This is an automated email from the ASF dual-hosted git repository.
dcapwell pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/cassandra.git
The following commit(s) were added to refs/heads/trunk by this push:
new 67f0c34 SSTableLoader will fail if encryption parameters are used due
to CASSANDRA-16144
67f0c34 is described below
commit 67f0c3491a4a1966603ace4fe110b7cfc5b64e9c
Author: Alexander Dejanovski <[email protected]>
AuthorDate: Tue Nov 17 10:18:22 2020 -0800
SSTableLoader will fail if encryption parameters are used due to
CASSANDRA-16144
patch by Alexander Dejanovski; reviewed by David Capwell, Jon Meredith for
CASSANDRA-16280
---
.../org/apache/cassandra/tools/LoaderOptions.java | 8 --------
.../apache/cassandra/tools/LoaderOptionsTest.java | 23 +++++++++++++++++++++-
2 files changed, 22 insertions(+), 9 deletions(-)
diff --git a/src/java/org/apache/cassandra/tools/LoaderOptions.java
b/src/java/org/apache/cassandra/tools/LoaderOptions.java
index 070ffa8..ca1bd40 100644
--- a/src/java/org/apache/cassandra/tools/LoaderOptions.java
+++ b/src/java/org/apache/cassandra/tools/LoaderOptions.java
@@ -475,13 +475,11 @@ public class LoaderOptions
if (cmd.hasOption(SSL_TRUSTSTORE))
{
clientEncOptions =
clientEncOptions.withTrustStore(cmd.getOptionValue(SSL_TRUSTSTORE));
- clientEncOptions.applyConfig();
}
if (cmd.hasOption(SSL_TRUSTSTORE_PW))
{
clientEncOptions =
clientEncOptions.withTrustStorePassword(cmd.getOptionValue(SSL_TRUSTSTORE_PW));
- clientEncOptions.applyConfig();
}
if (cmd.hasOption(SSL_KEYSTORE))
@@ -489,37 +487,31 @@ public class LoaderOptions
// if a keystore was provided, lets assume we'll need to
use
clientEncOptions =
clientEncOptions.withKeyStore(cmd.getOptionValue(SSL_KEYSTORE))
.withRequireClientAuth(true);
- clientEncOptions.applyConfig();
}
if (cmd.hasOption(SSL_KEYSTORE_PW))
{
clientEncOptions =
clientEncOptions.withKeyStorePassword(cmd.getOptionValue(SSL_KEYSTORE_PW));
- clientEncOptions.applyConfig();
}
if (cmd.hasOption(SSL_PROTOCOL))
{
clientEncOptions =
clientEncOptions.withProtocol(cmd.getOptionValue(SSL_PROTOCOL));
- clientEncOptions.applyConfig();
}
if (cmd.hasOption(SSL_ALGORITHM))
{
clientEncOptions =
clientEncOptions.withAlgorithm(cmd.getOptionValue(SSL_ALGORITHM));
- clientEncOptions.applyConfig();
}
if (cmd.hasOption(SSL_STORE_TYPE))
{
clientEncOptions =
clientEncOptions.withStoreType(cmd.getOptionValue(SSL_STORE_TYPE));
- clientEncOptions.applyConfig();
}
if (cmd.hasOption(SSL_CIPHER_SUITES))
{
clientEncOptions =
clientEncOptions.withCipherSuites(cmd.getOptionValue(SSL_CIPHER_SUITES).split(","));
- clientEncOptions.applyConfig();
}
if (cmd.hasOption(TARGET_KEYSPACE))
diff --git a/test/unit/org/apache/cassandra/tools/LoaderOptionsTest.java
b/test/unit/org/apache/cassandra/tools/LoaderOptionsTest.java
index 6377c59..b0d3c68 100644
--- a/test/unit/org/apache/cassandra/tools/LoaderOptionsTest.java
+++ b/test/unit/org/apache/cassandra/tools/LoaderOptionsTest.java
@@ -44,4 +44,25 @@ public class LoaderOptionsTest
options = LoaderOptions.builder().parseArgs(args2).build();
assertEquals(9142, options.nativePort);
}
-}
\ No newline at end of file
+
+ /**
+ * Regression testing for CASSANDRA-16280
+ *
+ * Check that providing encryption parameters to the loader (such as
keystore and truststore) won't break loading
+ * the options.
+ *
+ * @throws Exception
+ */
+ @Test
+ public void testEncryptionSettings() throws Exception
+ {
+ String[] args = { "-d", "127.9.9.1", "-ts", "test.jks", "-tspw",
"truststorePass1", "-ks", "test.jks", "-kspw",
+ "testdata1", "--ssl-ciphers", "TLS_RSA_WITH_AES_256_CBC_SHA",
+ "--ssl-alg", "SunX509", "--store-type", "JKS",
"--ssl-protocol", "TLS",
+ sstableDirName("legacy_sstables", "legacy_ma_simple") };
+ LoaderOptions options =
LoaderOptions.builder().parseArgs(args).build();
+ options = LoaderOptions.builder().parseArgs(args).build();
+ assertEquals("test.jks", options.clientEncOptions.keystore);
+ }
+}
+
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
