GEODE-420: Code review changes Removal of SSLEnabledComponent.java and SSLEnabledComponents.java
Project: http://git-wip-us.apache.org/repos/asf/incubator-geode/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-geode/commit/24545408 Tree: http://git-wip-us.apache.org/repos/asf/incubator-geode/tree/24545408 Diff: http://git-wip-us.apache.org/repos/asf/incubator-geode/diff/24545408 Branch: refs/heads/feature/GEODE-420 Commit: 24545408840c17a107b60b3d2da91ebbad0bf970 Parents: 075e109 Author: Udo Kohlmeyer <[email protected]> Authored: Wed Aug 24 16:39:49 2016 +1000 Committer: Udo Kohlmeyer <[email protected]> Committed: Wed Aug 24 16:39:49 2016 +1000 ---------------------------------------------------------------------- .../controllers/RestAPIsWithSSLDUnitTest.java | 30 ++-- .../client/internal/ConnectionFactoryImpl.java | 7 +- .../distributed/SSLEnabledComponents.java | 68 -------- .../internal/AbstractDistributionConfig.java | 19 ++- .../internal/DistributionConfig.java | 10 +- .../internal/DistributionConfigImpl.java | 26 +-- .../membership/gms/fd/GMSHealthMonitor.java | 7 +- .../internal/tcpserver/TcpClient.java | 4 +- .../internal/tcpserver/TcpServer.java | 6 +- .../gemfire/internal/AbstractConfig.java | 16 +- .../gemfire/internal/admin/SSLConfig.java | 8 +- .../cache/tier/sockets/AcceptorImpl.java | 6 +- .../internal/net/SSLConfigurationFactory.java | 31 ++-- .../internal/net/SSLEnabledComponent.java | 59 ------- .../gemfire/internal/net/SocketCreator.java | 3 +- .../internal/net/SocketCreatorFactory.java | 30 ++-- .../internal/security/SecurableComponent.java | 3 +- .../gemfire/internal/tcp/TCPConduit.java | 4 +- .../management/internal/JettyHelper.java | 4 +- .../management/internal/ManagementAgent.java | 12 +- .../gemfire/management/internal/RestAgent.java | 5 +- .../geode/security/SecurableComponents.java | 5 + .../CacheServerSSLConnectionDUnitTest.java | 6 +- .../gemfire/distributed/LocatorDUnitTest.java | 12 +- .../LocatorLauncherLocalIntegrationTest.java | 7 +- .../LocatorLauncherRemoteIntegrationTest.java | 8 +- .../ServerLauncherLocalIntegrationTest.java | 9 +- .../ServerLauncherRemoteIntegrationTest.java | 9 +- .../internal/net/JSSESocketJUnitTest.java | 15 +- .../net/SSLConfigurationFactoryTest.java | 47 +++--- .../net/SocketCreatorFactoryJUnitTest.java | 161 +++++++++---------- .../gemfire/management/JMXMBeanDUnitTest.java | 126 ++++++--------- .../internal/JettyHelperJUnitTest.java | 8 +- .../HTTPServiceSSLSupportJUnitTest.java | 1 - .../internal/JUnit4DistributedTestCase.java | 2 +- .../tools/pulse/testbed/driver/PulseUITest.java | 4 +- .../tools/pulse/tests/PulseAbstractTest.java | 4 +- 37 files changed, 312 insertions(+), 470 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/24545408/geode-assembly/src/test/java/com/gemstone/gemfire/rest/internal/web/controllers/RestAPIsWithSSLDUnitTest.java ---------------------------------------------------------------------- diff --git a/geode-assembly/src/test/java/com/gemstone/gemfire/rest/internal/web/controllers/RestAPIsWithSSLDUnitTest.java b/geode-assembly/src/test/java/com/gemstone/gemfire/rest/internal/web/controllers/RestAPIsWithSSLDUnitTest.java index f1a4d5b..e6abfa1 100644 --- a/geode-assembly/src/test/java/com/gemstone/gemfire/rest/internal/web/controllers/RestAPIsWithSSLDUnitTest.java +++ b/geode-assembly/src/test/java/com/gemstone/gemfire/rest/internal/web/controllers/RestAPIsWithSSLDUnitTest.java @@ -65,11 +65,11 @@ import com.gemstone.gemfire.cache.client.ClientRegionShortcut; import com.gemstone.gemfire.cache.client.internal.LocatorTestBase; import com.gemstone.gemfire.cache.server.CacheServer; import com.gemstone.gemfire.distributed.DistributedSystem; -import com.gemstone.gemfire.distributed.SSLEnabledComponents; import com.gemstone.gemfire.distributed.internal.InternalDistributedSystem; import com.gemstone.gemfire.internal.AvailablePort; import com.gemstone.gemfire.internal.AvailablePortHelper; import com.gemstone.gemfire.internal.cache.GemFireCacheImpl; +import com.gemstone.gemfire.internal.security.SecurableComponent; import com.gemstone.gemfire.management.ManagementException; import com.gemstone.gemfire.test.dunit.Host; import com.gemstone.gemfire.test.dunit.IgnoredException; @@ -314,8 +314,8 @@ public class RestAPIsWithSSLDUnitTest extends LocatorTestBase { sslPropertyConverter(sslProperties, props, HTTP_SERVICE_SSL_TRUSTSTORE, null); sslPropertyConverter(sslProperties, props, HTTP_SERVICE_SSL_TRUSTSTORE_PASSWORD, null); } - String sslEnabledComponentsProperty = sslProperties.getProperty(SSL_ENABLED_COMPONENTS); - if (sslEnabledComponentsProperty != null && sslEnabledComponentsProperty.length() > 0) { + String SecurableComponentProperty = sslProperties.getProperty(SSL_ENABLED_COMPONENTS); + if (SecurableComponentProperty != null && SecurableComponentProperty.length() > 0) { sslPropertyConverter(sslProperties, props, SSL_KEYSTORE, null); sslPropertyConverter(sslProperties, props, SSL_KEYSTORE_PASSWORD, null); sslPropertyConverter(sslProperties, props, SSL_KEYSTORE_TYPE, null); @@ -481,7 +481,7 @@ public class RestAPIsWithSSLDUnitTest extends LocatorTestBase { props.setProperty(SSL_KEYSTORE_PASSWORD, "password"); props.setProperty(SSL_TRUSTSTORE_PASSWORD, "password"); props.setProperty(SSL_KEYSTORE_TYPE, "JKS"); - props.setProperty(SSL_ENABLED_COMPONENTS, SSLEnabledComponents.HTTP_SERVICE); + props.setProperty(SSL_ENABLED_COMPONENTS, SecurableComponent.HTTP_SERVICE.getConstant()); String restEndpoint = startInfraWithSSL(props, false); validateConnection(restEndpoint, "SSL", props); } @@ -495,7 +495,7 @@ public class RestAPIsWithSSLDUnitTest extends LocatorTestBase { props.setProperty(SSL_KEYSTORE_PASSWORD, "password"); props.setProperty(SSL_TRUSTSTORE_PASSWORD, "password"); props.setProperty(SSL_KEYSTORE_TYPE, "JKS"); - props.setProperty(SSL_ENABLED_COMPONENTS, SSLEnabledComponents.HTTP_SERVICE); + props.setProperty(SSL_ENABLED_COMPONENTS, SecurableComponent.HTTP_SERVICE.getConstant()); props.setProperty(SSL_HTTP_SERVICE_ALIAS, "httpservicekey"); props.setProperty(SSL_HTTP_SERVICE_REQUIRE_AUTHENTICATION, "true"); String restEndpoint = startInfraWithSSL(props, false); @@ -511,7 +511,7 @@ public class RestAPIsWithSSLDUnitTest extends LocatorTestBase { props.setProperty(SSL_KEYSTORE_PASSWORD, "password"); props.setProperty(SSL_TRUSTSTORE_PASSWORD, "password"); props.setProperty(SSL_KEYSTORE_TYPE, "JKS"); - props.setProperty(SSL_ENABLED_COMPONENTS, SSLEnabledComponents.HTTP_SERVICE); + props.setProperty(SSL_ENABLED_COMPONENTS, SecurableComponent.HTTP_SERVICE.getConstant()); props.setProperty(SSL_HTTP_SERVICE_REQUIRE_AUTHENTICATION, "true"); props.setProperty(SSL_HTTP_SERVICE_ALIAS, "httpservicekey"); props.setProperty(INVALID_CLIENT_ALIAS, "someAlias"); @@ -526,7 +526,7 @@ public class RestAPIsWithSSLDUnitTest extends LocatorTestBase { props.setProperty(SSL_TRUSTSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath()); props.setProperty(SSL_KEYSTORE_PASSWORD, "password"); props.setProperty(SSL_TRUSTSTORE_PASSWORD, "password"); - props.setProperty(SSL_ENABLED_COMPONENTS, SSLEnabledComponents.HTTP_SERVICE); + props.setProperty(SSL_ENABLED_COMPONENTS, SecurableComponent.HTTP_SERVICE.getConstant()); String