This is an automated email from the ASF dual-hosted git repository.
meszibalu pushed a commit to branch branch-2.4
in repository https://gitbox.apache.org/repos/asf/hbase.git
The following commit(s) were added to refs/heads/branch-2.4 by this push:
new 2546823403e HBASE-28340 Add trust/key store type to ZK TLS settings
handled by HBase (branch-2.4) (#5684)
2546823403e is described below
commit 2546823403efa910b63a56de22f08b7e96a7078c
Author: Andor Molnár
AuthorDate: Tue Feb 20 13:02:10 2024 +0100
HBASE-28340 Add trust/key store type to ZK TLS settings handled by HBase
(branch-2.4) (#5684)
Signed-off-by: Balazs Meszaros
---
.../apache/hadoop/hbase/zookeeper/ZKConfig.java| 55 +-
.../hadoop/hbase/zookeeper/TestZKConfig.java | 25 +-
2 files changed, 45 insertions(+), 35 deletions(-)
diff --git
a/hbase-common/src/main/java/org/apache/hadoop/hbase/zookeeper/ZKConfig.java
b/hbase-common/src/main/java/org/apache/hadoop/hbase/zookeeper/ZKConfig.java
index b541de2042e..e1c52629383 100644
--- a/hbase-common/src/main/java/org/apache/hadoop/hbase/zookeeper/ZKConfig.java
+++ b/hbase-common/src/main/java/org/apache/hadoop/hbase/zookeeper/ZKConfig.java
@@ -20,14 +20,11 @@ package org.apache.hadoop.hbase.zookeeper;
import java.io.IOException;
import java.util.Map.Entry;
import java.util.Properties;
-import java.util.Set;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.HConstants;
import org.apache.hadoop.util.StringUtils;
import org.apache.yetus.audience.InterfaceAudience;
-import org.apache.hbase.thirdparty.com.google.common.collect.ImmutableSet;
-
/**
* Utility methods for reading, and building the ZooKeeper configuration. The
order and priority for
* reading the config are as follows: (1). Property with
"hbase.zookeeper.property." prefix from
@@ -39,12 +36,6 @@ public final class ZKConfig {
private static final String VARIABLE_START = "${";
private static final String ZOOKEEPER_JAVA_PROPERTY_PREFIX = "zookeeper.";
- /** Supported ZooKeeper client TLS properties */
- static final Set ZOOKEEPER_CLIENT_TLS_PROPERTIES =
-ImmutableSet.of("client.secure", "clientCnxnSocket",
"ssl.keyStore.location",
- "ssl.keyStore.password", "ssl.keyStore.passwordPath",
"ssl.trustStore.location",
- "ssl.trustStore.password", "ssl.trustStore.passwordPath");
-
private ZKConfig() {
}
@@ -59,16 +50,12 @@ public final class ZKConfig {
}
/**
- * Make a Properties object holding ZooKeeper config. Parses the
corresponding config options from
- * the HBase XML configs and generates the appropriate ZooKeeper properties.
- * @param conf Configuration to read from.
- * @return Properties holding mappings representing ZooKeeper config file.
+ * Directly map all the hbase.zookeeper.property.KEY properties. Synchronize
on conf so no loading
+ * of configs while we iterate
*/
- private static Properties makeZKPropsFromHbaseConfig(Configuration conf) {
+ private static Properties extractZKPropsFromHBaseConfig(final Configuration
conf) {
Properties zkProperties = new Properties();
-// Directly map all of the hbase.zookeeper.property.KEY properties.
-// Synchronize on conf so no loading of configs while we iterate
synchronized (conf) {
for (Entry entry : conf) {
String key = entry.getKey();
@@ -84,6 +71,18 @@ public final class ZKConfig {
}
}
+return zkProperties;
+ }
+
+ /**
+ * Make a Properties object holding ZooKeeper config. Parses the
corresponding config options from
+ * the HBase XML configs and generates the appropriate ZooKeeper properties.
+ * @param conf Configuration to read from.
+ * @return Properties holding mappings representing ZooKeeper config file.
+ */
+ private static Properties makeZKPropsFromHbaseConfig(Configuration conf) {
+Properties zkProperties = extractZKPropsFromHBaseConfig(conf);
+
// If clientPort is not set, assign the default.
if (zkProperties.getProperty(HConstants.CLIENT_PORT_STR) == null) {
zkProperties.put(HConstants.CLIENT_PORT_STR,
HConstants.DEFAULT_ZOOKEEPER_CLIENT_PORT);
@@ -317,24 +316,12 @@ public final class ZKConfig {
}
private static void setZooKeeperClientSystemProperties(String prefix,
Configuration conf) {
-synchronized (conf) {
- for (Entry entry : conf) {
-String key = entry.getKey();
-if (!key.startsWith(prefix)) {
- continue;
-}
-String zkKey = key.substring(prefix.length());
-if (!ZOOKEEPER_CLIENT_TLS_PROPERTIES.contains(zkKey)) {
- continue;
-}
-String value = entry.getValue();
-// If the value has variables substitutions, need to do a get.
-if (value.contains(VARIABLE_START)) {
- value = conf.get(key);
-}
-if (System.getProperty(ZOOKEEPER_JAVA_PROPERTY_PREFIX + zkKey) ==
null) {
-