Author: xedin
Date: Mon Dec 5 20:28:37 2011
New Revision: 1210611
URL: http://svn.apache.org/viewvc?rev=1210611&view=rev
Log:
merge from 1.0
Modified:
cassandra/trunk/ (props changed)
cassandra/trunk/CHANGES.txt
cassandra/trunk/bin/cqlsh
cassandra/trunk/conf/cassandra.yaml
cassandra/trunk/contrib/ (props changed)
cassandra/trunk/interface/thrift/gen-java/org/apache/cassandra/thrift/Cassandra.java
(props changed)
cassandra/trunk/interface/thrift/gen-java/org/apache/cassandra/thrift/Column.java
(props changed)
cassandra/trunk/interface/thrift/gen-java/org/apache/cassandra/thrift/InvalidRequestException.java
(props changed)
cassandra/trunk/interface/thrift/gen-java/org/apache/cassandra/thrift/NotFoundException.java
(props changed)
cassandra/trunk/interface/thrift/gen-java/org/apache/cassandra/thrift/SuperColumn.java
(props changed)
cassandra/trunk/src/java/org/apache/cassandra/config/EncryptionOptions.java
cassandra/trunk/src/java/org/apache/cassandra/security/SSLFactory.java
Propchange: cassandra/trunk/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Mon Dec 5 20:28:37 2011
@@ -4,7 +4,7 @@
/cassandra/branches/cassandra-0.8:1090934-1125013,1125019-1198724,1198726-1205453,1206184,1206235,1206257,1207262
/cassandra/branches/cassandra-0.8.0:1125021-1130369
/cassandra/branches/cassandra-0.8.1:1101014-1125018
-/cassandra/branches/cassandra-1.0:1167085-1206088,1206095,1206099,1206108,1206131,1207427,1207432,1207436,1207810,1207969,1208000,1209390,1209397,1209399
+/cassandra/branches/cassandra-1.0:1167085-1207969,1208000,1209390,1209397,1209399
/cassandra/branches/cassandra-1.0.0:1167104-1167229,1167232-1181093,1181741,1181816,1181820,1182951,1183243
/cassandra/tags/cassandra-0.7.0-rc3:1051699-1053689
/cassandra/tags/cassandra-0.8.0-rc1:1102511-1125020
Modified: cassandra/trunk/CHANGES.txt
URL:
http://svn.apache.org/viewvc/cassandra/trunk/CHANGES.txt?rev=1210611&r1=1210610&r2=1210611&view=diff
==============================================================================
--- cassandra/trunk/CHANGES.txt (original)
+++ cassandra/trunk/CHANGES.txt Mon Dec 5 20:28:37 2011
@@ -44,7 +44,6 @@ Merged from 0.8:
* add command to stop compactions (CASSANDRA-1740)
* fix assertion error when forwarding to local nodes (CASSANDRA-3539)
-
1.0.4
* fix self-hinting of timed out read repair updates and make hinted handoff
less prone to OOMing a coordinator (CASSANDRA-3440)
Modified: cassandra/trunk/bin/cqlsh
URL:
http://svn.apache.org/viewvc/cassandra/trunk/bin/cqlsh?rev=1210611&r1=1210610&r2=1210611&view=diff
==============================================================================
--- cassandra/trunk/bin/cqlsh (original)
+++ cassandra/trunk/bin/cqlsh Mon Dec 5 20:28:37 2011
@@ -183,7 +183,9 @@ def complete_assume_col(ctxt, cqlsh):
ks = cql_dequote(ks) if ks is not None else None
cf = cql_dequote(ctxt.get_binding('cf'))
cfdef = cqlsh.get_columnfamily(cf, ksname=ks)
- return map(maybe_cql_escape, [cm.name for cm in cfdef.column_metadata])
+ cols = [cm.name for cm in cfdef.column_metadata]
+ cols.append(cfdef.key_alias or 'KEY')
+ return map(maybe_cql_escape, cols)
class NoKeyspaceError(Exception):
pass
@@ -466,8 +468,11 @@ class Shell(cmd.Cmd):
HELP SELECT_LIMIT
HELP CONSISTENCYLEVEL
"""
+ ksname = parsed.get_binding('selectks')
+ if ksname is not None:
+ ksname = cql_dequote(ksname)
cfname = cql_dequote(parsed.get_binding('selectsource'))
- decoder = self.determine_decoder_for(cfname)
+ decoder = self.determine_decoder_for(cfname, ksname=ksname)
self.perform_statement_as_tokens(parsed.matched, decoder=decoder)
def perform_statement_as_tokens(self, tokens, decoder=None):
@@ -501,8 +506,10 @@ class Shell(cmd.Cmd):