restEndpoint = startInfraWithSSL(props, false); validateConnection(restEndpoint, "SSL", props); @@ -541,7 +541,7 @@ public class RestAPIsWithSSLDUnitTest extends LocatorTestBase { props.setProperty(SSL_TRUSTSTORE_PASSWORD, "password"); props.setProperty(SSL_KEYSTORE_TYPE, "JKS"); props.setProperty(SSL_PROTOCOLS, "SSL"); - props.setProperty(SSL_ENABLED_COMPONENTS, SSLEnabledComponents.HTTP_SERVICE); + props.setProperty(SSL_ENABLED_COMPONENTS, SecurableComponent.HTTP_SERVICE.getConstant()); String restEndpoint = startInfraWithSSL(props, false); validateConnection(restEndpoint, "SSL", props); @@ -556,7 +556,7 @@ public class RestAPIsWithSSLDUnitTest extends LocatorTestBase { props.setProperty(SSL_TRUSTSTORE_PASSWORD, "password"); props.setProperty(SSL_KEYSTORE_TYPE, "JKS"); props.setProperty(SSL_PROTOCOLS, "TLS"); - props.setProperty(SSL_ENABLED_COMPONENTS, SSLEnabledComponents.HTTP_SERVICE); + props.setProperty(SSL_ENABLED_COMPONENTS, SecurableComponent.HTTP_SERVICE.getConstant()); String restEndpoint = startInfraWithSSL(props, false); validateConnection(restEndpoint, "TLS", props); @@ -571,7 +571,7 @@ public class RestAPIsWithSSLDUnitTest extends LocatorTestBase { props.setProperty(SSL_TRUSTSTORE_PASSWORD, "password"); props.setProperty(SSL_KEYSTORE_TYPE, "JKS"); props.setProperty(SSL_PROTOCOLS, "TLSv1.1"); - props.setProperty(SSL_ENABLED_COMPONENTS, SSLEnabledComponents.HTTP_SERVICE); + props.setProperty(SSL_ENABLED_COMPONENTS, SecurableComponent.HTTP_SERVICE.getConstant()); String restEndpoint = startInfraWithSSL(props, false); validateConnection(restEndpoint, "TLSv1.1", props); @@ -586,7 +586,7 @@ public class RestAPIsWithSSLDUnitTest extends LocatorTestBase { props.setProperty(SSL_TRUSTSTORE_PASSWORD, "password"); props.setProperty(SSL_KEYSTORE_TYPE, "JKS"); props.setProperty(SSL_PROTOCOLS, "TLSv1.2"); - props.setProperty(SSL_ENABLED_COMPONENTS, SSLEnabledComponents.HTTP_SERVICE); + props.setProperty(SSL_ENABLED_COMPONENTS, SecurableComponent.HTTP_SERVICE.getConstant()); String restEndpoint = startInfraWithSSL(props, false); validateConnection(restEndpoint, "TLSv1.2", props); @@ -601,7 +601,7 @@ public class RestAPIsWithSSLDUnitTest extends LocatorTestBase { props.setProperty(SSL_TRUSTSTORE_PASSWORD, "password"); props.setProperty(SSL_KEYSTORE_TYPE, "JKS"); props.setProperty(SSL_PROTOCOLS, "SSL,TLSv1.2"); - props.setProperty(SSL_ENABLED_COMPONENTS, SSLEnabledComponents.HTTP_SERVICE); + props.setProperty(SSL_ENABLED_COMPONENTS, SecurableComponent.HTTP_SERVICE.getConstant()); String restEndpoint = startInfraWithSSL(props, false); validateConnection(restEndpoint, "TLSv1.2", props); @@ -617,7 +617,7 @@ public class RestAPIsWithSSLDUnitTest extends LocatorTestBase { props.setProperty(SSL_TRUSTSTORE_PASSWORD, "password"); props.setProperty(SSL_KEYSTORE_TYPE, "JKS"); props.setProperty(SSL_PROTOCOLS, "TLSv1.2"); - props.setProperty(SSL_ENABLED_COMPONENTS, SSLEnabledComponents.HTTP_SERVICE); + props.setProperty(SSL_ENABLED_COMPONENTS, SecurableComponent.HTTP_SERVICE.getConstant()); SSLContext ssl = SSLContext.getInstance("TLSv1.2"); @@ -639,7 +639,7 @@ public class RestAPIsWithSSLDUnitTest extends LocatorTestBase { props.setProperty(SSL_TRUSTSTORE_PASSWORD, "password"); props.setProperty(SSL_KEYSTORE_TYPE, "JKS"); props.setProperty(SSL_PROTOCOLS, "TLSv1.2"); - props.setProperty(SSL_ENABLED_COMPONENTS, SSLEnabledComponents.HTTP_SERVICE); + props.setProperty(SSL_ENABLED_COMPONENTS, SecurableComponent.HTTP_SERVICE.getConstant()); SSLContext ssl = SSLContext.getInstance("TLSv1.2"); @@ -664,7 +664,7 @@ public class RestAPIsWithSSLDUnitTest extends LocatorTestBase { props.setProperty(SSL_PROTOCOLS, "SSL"); props.setProperty(SSL_REQUIRE_AUTHENTICATION, "true"); props.setProperty(SSL_HTTP_SERVICE_REQUIRE_AUTHENTICATION, "true"); - props.setProperty(SSL_ENABLED_COMPONENTS, SSLEnabledComponents.HTTP_SERVICE); + props.setProperty(SSL_ENABLED_COMPONENTS, SecurableComponent.HTTP_SERVICE.getConstant()); String restEndpoint = startInfraWithSSL(props, false); validateConnection(restEndpoint, "SSL", props); http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/24545408/geode-core/src/main/java/com/gemstone/gemfire/cache/client/internal/ConnectionFactoryImpl.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/com/gemstone/gemfire/cache/client/internal/ConnectionFactoryImpl.java b/geode-core/src/main/java/com/gemstone/gemfire/cache/client/internal/ConnectionFactoryImpl.java index 45850e1..5f286af 100644 --- a/geode-core/src/main/java/com/gemstone/gemfire/cache/client/internal/ConnectionFactoryImpl.java +++ b/geode-core/src/main/java/com/gemstone/gemfire/cache/client/internal/ConnectionFactoryImpl.java @@ -22,10 +22,8 @@ import com.gemstone.gemfire.cache.GatewayConfigurationException; import com.gemstone.gemfire.cache.client.ServerRefusedConnectionException; import com.gemstone.gemfire.cache.client.internal.ServerBlackList.FailureTracker; import com.gemstone.gemfire.cache.wan.GatewaySender; -import com.gemstone.gemfire.distributed.internal.DistributionConfig; import com.gemstone.gemfire.distributed.internal.InternalDistributedSystem; import com.gemstone.gemfire.distributed.internal.ServerLocation; -import com.gemstone.gemfire.internal.net.SSLEnabledComponent; import com.gemstone.gemfire.internal.net.SocketCreator; import com.gemstone.gemfire.internal.cache.tier.Acceptor; import com.gemstone.gemfire.internal.cache.tier.sockets.CacheClientUpdater; @@ -35,6 +33,7 @@ import com.gemstone.gemfire.internal.i18n.LocalizedStrings; import com.gemstone.gemfire.internal.logging.LogService; import com.gemstone.gemfire.internal.logging.log4j.LocalizedMessage; import com.gemstone.gemfire.internal.net.SocketCreatorFactory; +import com.gemstone.gemfire.internal.security.SecurableComponent; import com.gemstone.gemfire.security.GemFireSecurityException; import org.apache.logging.log4j.Logger; @@ -97,13 +96,13 @@ public class ConnectionFactoryImpl implements ConnectionFactory { this.cancelCriterion = cancelCriterion; this.pool = pool; if (this.usedByGateway || (this.gatewaySender != null)) { - this.socketCreator = SocketCreatorFactory.getSSLSocketCreatorForComponent(SSLEnabledComponent.GATEWAY); + this.socketCreator = SocketCreatorFactory.getSSLSocketCreatorForComponent(SecurableComponent.GATEWAY); if (sender!= null && !sender.getGatewayTransportFilters().isEmpty()) { this.socketCreator.initializeTransportFilterClientSocketFactory(sender); } } else { //If configured use SSL properties for cache-server - this.socketCreator = SocketCreatorFactory.getSSLSocketCreatorForComponent(SSLEnabledComponent.SERVER); + this.socketCreator = SocketCreatorFactory.getSSLSocketCreatorForComponent(SecurableComponent.SERVER); } } http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/24545408/geode-core/src/main/java/com/gemstone/gemfire/distributed/SSLEnabledComponents.