values + (CASSANDRA-5397) + * avoid duplicate index entries ind PrecompactedRow and + ParallelCompactionIterable (CASSANDRA-5395) + * remove the index entry on oldColumn when new column is a tombstone + (CASSANDRA-5395) + * Change default stream throughput from 400 to 200 mbps (CASSANDRA-5036) + * Gossiper logs DOWN for symmetry with UP (CASSANDRA-5187) + * Fix mixing prepared statements between keyspaces (CASSANDRA-5352) + * Fix consistency level during bootstrap - strike 3 (CASSANDRA-5354) + * Fix transposed arguments in AlreadyExistsException (CASSANDRA-5362) + * Improve asynchronous hint delivery (CASSANDRA-5179) + * Fix Guava dependency version (12.0 -> 13.0.1) for Maven (CASSANDRA-5364) + * Validate that provided CQL3 collection value are < 64K (CASSANDRA-5355) + * Make upgradeSSTable skip current version sstables by default (CASSANDRA-5366) + * Optimize min/max timestamp collection (CASSANDRA-5373) + * Invalid streamId in cql binary protocol when using invalid CL + (CASSANDRA-5164) + * Fix validation for IN where clauses with collections (CASSANDRA-5376) + * Copy resultSet on count query to avoid ConcurrentModificationException + (CASSANDRA-5382) + * Correctly typecheck in CQL3 even with ReversedType (CASSANDRA-5386) + * Fix streaming compressed files when using encryption (CASSANDRA-5391) + * cassandra-all 1.2.0 pom missing netty dependency (CASSANDRA-5392) + * Fix writetime/ttl functions on null values (CASSANDRA-5341) + * Fix NPE during cql3 select with token() (CASSANDRA-5404) + * IndexHelper.skipBloomFilters won't skip non-SHA filters (CASSANDRA-5385) + * cqlsh: Print maps ordered by key, sort sets (CASSANDRA-5413) + * Add null syntax support in CQL3 for inserts (CASSANDRA-3783) + * Allow unauthenticated set_keyspace() calls (CASSANDRA-5423) + * Fix potential incremental backups race (CASSANDRA-5410) +Merged from 1.1: + * cli: Quote ks and cf names in schema output when needed (CASSANDRA-5052) + * Fix bad default for min/max timestamp in SSTableMetadata (CASSANDRA-5372) + * Fix cf name extraction from manifest in Directories.migrateFile() + (CASSANDRA-5242) ++ * Support pluggable internode authentication (CASSANDRA-5401) + + +1.2.3 + * add check for sstable overlap within a level on startup (CASSANDRA-5327) + * replace ipv6 colons in jmx object names (CASSANDRA-5298, 5328) + * Avoid allocating SSTableBoundedScanner during repair when the range does + not intersect the sstable (CASSANDRA-5249) + * Don't lowercase property map keys (this breaks NTS) (CASSANDRA-5292) + * Fix composite comparator with super columns (CASSANDRA-5287) + * Fix insufficient validation of UPDATE queries against counter cfs + (CASSANDRA-5300) + * Fix PropertyFileSnitch default DC/Rack behavior (CASSANDRA-5285) + * Handle null values when executing prepared statement (CASSANDRA-5081) + * Add netty to pom dependencies (CASSANDRA-5181) + * Include type arguments in Thrift CQLPreparedResult (CASSANDRA-5311) + * Fix compaction not removing columns when bf_fp_ratio is 1 (CASSANDRA-5182) + * cli: Warn about missing CQL3 tables in schema descriptions (CASSANDRA-5309) + * Re-enable unknown option in replication/compaction strategies option for + backward compatibility (CASSANDRA-4795) + * Add binary protocol support to stress (CASSANDRA-4993) + * cqlsh: Fix COPY FROM value quoting and null handling (CASSANDRA-5305) + * Fix repair -pr for vnodes (CASSANDRA-5329) + * Relax CL for auth queries for non-default users (CASSANDRA-5310) + * Fix AssertionError during repair (CASSANDRA-5245) + * Don't announce migrations to pre-1.2 nodes (CASSANDRA-5334) +Merged from 1.1: * Update offline scrub for 1.0 -> 1.1 directory structure (CASSANDRA-5195) * add tmp flag to Descriptor hashcode (CASSANDRA-4021) * fix logging of "Found table data in data directories" when