self.print_result()
return True
- def determine_decoder_for(self, cfname):
- schema = self.schema_overrides.get((self.current_keyspace, cfname),
None)
+ def determine_decoder_for(self, cfname, ksname=None):
+ if ksname is None:
+ ksname = self.current_keyspace
+ schema = self.schema_overrides.get((ksname, cfname), None)
if schema:
def use_my_schema_decoder(real_schema):
return cql.decoders.SchemaDecoder(schema.join(real_schema))
Modified: cassandra/trunk/conf/cassandra.yaml
URL:
http://svn.apache.org/viewvc/cassandra/trunk/conf/cassandra.yaml?rev=1210611&r1=1210610&r2=1210611&view=diff
==============================================================================
--- cassandra/trunk/conf/cassandra.yaml (original)
+++ cassandra/trunk/conf/cassandra.yaml Mon Dec 5 20:28:37 2011
@@ -415,9 +415,15 @@ index_interval: 128
# The passwords used in these options must match the passwords used when
generating
# the keystore and truststore. For instructions on generating these files,
see:
#
http://download.oracle.com/javase/6/docs/technotes/guides/security/jsse/JSSERefGuide.html#CreateKeystore
+#
encryption_options:
internode_encryption: none
keystore: conf/.keystore
keystore_password: cassandra
truststore: conf/.truststore
truststore_password: cassandra
+ # More advanced defaults below:
+ # protocol: TLS
+ # algorithm: SunX509
+ # store_type: JKS
+ # cipher_suites:
[TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA]
Propchange: cassandra/trunk/contrib/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Mon Dec 5 20:28:37 2011
@@ -4,7 +4,7 @@
/cassandra/branches/cassandra-0.8/contrib:1090934-1125013,1125019-1198724,1198726-1205453,1206184,1206235,1206257,1207262
/cassandra/branches/cassandra-0.8.0/contrib:1125021-1130369
/cassandra/branches/cassandra-0.8.1/contrib:1101014-1125018
-/cassandra/branches/cassandra-1.0/contrib:1167085-1206088,1206095,1206099,1206108,1206131,1207427,1207432,1207436,1207810,1207969,1208000,1209390,1209397,1209399
+/cassandra/branches/cassandra-1.0/contrib:1167085-1207969,1208000,1209390,1209397,1209399
/cassandra/branches/cassandra-1.0.0/contrib:1167104-1167229,1167232-1181093,1181741,1181816,1181820,1182951,1183243
/cassandra/tags/cassandra-0.7.0-rc3/contrib:1051699-1053689
/cassandra/tags/cassandra-0.8.0-rc1/contrib:1102511-1125020
Propchange:
cassandra/trunk/interface/thrift/gen-java/org/apache/cassandra/thrift/Cassandra.java
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Mon Dec 5 20:28:37 2011
@@ -4,7 +4,7 @@
/cassandra/branches/cassandra-0.8/interface/thrift/gen-java/org/apache/cassandra/thrift/Cassandra.java:1090934-1125013,1125019-1198724,1198726-1205453,1206184,1206235,1206257,1207262
/cassandra/branches/cassandra-0.8.0/interface/thrift/gen-java/org/apache/cassandra/thrift/Cassandra.java:1125021-1130369
/cassandra/branches/cassandra-0.8.1/interface/thrift/gen-java/org/apache/cassandra/thrift/Cassandra.java:1101014-1125018
-/cassandra/branches/cassandra-1.0/interface/thrift/gen-java/org/apache/cassandra/thrift/Cassandra.java:1167085-1206088,1206095,1206099,1206108,1206131,1207427,1207432,1207436,1207810,1207969,1208000,1209390,1209397,1209399
+/cassandra/branches/cassandra-1.0/interface/thrift/gen-java/org/apache/cassandra/thrift/Cassandra.java:1167085-1207969,1208000,1209390,1209397,1209399
/cassandra/branches/cassandra-1.0.0/interface/thrift/gen-java/org/apache/cassandra/thrift/Cassandra.java:1167104-1167229,1167232-1181093,1181741,1181816,1181820,1182951,1183243
/cassandra/tags/cassandra-0.7.0-rc3/interface/thrift/gen-java/org/apache/cassandra/thrift/Cassandra.java:1051699-1053689
/cassandra/tags/cassandra-0.8.0-rc1/interface/thrift/gen-java/org/apache/cassandra/thrift/Cassandra.java:1102511-1125020