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/com/gemstone/gemfire/distributed/SSLEnabledComponents.java b/geode-core/src/main/java/com/gemstone/gemfire/distributed/SSLEnabledComponents.java deleted file mode 100644 index c4310bd..0000000 --- a/geode-core/src/main/java/com/gemstone/gemfire/distributed/SSLEnabledComponents.java +++ /dev/null @@ -1,68 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package com.gemstone.gemfire.distributed; - -/** - * This class defines all the static definitions for the {@link ConfigurationProperties#SSL_ENABLED_COMPONENTS} - * <U>Since</U>: Geode 1.0 - */ -public interface SSLEnabledComponents { - - /** - * This determines that none of the components will use the SSL for their communications. - * <U>Since</U>: Geode 1.0 - */ - String NONE = "none"; - - /** - * This determines that all components will use the SSL for their communications. - * <U>Since</U>: Geode 1.0 - */ - String ALL = "all"; - /** - * This determines that only the server components will use the SSL for their communications. This means that all communications - * between clients and servers will use SSL. In addition this also means that client-locator and server-locator communications will use SSL credentials. - * <U>Since</U>: Geode 1.0 - */ - String SERVER = "server"; - /** - * This determines that only the inter-server (or server-to-server) communication will use the SSL. - * In addition this also means that server-locator communications will use SSL credentials. - * <U>Since</U>: Geode 1.0 - */ - String CLUSTER = "cluster"; - /** - * This determines that only the jmx component will use the SSL for its communications. - * <U>Since</U>: Geode 1.0 - */ - String JMX = "jmx"; - /** - * This determines that the http service component will use the SSL for its communications - * <U>Since</U>: Geode 1.0 - */ - String HTTP_SERVICE = "http"; - /** - * This determines that the gateway component will use the SSL for its communications. - * <U>Since</U>: Geode 1.0 - */ - String GATEWAY = "gateway"; - /** - * This determines that the locator component will use the SSL for its communications between server and locator and client and locator. - * <U>Since</U>: Geode 1.0 - */ - String LOCATOR = "locator"; -} http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/24545408/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/AbstractDistributionConfig.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/AbstractDistributionConfig.java b/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/AbstractDistributionConfig.java index f46aede..9168503 100644 --- a/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/AbstractDistributionConfig.java +++ b/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/AbstractDistributionConfig.java @@ -40,7 +40,6 @@ import com.gemstone.gemfire.internal.ConfigSource; import com.gemstone.gemfire.internal.admin.remote.DistributionLocatorId; import com.gemstone.gemfire.internal.i18n.LocalizedStrings; import com.gemstone.gemfire.internal.logging.LogWriterImpl; -import com.gemstone.gemfire.internal.net.SSLEnabledComponent; import com.gemstone.gemfire.internal.net.SocketCreator; import com.gemstone.gemfire.internal.security.SecurableComponent; import com.gemstone.gemfire.memcached.GemFireMemcachedServer; @@ -463,8 +462,8 @@ public abstract class AbstractDistributionConfig extends AbstractConfig implemen * This would mean one is mixing the "old" with the "new" */ @ConfigAttributeChecker(name = SSL_ENABLED_COMPONENTS) - protected SSLEnabledComponent[] checkLegacySSLWhenSSLEnabledComponentsSet(SSLEnabledComponent[] value) { - for (SSLEnabledComponent component : value) { + protected SecurableComponent[] checkLegacySSLWhenSSLEnabledComponentsSet(SecurableComponent[] value) { + for (SecurableComponent component : value) { switch (component) { case ALL: case CLUSTER: @@ -477,13 +476,13 @@ public abstract class AbstractDistributionConfig extends AbstractConfig implemen default: throw new IllegalArgumentException(LocalizedStrings.AbstractDistributionConfig_SSL_ENABLED_COMPONENTS_0_INVALID_TRY_1.toLocalizedString(new Object[] { value, StringUtils.join(new String[] { - SSLEnabledComponent.ALL.getConstant(), - SSLEnabledComponent.CLUSTER.getConstant(), - SSLEnabledComponent.SERVER.getConstant(), - SSLEnabledComponent.GATEWAY.getConstant(), - SSLEnabledComponent.JMX.getConstant(), - SSLEnabledComponent.HTTP_SERVICE.getConstant(), - SSLEnabledComponent.LOCATOR.getConstant() + SecurableComponent.ALL.getConstant(), + SecurableComponent.CLUSTER.getConstant(), + SecurableComponent.SERVER.getConstant(), + SecurableComponent.GATEWAY.getConstant(), + SecurableComponent.JMX.getConstant(), + SecurableComponent.HTTP_SERVICE.getConstant(), + SecurableComponent.LOCATOR.getConstant() }, ",") })); } http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/24545408/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/DistributionConfig.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/DistributionConfig.java b/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/DistributionConfig.java index 3663be2..1b0ad96 100644 --- a/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/DistributionConfig.java +++ b/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/DistributionConfig.java @@ -36,7 +36,7 @@ import com.gemstone.gemfire.internal.Config; import com.gemstone.gemfire.internal.ConfigSource; import com.gemstone.gemfire.internal.logging.InternalLogWriter; import com.gemstone.gemfire.internal.logging.LogConfig; -import com.gemstone.gemfire.internal.net.SSLEnabledComponent; +import com.gemstone.gemfire.internal.security.SecurableComponent; import com.gemstone.gemfire.internal.tcp.Connection; import com.gemstone.gemfire.memcached.GemFireMemcachedServer; @@ -4337,7 +4337,7 @@ public interface DistributionConfig extends Config, LogConfig { * @since Geode 1.0 */ @ConfigAttributeGetter(name = SSL_ENABLED_COMPONENTS) - SSLEnabledComponent[] getSSLEnabledComponents(); + SecurableComponent[] getSSLEnabledComponents(); /** * Sets the value of the {@link ConfigurationProperties#SSL_ENABLED_COMPONENTS} @@ -4345,20 +4345,20 @@ public interface DistributionConfig extends Config, LogConfig { * @since Geode 1.0 */ @ConfigAttributeSetter(name = SSL_ENABLED_COMPONENTS) - void setSSLEnabledComponents(SSLEnabledComponent[] sslEnabledComponents); + void setSSLEnabledComponents(SecurableComponent[] sslEnabledComponents); /** * The name of the {@link ConfigurationProperties#SSL_ENABLED_COMPONENTS} property * @since Geode 1.0 */ - @ConfigAttribute(type = SSLEnabledComponent[].class) + @ConfigAttribute(type = SecurableComponent[].class) String SSL_ENABLED_COMPONENTS_NAME = SSL_ENABLED_COMPONENTS; /** * The default ssl enabled components * @since Geode 1.0 */ - SSLEnabledComponent[] DEFAULT_SSL_ENABLED_COMPONENTS = new SSLEnabledComponent[] {}; + SecurableComponent[] DEFAULT_SSL_ENABLED_COMPONENTS = new SecurableComponent[] {}; /** * Returns the value of the {@link ConfigurationProperties#SSL_PROTOCOLS} http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/24545408/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/DistributionConfigImpl.