only system tables http://git-wip-us.apache.org/repos/asf/cassandra/blob/7039168e/conf/cassandra.yaml ---------------------------------------------------------------------- diff --cc conf/cassandra.yaml index 2bf23a6,37f41fb..6eb0c6b --- a/conf/cassandra.yaml +++ b/conf/cassandra.yaml @@@ -321,25 -275,10 +321,28 @@@ listen_address: localhos # Leaving this blank will set it to the same value as listen_address # broadcast_address: 1.2.3.4 + # Internode authentication backend, implementing IInternodeAuthenticator; + # used to allow/disallow connections from peer nodes. + # internode_authenticator: org.apache.cassandra.auth.AllowAllInternodeAuthenticator +# Whether to start the native transport server. +# Currently, only the thrift server is started by default because the native +# transport is considered beta. +# Please note that the address on which the native transport is bound is the +# same as the rpc_address. The port however is different and specified below. +start_native_transport: false +# port for the CQL native transport to listen for clients on +native_transport_port: 9042 +# The minimum and maximum threads for handling requests when the native +# transport is used. The meaning is those is similar to the one of +# rpc_min_threads and rpc_max_threads, though the default differ slightly and +# are the ones below: +# native_transport_min_threads: 16 +# native_transport_max_threads: 128 + - +# Whether to start the thrift rpc server. +start_rpc: true ++ # The address to bind the Thrift RPC service to -- clients connect # here. Unlike ListenAddress above, you *can* specify 0.0.0.0 here if # you want Thrift to listen on all interfaces. http://git-wip-us.apache.org/repos/asf/cassandra/blob/7039168e/src/java/org/apache/cassandra/auth/AllowAllInternodeAuthenticator.java ---------------------------------------------------------------------- diff --cc src/java/org/apache/cassandra/auth/AllowAllInternodeAuthenticator.java index 0000000,910ed85..d0d2d74 mode 000000,100644..100644 --- a/src/java/org/apache/cassandra/auth/AllowAllInternodeAuthenticator.java +++ b/src/java/org/apache/cassandra/auth/AllowAllInternodeAuthenticator.java @@@ -1,0 -1,36 +1,36 @@@ + /* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + + package org.apache.cassandra.auth; + + import java.net.InetAddress; + -import org.apache.cassandra.config.ConfigurationException; ++import org.apache.cassandra.exceptions.ConfigurationException; + + public class AllowAllInternodeAuthenticator implements IInternodeAuthenticator + { + public boolean authenticate(InetAddress remoteAddress, int remotePort) + { + return true; + } + + public void validateConfiguration() throws ConfigurationException + { + } + } http://git-wip-us.apache.org/repos/asf/cassandra/blob/7039168e/src/java/org/apache/cassandra/auth/IInternodeAuthenticator.java ---------------------------------------------------------------------- diff --cc src/java/org/apache/cassandra/auth/IInternodeAuthenticator.java index 0000000,c306b78..8e09b90 mode 000000,100644..100644 --- a/src/java/org/apache/cassandra/auth/IInternodeAuthenticator.java +++ b/src/java/org/apache/cassandra/auth/IInternodeAuthenticator.java @@@ -1,0 -1,44 +1,44 @@@ + /* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + + package org.apache.cassandra.auth; + + import java.net.InetAddress; + -import org.apache.cassandra.config.ConfigurationException; ++import org.apache.cassandra.exceptions.ConfigurationException; + + public interface IInternodeAuthenticator + { + /** + * Decides whether or not a peer is allowed to connect to this node. + * If this method returns false, the socket will be immediately closed. + * + * @param remoteAddress ip address of the connecting node. + * @param remotePort port of the connecting node. + * @return