Repository: hadoop Updated Branches: refs/heads/branch-2 afaadd653 -> 7d63b4f27
HADOOP-11133. Should trim the content of keystore password file for JavaKeyStoreProvider (Yi Liu via umamahesh) (cherry picked from commit 8d7c54967d5a08cdff75a782998ee89e7537b5c4) Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/7d63b4f2 Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/7d63b4f2 Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/7d63b4f2 Branch: refs/heads/branch-2 Commit: 7d63b4f2736c7f67aaebd8a752d21c7dc2009a03 Parents: afaadd6 Author: Uma Maheswara Rao G <umamah...@apache.org> Authored: Thu Oct 9 20:06:41 2014 +0530 Committer: Uma Maheswara Rao G <umamah...@apache.org> Committed: Thu Oct 9 20:20:27 2014 +0530 ---------------------------------------------------------------------- hadoop-common-project/hadoop-common/CHANGES.txt | 3 +++ .../hadoop/crypto/key/JavaKeyStoreProvider.java | 2 +- .../security/alias/JavaKeyStoreProvider.java | 2 +- .../crypto/key/TestKeyProviderFactory.java | 23 ++++++++++---------- .../resources/javakeystoreprovider.password | 2 +- 5 files changed, 18 insertions(+), 14 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/hadoop/blob/7d63b4f2/hadoop-common-project/hadoop-common/CHANGES.txt ---------------------------------------------------------------------- diff --git a/hadoop-common-project/hadoop-common/CHANGES.txt b/hadoop-common-project/hadoop-common/CHANGES.txt index 819df99..4eadd7f 100644 --- a/hadoop-common-project/hadoop-common/CHANGES.txt +++ b/hadoop-common-project/hadoop-common/CHANGES.txt @@ -473,6 +473,9 @@ Release 2.6.0 - UNRELEASED HADOOP-11161. Expose close method in KeyProvider to give clients of Provider implementations a hook to release resources. (Arun Suresh via atm) + HADOOP-11133. Should trim the content of keystore password file for JavaKeyStoreProvider + (Yi Liu via umamahesh) + BREAKDOWN OF HDFS-6134 AND HADOOP-10150 SUBTASKS AND RELATED JIRAS HADOOP-10734. Implement high-performance secure random number sources. http://git-wip-us.apache.org/repos/asf/hadoop/blob/7d63b4f2/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/JavaKeyStoreProvider.java ---------------------------------------------------------------------- diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/JavaKeyStoreProvider.java b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/JavaKeyStoreProvider.java index 5cc136c..ac18e16 100644 --- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/JavaKeyStoreProvider.java +++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/JavaKeyStoreProvider.java @@ -146,7 +146,7 @@ public class JavaKeyStoreProvider extends KeyProvider { if (pwdFile != null) { InputStream is = pwdFile.openStream(); try { - password = IOUtils.toCharArray(is); + password = IOUtils.toString(is).trim().toCharArray(); } finally { is.close(); } http://git-wip-us.apache.org/repos/asf/hadoop/blob/7d63b4f2/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/alias/JavaKeyStoreProvider.java ---------------------------------------------------------------------- diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/alias/JavaKeyStoreProvider.java b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/alias/JavaKeyStoreProvider.java index e9269e6..5dc2abf 100644 --- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/alias/JavaKeyStoreProvider.java +++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/alias/JavaKeyStoreProvider.java @@ -99,7 +99,7 @@ public class JavaKeyStoreProvider extends CredentialProvider { if (pwdFile != null) { InputStream is = pwdFile.openStream(); try { - password = IOUtils.toCharArray(is); + password = IOUtils.toString(is).trim().toCharArray(); } finally { is.close(); } http://git-wip-us.apache.org/repos/asf/hadoop/blob/7d63b4f2/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/crypto/key/TestKeyProviderFactory.java ---------------------------------------------------------------------- diff --git a/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/crypto/key/TestKeyProviderFactory.java