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/DistributionConfigImpl.java b/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/DistributionConfigImpl.java index 2b26a58..23569a2 100644 --- a/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/DistributionConfigImpl.java +++ b/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/DistributionConfigImpl.java @@ -49,9 +49,9 @@ import com.gemstone.gemfire.distributed.ConfigurationProperties; import com.gemstone.gemfire.distributed.DistributedSystem; import com.gemstone.gemfire.internal.ConfigSource; import com.gemstone.gemfire.internal.i18n.LocalizedStrings; -import com.gemstone.gemfire.internal.net.SSLEnabledComponent; import com.gemstone.gemfire.internal.net.SocketCreator; import com.gemstone.gemfire.internal.process.ProcessLauncherContext; +import com.gemstone.gemfire.internal.security.SecurableComponent; import com.gemstone.gemfire.memcached.GemFireMemcachedServer; /** @@ -550,7 +550,7 @@ public class DistributionConfigImpl extends AbstractDistributionConfig implement private String httpServiceSSLAlias = DEFAULT_SSL_ALIAS; - private SSLEnabledComponent[] sslEnabledComponents = DEFAULT_SSL_ENABLED_COMPONENTS; + private SecurableComponent[] sslEnabledComponents = DEFAULT_SSL_ENABLED_COMPONENTS; private String sslProtocols = DEFAULT_SSL_PROTOCOLS; private String sslCiphers = DEFAULT_SSL_CIPHERS; @@ -955,8 +955,8 @@ public class DistributionConfigImpl extends AbstractDistributionConfig implement throw new InternalGemFireException("error invoking getter for property" + ConfigurationProperties.SSL_ENABLED_COMPONENTS); } } - SSLEnabledComponent[] sslEnabledComponents = (SSLEnabledComponent[]) value; - for (SSLEnabledComponent sslEnabledComponent : sslEnabledComponents) { + SecurableComponent[] sslEnabledComponents = (SecurableComponent[]) value; + for (SecurableComponent sslEnabledComponent : sslEnabledComponents) { if (!isAliasCorrectlyConfiguredForComponents(sslEnabledComponent)) { throw new IllegalArgumentException(LocalizedStrings.AbstractDistributionConfig_SSL_ENABLED_COMPONENTS_INVALID_ALIAS_OPTIONS.toLocalizedString()); } @@ -964,18 +964,18 @@ public class DistributionConfigImpl extends AbstractDistributionConfig implement } - private boolean isAliasCorrectlyConfiguredForComponents(final SSLEnabledComponent component) { + private boolean isAliasCorrectlyConfiguredForComponents(final SecurableComponent component) { switch (component) { case ALL: { //If the default alias is not set, then check that all the other component aliases are set if (StringUtils.isEmpty(getSSLDefaultAlias())) { boolean correctAlias = true; - correctAlias &= isAliasCorrectlyConfiguredForComponents(SSLEnabledComponent.CLUSTER); - correctAlias &= isAliasCorrectlyConfiguredForComponents(SSLEnabledComponent.GATEWAY); - correctAlias &= isAliasCorrectlyConfiguredForComponents(SSLEnabledComponent.HTTP_SERVICE); - correctAlias &= isAliasCorrectlyConfiguredForComponents(SSLEnabledComponent.JMX); - correctAlias &= isAliasCorrectlyConfiguredForComponents(SSLEnabledComponent.LOCATOR); - correctAlias &= isAliasCorrectlyConfiguredForComponents(SSLEnabledComponent.SERVER); + correctAlias &= isAliasCorrectlyConfiguredForComponents(SecurableComponent.CLUSTER); + correctAlias &= isAliasCorrectlyConfiguredForComponents(SecurableComponent.GATEWAY); + correctAlias &= isAliasCorrectlyConfiguredForComponents(SecurableComponent.HTTP_SERVICE); + correctAlias &= isAliasCorrectlyConfiguredForComponents(SecurableComponent.JMX); + correctAlias &= isAliasCorrectlyConfiguredForComponents(SecurableComponent.LOCATOR); + correctAlias &= isAliasCorrectlyConfiguredForComponents(SecurableComponent.SERVER); return correctAlias; } } @@ -2567,12 +2567,12 @@ public class DistributionConfigImpl extends AbstractDistributionConfig implement } @Override - public SSLEnabledComponent[] getSSLEnabledComponents() { + public SecurableComponent[] getSSLEnabledComponents() { return sslEnabledComponents; } @Override - public void setSSLEnabledComponents(final SSLEnabledComponent[] sslEnabledComponents) { + public void setSSLEnabledComponents(final SecurableComponent[] sslEnabledComponents) { this.sslEnabledComponents = sslEnabledComponents; } http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/24545408/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/gms/fd/GMSHealthMonitor.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/gms/fd/GMSHealthMonitor.java b/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/gms/fd/GMSHealthMonitor.java index 5af1521..00175d9 100644 --- a/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/gms/fd/GMSHealthMonitor.java +++ b/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/gms/fd/GMSHealthMonitor.java @@ -63,10 +63,9 @@ import com.gemstone.gemfire.distributed.internal.membership.gms.messages.Heartbe import com.gemstone.gemfire.distributed.internal.membership.gms.messages.SuspectMembersMessage; import com.gemstone.gemfire.distributed.internal.membership.gms.messages.SuspectRequest; import com.gemstone.gemfire.internal.ConnectionWatcher; -import com.gemstone.gemfire.internal.net.SSLEnabledComponent; -import com.gemstone.gemfire.internal.net.SocketCreator; import com.gemstone.gemfire.internal.Version; import com.gemstone.gemfire.internal.net.SocketCreatorFactory; +import com.gemstone.gemfire.internal.security.SecurableComponent; /** * Failure Detection @@ -490,7 +489,7 @@ public class GMSHealthMonitor implements HealthMonitor, MessageHandler { InternalDistributedSystem internalDistributedSystem = InternalDistributedSystem.getConnectedInstance(); try { logger.debug("Checking member {} with TCP socket connection {}:{}.", suspectMember, suspectMember.getInetAddress(), port); - clientSocket = SocketCreatorFactory.getSSLSocketCreatorForComponent(SSLEnabledComponent.CLUSTER).connect(suspectMember.getInetAddress(), port, + clientSocket = SocketCreatorFactory.getSSLSocketCreatorForComponent(SecurableComponent.CLUSTER).connect(suspectMember.getInetAddress(), port, (int)memberTimeout, new ConnectTimeoutTask(services.getTimer(), memberTimeout), false, -1, false); clientSocket.setTcpNoDelay(true); return doTCPCheckMember(suspectMember, clientSocket); @@ -636,7 +635,7 @@ public class GMSHealthMonitor implements HealthMonitor, MessageHandler { ServerSocket createServerSocket(InetAddress socketAddress, int[] portRange) { ServerSocket serverSocket; try { - serverSocket = SocketCreatorFactory.getSSLSocketCreatorForComponent(SSLEnabledComponent.CLUSTER).createServerSocketUsingPortRange(socketAddress, 50/*backlog*/, + serverSocket = SocketCreatorFactory.getSSLSocketCreatorForComponent(SecurableComponent.CLUSTER).createServerSocketUsingPortRange(socketAddress, 50/*backlog*/, true/*isBindAddress*/, false/*useNIO*/, 65536/*tcpBufferSize*/, portRange, false); socketPort = serverSocket.getLocalPort(); } catch (IOException | SystemConnectException e) { http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/24545408/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/tcpserver/TcpClient.