Propchange:
cassandra/trunk/interface/thrift/gen-java/org/apache/cassandra/thrift/Column.java
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Mon Dec 5 20:28:37 2011
@@ -4,7 +4,7 @@
/cassandra/branches/cassandra-0.8/interface/thrift/gen-java/org/apache/cassandra/thrift/Column.java:1090934-1125013,1125019-1198724,1198726-1205453,1206184,1206235,1206257,1207262
/cassandra/branches/cassandra-0.8.0/interface/thrift/gen-java/org/apache/cassandra/thrift/Column.java:1125021-1130369
/cassandra/branches/cassandra-0.8.1/interface/thrift/gen-java/org/apache/cassandra/thrift/Column.java:1101014-1125018
-/cassandra/branches/cassandra-1.0/interface/thrift/gen-java/org/apache/cassandra/thrift/Column.java:1167085-1206088,1206095,1206099,1206108,1206131,1207427,1207432,1207436,1207810,1207969,1208000,1209390,1209397,1209399
+/cassandra/branches/cassandra-1.0/interface/thrift/gen-java/org/apache/cassandra/thrift/Column.java:1167085-1207969,1208000,1209390,1209397,1209399
/cassandra/branches/cassandra-1.0.0/interface/thrift/gen-java/org/apache/cassandra/thrift/Column.java:1167104-1167229,1167232-1181093,1181741,1181816,1181820,1182951,1183243
/cassandra/tags/cassandra-0.7.0-rc3/interface/thrift/gen-java/org/apache/cassandra/thrift/Column.java:1051699-1053689
/cassandra/tags/cassandra-0.8.0-rc1/interface/thrift/gen-java/org/apache/cassandra/thrift/Column.java:1102511-1125020
Propchange:
cassandra/trunk/interface/thrift/gen-java/org/apache/cassandra/thrift/InvalidRequestException.java
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Mon Dec 5 20:28:37 2011
@@ -4,7 +4,7 @@
/cassandra/branches/cassandra-0.8/interface/thrift/gen-java/org/apache/cassandra/thrift/InvalidRequestException.java:1090934-1125013,1125019-1198724,1198726-1205453,1206184,1206235,1206257,1207262
/cassandra/branches/cassandra-0.8.0/interface/thrift/gen-java/org/apache/cassandra/thrift/InvalidRequestException.java:1125021-1130369
/cassandra/branches/cassandra-0.8.1/interface/thrift/gen-java/org/apache/cassandra/thrift/InvalidRequestException.java:1101014-1125018
-/cassandra/branches/cassandra-1.0/interface/thrift/gen-java/org/apache/cassandra/thrift/InvalidRequestException.java:1167085-1206088,1206095,1206099,1206108,1206131,1207427,1207432,1207436,1207810,1207969,1208000,1209390,1209397,1209399
+/cassandra/branches/cassandra-1.0/interface/thrift/gen-java/org/apache/cassandra/thrift/InvalidRequestException.java:1167085-1207969,1208000,1209390,1209397,1209399
/cassandra/branches/cassandra-1.0.0/interface/thrift/gen-java/org/apache/cassandra/thrift/InvalidRequestException.java:1167104-1167229,1167232-1181093,1181741,1181816,1181820,1182951,1183243
/cassandra/tags/cassandra-0.7.0-rc3/interface/thrift/gen-java/org/apache/cassandra/thrift/InvalidRequestException.java:1051699-1053689
/cassandra/tags/cassandra-0.8.0-rc1/interface/thrift/gen-java/org/apache/cassandra/thrift/InvalidRequestException.java:1102511-1125020
Propchange:
cassandra/trunk/interface/thrift/gen-java/org/apache/cassandra/thrift/NotFoundException.java
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Mon Dec 5 20:28:37 2011
@@ -4,7 +4,7 @@
/cassandra/branches/cassandra-0.8/interface/thrift/gen-java/org/apache/cassandra/thrift/NotFoundException.java:1090934-1125013,1125019-1198724,1198726-1205453,1206184,1206235,1206257,1207262
/cassandra/branches/cassandra-0.8.0/interface/thrift/gen-java/org/apache/cassandra/thrift/NotFoundException.java:1125021-1130369
/cassandra/branches/cassandra-0.8.1/interface/thrift/gen-java/org/apache/cassandra/thrift/NotFoundException.java:1101014-1125018