true if the connection should be accepted, false otherwise. + */ + boolean authenticate(InetAddress remoteAddress, int remotePort); + + /** + * Validates configuration of IInternodeAuthenticator implementation (if configurable). + * + * @throws ConfigurationException when there is a configuration error. + */ + void validateConfiguration() throws ConfigurationException; + } http://git-wip-us.apache.org/repos/asf/cassandra/blob/7039168e/src/java/org/apache/cassandra/config/Config.java ---------------------------------------------------------------------- diff --cc src/java/org/apache/cassandra/config/Config.java index 34b26f5,a08a694..ad99809 --- a/src/java/org/apache/cassandra/config/Config.java +++ b/src/java/org/apache/cassandra/config/Config.java @@@ -78,8 -66,8 +78,9 @@@ public class Confi public Integer ssl_storage_port = 7001; public String listen_address; public String broadcast_address; + public String internode_authenticator; + public Boolean start_rpc = true; public String rpc_address; public Integer rpc_port = 9160; public String rpc_server_type = "sync"; http://git-wip-us.apache.org/repos/asf/cassandra/blob/7039168e/src/java/org/apache/cassandra/config/DatabaseDescriptor.java ---------------------------------------------------------------------- diff --cc src/java/org/apache/cassandra/config/DatabaseDescriptor.java index ead60a0,0c460dc..a57ce9b --- a/src/java/org/apache/cassandra/config/DatabaseDescriptor.java +++ b/src/java/org/apache/cassandra/config/DatabaseDescriptor.java @@@ -67,10 -63,10 +67,11 @@@ public class DatabaseDescripto private static InetAddress broadcastAddress; private static InetAddress rpcAddress; private static SeedProvider seedProvider; + private static IInternodeAuthenticator internodeAuthenticator; /* Hashing strategy Random or OPHF */ - private static IPartitioner partitioner; + private static IPartitioner<?> partitioner; + private static String paritionerName; private static Config.DiskAccessMode indexAccessMode; @@@ -202,25 -195,22 +203,31 @@@ logger.info("DiskAccessMode is " + conf.disk_access_mode + ", indexAccessMode is " + indexAccessMode ); } - logger.debug("page_cache_hinting is " + conf.populate_io_cache_on_flush); + logger.info("disk_failure_policy is " + conf.disk_failure_policy); - /* Authentication and authorization backend, implementing IAuthenticator and IAuthority */ + /* Authentication and authorization backend, implementing IAuthenticator and IAuthorizer */ if (conf.authenticator != null) - authenticator = FBUtilities.<IAuthenticator>construct(conf.authenticator, "authenticator"); + authenticator = FBUtilities.construct(conf.authenticator, "authenticator"); + if (conf.authority != null) - authority = FBUtilities.<IAuthority>construct(conf.authority, "authority"); + { + logger.warn("Please rename 'authority' to 'authorizer' in cassandra.yaml"); + if (!conf.authority.equals("org.apache.cassandra.auth.AllowAllAuthority")) + throw new ConfigurationException("IAuthority interface has been deprecated," + + " please implement IAuthorizer instead."); + } + + if (conf.authorizer != null) + authorizer = FBUtilities.construct(conf.authorizer, "authorizer"); + if (conf.internode_authenticator != null) + internodeAuthenticator = FBUtilities.construct(conf.internode_authenticator, "internode_authenticator"); + else + internodeAuthenticator = new AllowAllInternodeAuthenticator(); + authenticator.validateConfiguration(); - authority.validateConfiguration(); + authorizer.validateConfiguration(); + internodeAuthenticator.validateConfiguration(); /* Hashing strategy */ if (conf.partitioner == null) http://git-wip-us.apache.org/repos/asf/cassandra/blob/7039168e/src/java/org/apache/cassandra/net/MessagingService.java ----------------------------------------------------------------------