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/tcpserver/TcpClient.java b/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/tcpserver/TcpClient.java index 968adc2..d4dac0c 100644 --- a/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/tcpserver/TcpClient.java +++ b/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/tcpserver/TcpClient.java @@ -37,9 +37,9 @@ import com.gemstone.gemfire.internal.Version; import com.gemstone.gemfire.internal.VersionedDataInputStream; import com.gemstone.gemfire.internal.VersionedDataOutputStream; import com.gemstone.gemfire.internal.logging.LogService; -import com.gemstone.gemfire.internal.net.SSLEnabledComponent; import com.gemstone.gemfire.internal.net.SocketCreator; import com.gemstone.gemfire.internal.net.SocketCreatorFactory; +import com.gemstone.gemfire.internal.security.SecurableComponent; /** * <p>Client for the TcpServer component of the Locator. @@ -61,7 +61,7 @@ public class TcpClient { * SocketCreatorFactory should be initialized before invoking this method. */ public TcpClient() { - this(SocketCreatorFactory.getSSLSocketCreatorForComponent(SSLEnabledComponent.LOCATOR)); + this(SocketCreatorFactory.getSSLSocketCreatorForComponent(SecurableComponent.LOCATOR)); } /** http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/24545408/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/tcpserver/TcpServer.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/tcpserver/TcpServer.java b/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/tcpserver/TcpServer.java index 36d05f0..45d61ab 100755 --- a/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/tcpserver/TcpServer.java +++ b/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/tcpserver/TcpServer.java @@ -58,9 +58,9 @@ import com.gemstone.gemfire.internal.VersionedDataInputStream; import com.gemstone.gemfire.internal.VersionedDataOutputStream; import com.gemstone.gemfire.internal.cache.GemFireCacheImpl; import com.gemstone.gemfire.internal.logging.LogService; -import com.gemstone.gemfire.internal.net.SSLEnabledComponent; import com.gemstone.gemfire.internal.net.SocketCreator; import com.gemstone.gemfire.internal.net.SocketCreatorFactory; +import com.gemstone.gemfire.internal.security.SecurableComponent; /** * TCP server which listens on a port and delegates requests to a request @@ -166,10 +166,8 @@ public class TcpServer { cfg = new DistributionConfigImpl(sslConfig); } - //TODO Udo: How would I handle this case where the cfg is empty??? - if (this.socketCreator == null) { - this.socketCreator = SocketCreatorFactory.getSSLSocketCreatorForComponent(SSLEnabledComponent.LOCATOR); + this.socketCreator = SocketCreatorFactory.getSSLSocketCreatorForComponent(SecurableComponent.LOCATOR); } else { throw new RuntimeException("The socket Creator already exists"); } http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/24545408/geode-core/src/main/java/com/gemstone/gemfire/internal/AbstractConfig.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/com/gemstone/gemfire/internal/AbstractConfig.java b/geode-core/src/main/java/com/gemstone/gemfire/internal/AbstractConfig.java index d046643..6fd4ae6 100644 --- a/geode-core/src/main/java/com/gemstone/gemfire/internal/AbstractConfig.java +++ b/geode-core/src/main/java/com/gemstone/gemfire/internal/AbstractConfig.java @@ -43,8 +43,8 @@ import com.gemstone.gemfire.UnmodifiableException; import com.gemstone.gemfire.distributed.internal.DistributionConfig; import com.gemstone.gemfire.distributed.internal.FlowControlParams; import com.gemstone.gemfire.internal.i18n.LocalizedStrings; -import com.gemstone.gemfire.internal.net.SSLEnabledComponent; import com.gemstone.gemfire.internal.net.SocketCreator; +import com.gemstone.gemfire.internal.security.SecurableComponent; /** * Provides an implementation of the {@link Config} interface @@ -405,8 +405,8 @@ public abstract class AbstractConfig implements Config { })); } attObjectValue = new FlowControlParams(credits, thresh, waittime); - } else if (valueType.isArray() && SSLEnabledComponent.class.equals(valueType.getComponentType())) { - attObjectValue = commaDelimitedStringToSSLEnabledComponents(attValue); + } else if (valueType.isArray() && SecurableComponent.class.equals(valueType.getComponentType())) { + attObjectValue = commaDelimitedStringToSecurableComponents(attValue); }else { throw new InternalGemFireException(LocalizedStrings.AbstractConfig_UNHANDLED_ATTRIBUTE_TYPE_0_FOR_1.toLocalizedString(new Object[] { valueType, attName @@ -431,12 +431,16 @@ public abstract class AbstractConfig implements Config { return strings; } - private SSLEnabledComponent[] commaDelimitedStringToSSLEnabledComponents(final String tokenizeString) { + private SecurableComponent[] commaDelimitedStringToSecurableComponents(final String tokenizeString) { StringTokenizer stringTokenizer = new StringTokenizer(tokenizeString, ","); - SSLEnabledComponent[] returnArray = new SSLEnabledComponent[stringTokenizer.countTokens()]; + SecurableComponent[] returnArray = new SecurableComponent[stringTokenizer.countTokens()]; for (int i = 0; i < returnArray.length; i++) { String name = stringTokenizer.nextToken(); - returnArray[i] = SSLEnabledComponent.getEnum(name); + try { + returnArray[i] = SecurableComponent.getEnum(name); + } catch (Exception e) { + throw new IllegalArgumentException(e); + } } return returnArray; } http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/24545408/geode-core/src/main/java/com/gemstone/gemfire/internal/admin/SSLConfig.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/com/gemstone/gemfire/internal/admin/SSLConfig.java b/geode-core/src/main/java/com/gemstone/gemfire/internal/admin/SSLConfig.java index ebf3a7e..063ee05 100755 --- a/geode-core/src/main/java/com/gemstone/gemfire/internal/admin/SSLConfig.java +++ b/geode-core/src/main/java/com/gemstone/gemfire/internal/admin/SSLConfig.java @@ -22,7 +22,7 @@ import java.util.Iterator; import java.util.Properties; import com.gemstone.gemfire.distributed.internal.DistributionConfig; -import com.gemstone.gemfire.internal.net.SSLEnabledComponent; +import com.gemstone.gemfire.internal.security.SecurableComponent; import com.gemstone.gemfire.management.internal.SSLUtil; /** @@ -41,7 +41,7 @@ public class SSLConfig { private String truststorePassword = DistributionConfig.DEFAULT_SSL_TRUSTSTORE_PASSWORD; private String truststoreType = DistributionConfig.DEFAULT_CLUSTER_SSL_KEYSTORE_TYPE; private String alias = null; - private SSLEnabledComponent sslEnabledComponent = null; + private SecurableComponent sslEnabledComponent = null; /** * SSL implementation-specific key-value pairs. Each key should be prefixed @@ -163,11 +163,11 @@ public class SSLConfig { } } - public SSLEnabledComponent getSslEnabledComponent() { + public SecurableComponent getSecuredComponent() { return sslEnabledComponent; } - public void setSslEnabledComponent(final SSLEnabledComponent sslEnabledComponent) { + public void setSslEnabledComponent(final SecurableComponent sslEnabledComponent) { this.sslEnabledComponent = sslEnabledComponent; } http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/24545408/geode-core/src/main/java/com/gemstone/gemfire/internal/cache/tier/sockets/AcceptorImpl.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/com/gemstone/gemfire/internal/cache/tier/sockets/AcceptorImpl.java b/geode-core/src/main/java/com/gemstone/gemfire/internal/cache/tier/sockets/AcceptorImpl.java index 5540a4a..335ce24 100644 --- a/geode-core/src/main/java/com/gemstone/gemfire/internal/cache/tier/sockets/AcceptorImpl.java +++ b/geode-core/src/main/java/com/gemstone/gemfire/internal/cache/tier/sockets/AcceptorImpl.java @@ -70,7 +70,6 @@ import com.gemstone.gemfire.cache.client.internal.PoolImpl; import com.gemstone.gemfire.cache.server.CacheServer; import com.gemstone.gemfire.cache.wan.GatewayTransportFilter; import com.gemstone.gemfire.distributed.internal.