b/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/crypto/key/TestKeyProviderFactory.java index 7bb12d0..ec1fc59 100644 --- a/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/crypto/key/TestKeyProviderFactory.java +++ b/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/crypto/key/TestKeyProviderFactory.java @@ -21,12 +21,12 @@ import java.io.File; import java.io.IOException; import java.net.URI; import java.util.List; -import java.util.UUID; import org.apache.hadoop.conf.Configuration; import org.apache.hadoop.crypto.key.KeyProvider.KeyVersion; import org.apache.hadoop.fs.FileStatus; import org.apache.hadoop.fs.FileSystem; +import org.apache.hadoop.fs.FileSystemTestHelper; import org.apache.hadoop.fs.Path; import org.apache.hadoop.fs.permission.FsPermission; import org.apache.hadoop.io.Text; @@ -44,20 +44,21 @@ import static org.junit.Assert.assertNotNull; public class TestKeyProviderFactory { - private static File tmpDir; + private FileSystemTestHelper fsHelper; + private File testRootDir; @Before public void setup() { - tmpDir = new File(System.getProperty("test.build.data", "target"), - UUID.randomUUID().toString()); - tmpDir.mkdirs(); + fsHelper = new FileSystemTestHelper(); + String testRoot = fsHelper.getTestRootDir(); + testRootDir = new File(testRoot).getAbsoluteFile(); } @Test public void testFactory() throws Exception { Configuration conf = new Configuration(); final String userUri = UserProvider.SCHEME_NAME + ":///"; - final Path jksPath = new Path(tmpDir.toString(), "test.jks"); + final Path jksPath = new Path(testRootDir.toString(), "test.jks"); final String jksUri = JavaKeyStoreProvider.SCHEME_NAME + "://file" + jksPath.toUri().toString(); conf.set(KeyProviderFactory.KEY_PROVIDER_PATH, @@ -209,11 +210,11 @@ public class TestKeyProviderFactory { @Test public void testJksProvider() throws Exception { Configuration conf = new Configuration(); - final Path jksPath = new Path(tmpDir.toString(), "test.jks"); + final Path jksPath = new Path(testRootDir.toString(), "test.jks"); final String ourUrl = JavaKeyStoreProvider.SCHEME_NAME + "://file" + jksPath.toUri(); - File file = new File(tmpDir, "test.jks"); + File file = new File(testRootDir, "test.jks"); file.delete(); conf.set(KeyProviderFactory.KEY_PROVIDER_PATH, ourUrl); checkSpecificProvider(conf, ourUrl); @@ -364,10 +365,10 @@ public class TestKeyProviderFactory { @Test public void testJksProviderPasswordViaConfig() throws Exception { Configuration conf = new Configuration(); - final Path jksPath = new Path(tmpDir.toString(), "test.jks"); + final Path jksPath = new Path(testRootDir.toString(), "test.jks"); final String ourUrl = JavaKeyStoreProvider.SCHEME_NAME + "://file" + jksPath.toUri(); - File file = new File(tmpDir, "test.jks"); + File file = new File(testRootDir, "test.jks"); file.delete(); try { conf.set(KeyProviderFactory.KEY_PROVIDER_PATH, ourUrl); @@ -408,7 +409,7 @@ public class TestKeyProviderFactory { @Test public void testGetProviderViaURI() throws Exception { Configuration conf = new Configuration(false); - final Path jksPath = new Path(tmpDir.toString(), "test.jks"); + final Path jksPath = new Path(testRootDir.toString(), "test.jks"); URI uri = new URI(JavaKeyStoreProvider.SCHEME_NAME + "://file" + jksPath.toUri()); KeyProvider kp = KeyProviderFactory.get(uri, conf); Assert.assertNotNull(kp); http://git-wip-us.apache.org/repos/asf/hadoop/blob/7d63b4f2/hadoop-common-project/hadoop-common/src/test/resources/javakeystoreprovider.password ---------------------------------------------------------------------- diff --git a/hadoop-common-project/hadoop-common/src/test/resources/javakeystoreprovider.password b/hadoop-common-project/hadoop-common/src/test/resources/javakeystoreprovider.password index 1910281..97b5955 100644 --- a/hadoop-common-project/hadoop-common/src/test/resources/javakeystoreprovider.password +++ b/hadoop-common-project/hadoop-common/src/test/resources/javakeystoreprovider.password @@ -1 +1 @@ -foo \ No newline at end of file +12345678