-/cassandra/branches/cassandra-1.0/interface/thrift/gen-java/org/apache/cassandra/thrift/NotFoundException.java:1167085-1206088,1206095,1206099,1206108,1206131,1207427,1207432,1207436,1207810,1207969,1208000,1209390,1209397,1209399
+/cassandra/branches/cassandra-1.0/interface/thrift/gen-java/org/apache/cassandra/thrift/NotFoundException.java:1167085-1207969,1208000,1209390,1209397,1209399
/cassandra/branches/cassandra-1.0.0/interface/thrift/gen-java/org/apache/cassandra/thrift/NotFoundException.java:1167104-1167229,1167232-1181093,1181741,1181816,1181820,1182951,1183243
/cassandra/tags/cassandra-0.7.0-rc3/interface/thrift/gen-java/org/apache/cassandra/thrift/NotFoundException.java:1051699-1053689
/cassandra/tags/cassandra-0.8.0-rc1/interface/thrift/gen-java/org/apache/cassandra/thrift/NotFoundException.java:1102511-1125020
Propchange:
cassandra/trunk/interface/thrift/gen-java/org/apache/cassandra/thrift/SuperColumn.java
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Mon Dec 5 20:28:37 2011
@@ -4,7 +4,7 @@
/cassandra/branches/cassandra-0.8/interface/thrift/gen-java/org/apache/cassandra/thrift/SuperColumn.java:1090934-1125013,1125019-1198724,1198726-1205453,1206184,1206235,1206257,1207262
/cassandra/branches/cassandra-0.8.0/interface/thrift/gen-java/org/apache/cassandra/thrift/SuperColumn.java:1125021-1130369
/cassandra/branches/cassandra-0.8.1/interface/thrift/gen-java/org/apache/cassandra/thrift/SuperColumn.java:1101014-1125018
-/cassandra/branches/cassandra-1.0/interface/thrift/gen-java/org/apache/cassandra/thrift/SuperColumn.java:1167085-1206088,1206095,1206099,1206108,1206131,1207427,1207432,1207436,1207810,1207969,1208000,1209390,1209397,1209399
+/cassandra/branches/cassandra-1.0/interface/thrift/gen-java/org/apache/cassandra/thrift/SuperColumn.java:1167085-1207969,1208000,1209390,1209397,1209399
/cassandra/branches/cassandra-1.0.0/interface/thrift/gen-java/org/apache/cassandra/thrift/SuperColumn.java:1167104-1167229,1167232-1181093,1181741,1181816,1181820,1182951,1183243
/cassandra/tags/cassandra-0.7.0-rc3/interface/thrift/gen-java/org/apache/cassandra/thrift/SuperColumn.java:1051699-1053689
/cassandra/tags/cassandra-0.8.0-rc1/interface/thrift/gen-java/org/apache/cassandra/thrift/SuperColumn.java:1102511-1125020
Modified:
cassandra/trunk/src/java/org/apache/cassandra/config/EncryptionOptions.java
URL:
http://svn.apache.org/viewvc/cassandra/trunk/src/java/org/apache/cassandra/config/EncryptionOptions.java?rev=1210611&r1=1210610&r2=1210611&view=diff
==============================================================================
--- cassandra/trunk/src/java/org/apache/cassandra/config/EncryptionOptions.java
(original)
+++ cassandra/trunk/src/java/org/apache/cassandra/config/EncryptionOptions.java
Mon Dec 5 20:28:37 2011
@@ -28,7 +28,11 @@ public class EncryptionOptions
public String keystore_password = "cassandra";
public String truststore = "conf/.truststore";
public String truststore_password = "cassandra";
- public String[] cipherSuites = {"TLS_RSA_WITH_AES_128_CBC_SHA",
"TLS_RSA_WITH_AES_256_CBC_SHA"};
+ public String[] cipher_suites = {"TLS_RSA_WITH_AES_128_CBC_SHA",
"TLS_RSA_WITH_AES_256_CBC_SHA"};
+ public String protocol = "TLS";
+ public String algorithm = "SunX509";
+ public String store_type = "JKS";
+
public static enum InternodeEncryption
{
Modified: cassandra/trunk/src/java/org/apache/cassandra/security/SSLFactory.java
URL:
http://svn.apache.org/viewvc/cassandra/trunk/src/java/org/apache/cassandra/security/SSLFactory.java?rev=1210611&r1=1210610&r2=1210611&view=diff
==============================================================================
--- cassandra/trunk/src/java/org/apache/cassandra/security/SSLFactory.java
(original)