*; -import com.gemstone.gemfire.internal.net.SSLEnabledComponent; import com.gemstone.gemfire.internal.net.SocketCreator; import com.gemstone.gemfire.internal.SystemTimer; import com.gemstone.gemfire.internal.cache.BucketAdvisor; @@ -87,6 +86,7 @@ import com.gemstone.gemfire.internal.logging.LogService; import com.gemstone.gemfire.internal.logging.LoggingThreadGroup; import com.gemstone.gemfire.internal.logging.log4j.LocalizedMessage; import com.gemstone.gemfire.internal.security.IntegratedSecurityService; +import com.gemstone.gemfire.internal.security.SecurableComponent; import com.gemstone.gemfire.internal.security.SecurityService; import com.gemstone.gemfire.internal.security.GeodeSecurityUtil; import com.gemstone.gemfire.internal.net.SocketCreatorFactory; @@ -389,9 +389,9 @@ public class AcceptorImpl extends Acceptor implements Runnable { if(!isGatewayReceiver) { //If configured use SSL properties for cache-server - this.socketCreator = SocketCreatorFactory.getSSLSocketCreatorForComponent(SSLEnabledComponent.SERVER); + this.socketCreator = SocketCreatorFactory.getSSLSocketCreatorForComponent(SecurableComponent.SERVER); } else { - this.socketCreator = SocketCreatorFactory.getSSLSocketCreatorForComponent(SSLEnabledComponent.GATEWAY); + this.socketCreator = SocketCreatorFactory.getSSLSocketCreatorForComponent(SecurableComponent.GATEWAY); } final GemFireCacheImpl gc; http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/24545408/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SSLConfigurationFactory.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SSLConfigurationFactory.java b/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SSLConfigurationFactory.java index 33378b8..12528e3 100644 --- a/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SSLConfigurationFactory.java +++ b/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SSLConfigurationFactory.java @@ -24,15 +24,17 @@ import java.util.Properties; import org.apache.commons.lang.ArrayUtils; import org.springframework.util.StringUtils; +import com.gemstone.gemfire.GemFireConfigException; import com.gemstone.gemfire.distributed.internal.DistributionConfig; import com.gemstone.gemfire.distributed.internal.DistributionConfigImpl; import com.gemstone.gemfire.internal.admin.SSLConfig; +import com.gemstone.gemfire.internal.security.SecurableComponent; public class SSLConfigurationFactory { private static SSLConfigurationFactory instance = new SSLConfigurationFactory(); private DistributionConfig distributionConfig = new DistributionConfigImpl(new Properties()); - private Map<SSLEnabledComponent, SSLConfig> registeredSSLConfig = new HashMap<>(); + private Map<SecurableComponent, SSLConfig> registeredSSLConfig = new HashMap<>(); private SSLConfigurationFactory() { } @@ -45,10 +47,14 @@ public class SSLConfigurationFactory { } public static void setDistributionConfig(final DistributionConfig distributionConfig) { + if(distributionConfig == null) + { + throw new GemFireConfigException("SSL Configuration requires a valid distribution config."); + } getInstance().distributionConfig = distributionConfig; } - public static SSLConfig getSSLConfigForComponent(SSLEnabledComponent sslEnabledComponent) { + public static SSLConfig getSSLConfigForComponent(SecurableComponent sslEnabledComponent) { SSLConfig sslConfig = getInstance().getRegisteredSSLConfigForComponent(sslEnabledComponent); if (sslConfig == null) { sslConfig = getInstance().createSSLConfigForComponent(sslEnabledComponent); @@ -57,13 +63,13 @@ public class SSLConfigurationFactory { return sslConfig; } - private synchronized void registeredSSLConfigForComponent(final SSLEnabledComponent sslEnabledComponent, final SSLConfig sslConfig) { + private synchronized void registeredSSLConfigForComponent(final SecurableComponent sslEnabledComponent, final SSLConfig sslConfig) { registeredSSLConfig.put(sslEnabledComponent, sslConfig); } - private SSLConfig createSSLConfigForComponent(final SSLEnabledComponent sslEnabledComponent) { + private SSLConfig createSSLConfigForComponent(final SecurableComponent sslEnabledComponent) { SSLConfig sslConfig = createSSLConfig(sslEnabledComponent); - SSLEnabledComponent[] sslEnabledComponents = distributionConfig.getSSLEnabledComponents(); + SecurableComponent[] sslEnabledComponents = distributionConfig.getSSLEnabledComponents(); if (sslEnabledComponents.length == 0) { sslConfig = configureLegacyClusterSSL(sslConfig); } @@ -71,12 +77,14 @@ public class SSLConfigurationFactory { switch (sslEnabledComponent) { case ALL: { //Create a SSLConfig separate for HTTP Service. As the require-authentication might differ - createSSLConfigForComponent(SSLEnabledComponent.HTTP_SERVICE); + createSSLConfigForComponent(SecurableComponent.HTTP_SERVICE); break; } case CLUSTER: { if (sslEnabledComponents.length > 0) { sslConfig = setAliasForComponent(sslConfig, distributionConfig.getClusterSSLAlias()); + }else { + sslConfig = configureLegacyClusterSSL(sslConfig); } break; } @@ -131,7 +139,7 @@ public class SSLConfigurationFactory { return sslConfig; } - private SSLConfig createSSLConfig(final SSLEnabledComponent sslEnabledComponent) { + private SSLConfig createSSLConfig(final SecurableComponent sslEnabledComponent) { SSLConfig sslConfig = new SSLConfig(); sslConfig.setCiphers(distributionConfig.getSSLCiphers()); sslConfig.setEnabled(determineIfSSLEnabledForSSLComponent(sslEnabledComponent)); @@ -146,11 +154,11 @@ public class SSLConfigurationFactory { return sslConfig; } - private boolean determineIfSSLEnabledForSSLComponent(final SSLEnabledComponent sslEnabledComponent) { - if (ArrayUtils.contains(distributionConfig.getSSLEnabledComponents(), SSLEnabledComponent.NONE)) { + private boolean determineIfSSLEnabledForSSLComponent(final SecurableComponent sslEnabledComponent) { + if (ArrayUtils.contains(distributionConfig.getSSLEnabledComponents(), SecurableComponent.NONE)) { return false; } - if (ArrayUtils.contains(distributionConfig.getSSLEnabledComponents(), SSLEnabledComponent.ALL)) { + if (ArrayUtils.contains(distributionConfig.getSSLEnabledComponents(), SecurableComponent.ALL)) { return true; } return ArrayUtils.contains(distributionConfig.getSSLEnabledComponents(), sslEnabledComponent) ? true : false; @@ -293,14 +301,13 @@ public class SSLConfigurationFactory { return propertyValue; } - private SSLConfig getRegisteredSSLConfigForComponent(final SSLEnabledComponent sslEnabledComponent) { + private SSLConfig getRegisteredSSLConfigForComponent(final SecurableComponent sslEnabledComponent) { return registeredSSLConfig.get(sslEnabledComponent); } public static void close() { getInstance().clearSSLConfigForAllComponents(); getInstance().distributionConfig = null; - instance = null; } private void clearSSLConfigForAllComponents() { http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/24545408/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SSLEnabledComponent.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SSLEnabledComponent.java b/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SSLEnabledComponent.java deleted file mode 100644 index fb9c776..0000000 --- a/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SSLEnabledComponent.java +++ /dev/null @@ -1,59 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package com.gemstone.gemfire.internal.net; - -import org.springframework.util.StringUtils; - -import com.gemstone.gemfire.GemFireConfigException; -import com.gemstone.gemfire.distributed.SSLEnabledComponents; - -public enum SSLEnabledComponent { - ALL(SSLEnabledComponents.ALL), - CLUSTER(SSLEnabledComponents.CLUSTER), - SERVER(SSLEnabledComponents.SERVER), - JMX(SSLEnabledComponents.JMX), - HTTP_SERVICE(SSLEnabledComponents.HTTP_SERVICE), - GATEWAY(SSLEnabledComponents.GATEWAY), - LOCATOR(SSLEnabledComponents.LOCATOR), - NONE(SSLEnabledComponents.NONE); - - private String constant; - - SSLEnabledComponent(final String constant) { - this.constant = constant; - } - - public static SSLEnabledComponent getEnum(String enumString) { - for (SSLEnabledComponent sslEnabledComponent : SSLEnabledComponent.values()) { - if (!StringUtils.isEmpty(enumString)) { - if (sslEnabledComponent.constant.equals(enumString)) { - return sslEnabledComponent; - } - } - } - throw new GemFireConfigException("There is no registered component for the name: " + enumString); - } - - public String getConstant() { - return constant; - } - - @Override - public String toString() { - return getConstant(); - } -} http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/24545408/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SocketCreator.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SocketCreator.java b/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SocketCreator.java index a11733a..0a2bfa3 100755 --- a/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SocketCreator.java +++ b/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SocketCreator.java @@ -96,6 +96,7 @@ import com.gemstone.gemfire.internal.cache.wan.TransportFilterSocketFactory; import com.gemstone.gemfire.internal.i18n.LocalizedStrings; import com.gemstone.gemfire.internal.logging.LogService; import com.gemstone.gemfire.internal.logging.log4j.LocalizedMessage; +import com.gemstone.gemfire.internal.security.SecurableComponent; import com.gemstone.gemfire.internal.util.PasswordUtil; /** @@ -330,7 +331,7 @@ public class SocketCreator { private void initialize() { try { // set p2p values... - if (SSLEnabledComponent.CLUSTER.equals(sslConfig.getSslEnabledComponent())) { + if (SecurableComponent.CLUSTER.equals(sslConfig.getSecuredComponent())) { if (this.sslConfig.isEnabled()) { System.setProperty("p2p.useSSL", "true"); System.setProperty("p2p.oldIO", "true"); http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/24545408/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SocketCreatorFactory.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SocketCreatorFactory.java b/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SocketCreatorFactory.java index bd30bfb..20b649c 100644 --- a/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SocketCreatorFactory.java +++ b/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SocketCreatorFactory.java @@ -24,15 +24,16 @@ import java.util.Vector; import org.apache.commons.lang.ArrayUtils; -import com.gemstone.gemfire.distributed.SSLEnabledComponents; +import com.gemstone.gemfire.GemFireConfigException; import com.gemstone.gemfire.distributed.internal.DistributionConfig; import com.gemstone.gemfire.distributed.internal.DistributionConfigImpl; import com.gemstone.gemfire.internal.admin.SSLConfig; +import com.gemstone.gemfire.internal.security.SecurableComponent; public class SocketCreatorFactory { private static SocketCreatorFactory instance = null; - private Map<SSLEnabledComponent, SocketCreator> socketCreators = new HashMap<>(); + private Map<SecurableComponent, SocketCreator> socketCreators = new HashMap<>(); private DistributionConfig distributionConfig; /** @@ -40,7 +41,7 @@ public class SocketCreatorFactory { */ private void initializeSocketCreators(final DistributionConfig distributionConfig) { if (distributionConfig == null) { - this.distributionConfig = new DistributionConfigImpl(new Properties()); + throw new GemFireConfigException("SocketCreatorFactory requires a valid distribution config."); } else { this.distributionConfig = distributionConfig; } @@ -58,24 +59,24 @@ public class SocketCreatorFactory { return getInstance(false); } - public static SocketCreator getSSLSocketCreatorForComponent(SSLEnabledComponent sslEnabledComponent) { + public static SocketCreator getSSLSocketCreatorForComponent(SecurableComponent sslEnabledComponent) { SSLConfig sslConfigForComponent = SSLConfigurationFactory.getSSLConfigForComponent(sslEnabledComponent); return getInstance().getOrCreateSocketCreatorForSSLEnabledComponent(sslEnabledComponent, sslConfigForComponent); } - private SocketCreator getSSLSocketCreator(final SSLEnabledComponent sslComponent, final DistributionConfig distributionConfig, final SSLConfig sslConfig) { + private SocketCreator getSSLSocketCreator(final SecurableComponent sslComponent, final DistributionConfig distributionConfig, final SSLConfig sslConfig) { if (sslConfig.isEnabled()) { - if (ArrayUtils.contains(distributionConfig.getSSLEnabledComponents(), SSLEnabledComponents.ALL)) { - return createSSLSocketCreator(SSLEnabledComponent.ALL, sslConfig); + if (ArrayUtils.contains(distributionConfig.getSSLEnabledComponents(), SecurableComponent.ALL)) { + return createSSLSocketCreator(SecurableComponent.ALL, sslConfig); } else if (ArrayUtils.contains(distributionConfig.getSSLEnabledComponents(), sslComponent)) { return createSSLSocketCreator(sslComponent, sslConfig); } } - return createSSLSocketCreator(SSLEnabledComponent.NONE, sslConfig); + return createSSLSocketCreator(SecurableComponent.NONE, sslConfig); } - private SocketCreator getOrCreateSocketCreatorForSSLEnabledComponent(final SSLEnabledComponent sslEnabledComponent, final SSLConfig sslConfig) { + private SocketCreator getOrCreateSocketCreatorForSSLEnabledComponent(final SecurableComponent sslEnabledComponent, final SSLConfig sslConfig) { SocketCreator socketCreator = getSocketCreatorForComponent(sslEnabledComponent); if (socketCreator == null) { return getSSLSocketCreator(sslEnabledComponent, distributionConfig, sslConfig); @@ -84,26 +85,26 @@ public class SocketCreatorFactory { } } - private SocketCreator createSSLSocketCreator(final SSLEnabledComponent sslEnableComponent, final SSLConfig sslConfig) { + private SocketCreator createSSLSocketCreator(final SecurableComponent sslEnableComponent, final SSLConfig sslConfig) { SocketCreator socketCreator = null; if (sslConfig.isEnabled()) { socketCreator = new SocketCreator(sslConfig); addSocketCreatorForComponent(sslEnableComponent, socketCreator); } else { - socketCreator = getSocketCreatorForComponent(SSLEnabledComponent.NONE); + socketCreator = getSocketCreatorForComponent(SecurableComponent.NONE); if (socketCreator == null) { socketCreator = new SocketCreator(sslConfig); - addSocketCreatorForComponent(SSLEnabledComponent.NONE, socketCreator); + addSocketCreatorForComponent(SecurableComponent.NONE, socketCreator); } } return socketCreator; } - private synchronized void addSocketCreatorForComponent(SSLEnabledComponent sslEnabledComponent, SocketCreator socketCreator) { + private synchronized void addSocketCreatorForComponent(SecurableComponent sslEnabledComponent, SocketCreator socketCreator) { socketCreators.put(sslEnabledComponent, socketCreator); } - private synchronized SocketCreator getSocketCreatorForComponent(SSLEnabledComponent sslEnabledComponent) { + private synchronized SocketCreator getSocketCreatorForComponent(SecurableComponent sslEnabledComponent) { return socketCreators.get(sslEnabledComponent); } @@ -150,7 +151,6 @@ public class SocketCreatorFactory { if (socketCreatorFactory != null) { socketCreatorFactory.clearSocketCreators(); socketCreatorFactory.distributionConfig = null; - SocketCreatorFactory.instance = null; SSLConfigurationFactory.close(); } } http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/24545408/geode-core/src/main/java/com/gemstone/gemfire/internal/security/SecurableComponent.