+++ cassandra/trunk/src/java/org/apache/cassandra/security/SSLFactory.java Mon
Dec 5 20:28:37 2011
@@ -26,6 +26,7 @@ import java.io.IOException;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.security.KeyStore;
+import java.util.Set;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
@@ -35,6 +36,11 @@ import javax.net.ssl.TrustManagerFactory
import org.apache.cassandra.config.EncryptionOptions;
import org.apache.cassandra.io.util.FileUtils;
+import org.apache.commons.lang.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import com.google.common.collect.Sets;
/**
* A Factory for providing and setting up Client and Server SSL wrapped
@@ -42,16 +48,15 @@ import org.apache.cassandra.io.util.File
*/
public final class SSLFactory
{
- private static final String PROTOCOL = "TLS";
- private static final String ALGORITHM = "SunX509";
- private static final String STORE_TYPE = "JKS";
+ private static final Logger logger_ =
LoggerFactory.getLogger(SSLFactory.class);
public static SSLServerSocket getServerSocket(EncryptionOptions options,
InetAddress address, int port) throws IOException
{
SSLContext ctx = createSSLContext(options);
SSLServerSocket serverSocket =
(SSLServerSocket)ctx.getServerSocketFactory().createServerSocket();
serverSocket.setReuseAddress(true);
- serverSocket.setEnabledCipherSuites(options.cipherSuites);
+ String[] suits =
filterCipherSuites(serverSocket.getSupportedCipherSuites(),
options.cipher_suites);
+ serverSocket.setEnabledCipherSuites(suits);
serverSocket.bind(new InetSocketAddress(address, port), 100);
return serverSocket;
}
@@ -61,7 +66,8 @@ public final class SSLFactory
{
SSLContext ctx = createSSLContext(options);
SSLSocket socket = (SSLSocket)
ctx.getSocketFactory().createSocket(address, port, localAddress, localPort);
- socket.setEnabledCipherSuites(options.cipherSuites);
+ String[] suits = filterCipherSuites(socket.getSupportedCipherSuites(),
options.cipher_suites);
+ socket.setEnabledCipherSuites(suits);
return socket;
}
@@ -70,7 +76,8 @@ public final class SSLFactory
{
SSLContext ctx = createSSLContext(options);
SSLSocket socket = (SSLSocket) ctx.getSocketFactory().createSocket();
- socket.setEnabledCipherSuites(options.cipherSuites);
+ String[] suits = filterCipherSuites(socket.getSupportedCipherSuites(),
options.cipher_suites);
+ socket.setEnabledCipherSuites(suits);
return socket;
}
@@ -81,17 +88,17 @@ public final class SSLFactory
SSLContext ctx;
try
{
- ctx = SSLContext.getInstance(PROTOCOL);
+ ctx = SSLContext.getInstance(options.protocol);
TrustManagerFactory tmf;
KeyManagerFactory kmf;
- tmf = TrustManagerFactory.getInstance(ALGORITHM);
- KeyStore ts = KeyStore.getInstance(STORE_TYPE);
+ tmf = TrustManagerFactory.getInstance(options.algorithm);
+ KeyStore ts = KeyStore.getInstance(options.store_type);
ts.load(tsf, options.truststore_password.toCharArray());
tmf.init(ts);
- kmf = KeyManagerFactory.getInstance(ALGORITHM);
- KeyStore ks = KeyStore.getInstance(STORE_TYPE);
+ kmf = KeyManagerFactory.getInstance(options.algorithm);
+ KeyStore ks = KeyStore.getInstance(options.store_type);
ks.load(ksf, options.keystore_password.toCharArray());
kmf.init(ks, options.keystore_password.toCharArray());
@@ -109,4 +116,13 @@ public final class SSLFactory
}
return ctx;
}
+
+ private static String[] filterCipherSuites(String[] supported, String[]
desired)
+ {
+ Set<String> des = Sets.newHashSet(desired);
+ Set<String> return_ = Sets.intersection(Sets.newHashSet(supported),
des);
+ if (des.size() > return_.size())
+ logger_.warn("Filtering out {} as it isnt supported by the
socket", StringUtils.join(Sets.difference(des, return_), ","));
+ return return_.toArray(new String[return_.size()]);
+ }
}