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/com/gemstone/gemfire/internal/security/SecurableComponent.java b/geode-core/src/main/java/com/gemstone/gemfire/internal/security/SecurableComponent.java index ff78b9e..d3c57aa 100644 --- a/geode-core/src/main/java/com/gemstone/gemfire/internal/security/SecurableComponent.java +++ b/geode-core/src/main/java/com/gemstone/gemfire/internal/security/SecurableComponent.java @@ -28,6 +28,7 @@ public enum SecurableComponent { JMX(SecurableComponents.JMX), HTTP_SERVICE(SecurableComponents.HTTP_SERVICE), GATEWAY(SecurableComponents.GATEWAY), + LOCATOR(SecurableComponents.LOCATOR), NONE("NO_COMPONENT"); private final String constant; @@ -39,7 +40,7 @@ public enum SecurableComponent { public static SecurableComponent getEnum(String enumString) { for (SecurableComponent securableComponent : SecurableComponent.values()) { if (!StringUtils.isEmpty(enumString)) { - if (securableComponent.constant.equals(enumString)) { + if (securableComponent.constant.equalsIgnoreCase(enumString)) { return securableComponent; } } http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/24545408/geode-core/src/main/java/com/gemstone/gemfire/internal/tcp/TCPConduit.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/com/gemstone/gemfire/internal/tcp/TCPConduit.java b/geode-core/src/main/java/com/gemstone/gemfire/internal/tcp/TCPConduit.java index b8e067c..d97a479 100644 --- a/geode-core/src/main/java/com/gemstone/gemfire/internal/tcp/TCPConduit.java +++ b/geode-core/src/main/java/com/gemstone/gemfire/internal/tcp/TCPConduit.java @@ -60,9 +60,9 @@ import com.gemstone.gemfire.internal.logging.LoggingThreadGroup; import com.gemstone.gemfire.internal.logging.log4j.AlertAppender; import com.gemstone.gemfire.internal.logging.log4j.LocalizedMessage; import com.gemstone.gemfire.internal.logging.log4j.LogMarker; -import com.gemstone.gemfire.internal.net.SSLEnabledComponent; import com.gemstone.gemfire.internal.net.SocketCreator; import com.gemstone.gemfire.internal.net.SocketCreatorFactory; +import com.gemstone.gemfire.internal.security.SecurableComponent; /** * <p>TCPConduit manages a server socket and a collection of connections to @@ -283,7 +283,7 @@ public class TCPConduit implements Runnable { } } - this.socketCreator = SocketCreatorFactory.getSSLSocketCreatorForComponent(SSLEnabledComponent.CLUSTER); + this.socketCreator = SocketCreatorFactory.getSSLSocketCreatorForComponent(SecurableComponent.CLUSTER); startAcceptor(); } http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/24545408/geode-core/src/main/java/com/gemstone/gemfire/management/internal/JettyHelper.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/JettyHelper.java b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/JettyHelper.java index 8724d73..569cb7b 100644 --- a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/JettyHelper.java +++ b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/JettyHelper.java @@ -37,7 +37,7 @@ import com.gemstone.gemfire.internal.admin.SSLConfig; import com.gemstone.gemfire.internal.lang.StringUtils; import com.gemstone.gemfire.internal.logging.LogService; import com.gemstone.gemfire.internal.net.SSLConfigurationFactory; -import com.gemstone.gemfire.internal.net.SSLEnabledComponent; +import com.gemstone.gemfire.internal.security.SecurableComponent; /** * @since GemFire 8.1 @@ -197,7 +197,7 @@ public class JettyHelper { if (args.length > 1) { System.out.printf("Temporary Directory @ ($1%s)%n", USER_DIR); - final Server jetty = JettyHelper.initJetty(null, 8090, SSLConfigurationFactory.getSSLConfigForComponent(SSLEnabledComponent.HTTP_SERVICE)); + final Server jetty = JettyHelper.initJetty(null, 8090, SSLConfigurationFactory.getSSLConfigForComponent(SecurableComponent.HTTP_SERVICE)); for (int index = 0; index < args.length; index += 2) { final String webAppContext = args[index]; http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/24545408/geode-core/src/main/java/com/gemstone/gemfire/management/internal/ManagementAgent.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/ManagementAgent.java b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/ManagementAgent.java index d4baf0e..dc17391 100755 --- a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/ManagementAgent.java +++ b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/ManagementAgent.java @@ -58,10 +58,10 @@ import com.gemstone.gemfire.internal.cache.GemFireCacheImpl; import com.gemstone.gemfire.internal.lang.StringUtils; import com.gemstone.gemfire.internal.logging.LogService; import com.gemstone.gemfire.internal.net.SSLConfigurationFactory; -import com.gemstone.gemfire.internal.net.SSLEnabledComponent; import com.gemstone.gemfire.internal.net.SocketCreator; import com.gemstone.gemfire.internal.net.SocketCreatorFactory; import com.gemstone.gemfire.internal.security.GeodeSecurityUtil; +import com.gemstone.gemfire.internal.security.SecurableComponent; import com.gemstone.gemfire.internal.security.shiro.JMXShiroAuthenticator; import com.gemstone.gemfire.internal.tcp.TCPConduit; import com.gemstone.gemfire.management.ManagementException; @@ -228,7 +228,7 @@ public class ManagementAgent { boolean isRestWebAppAdded = false; - this.httpServer = JettyHelper.initJetty(bindAddress, port, SSLConfigurationFactory.getSSLConfigForComponent(SSLEnabledComponent.HTTP_SERVICE)); + this.httpServer = JettyHelper.initJetty(bindAddress, port, SSLConfigurationFactory.getSSLConfigForComponent(SecurableComponent.HTTP_SERVICE)); if (agentUtil.isWebApplicationAvailable(gemfireWar)) { this.httpServer = JettyHelper @@ -337,10 +337,8 @@ public class ManagementAgent { /** * http://docs.oracle.com/javase/6/docs/technotes/guides/management/agent.html * #gdfvq https://blogs.oracle.com/jmxetc/entry/java_5_premain_rmi_connectors - * https - * ://blogs.oracle.com/jmxetc/entry/building_a_remotely_stoppable_connector - * https - * ://blogs.oracle.com/jmxetc/entry/jmx_connecting_through_firewalls_using + * https://blogs.oracle.com/jmxetc/entry/building_a_remotely_stoppable_connector + * https://blogs.oracle.com/jmxetc/entry/jmx_connecting_through_firewalls_using */ private void configureAndStart() throws IOException { // KIRK: I copied this from @@ -359,7 +357,7 @@ public class ManagementAgent { bindAddr = InetAddress.getByName(hostname); } - final SocketCreator socketCreator = SocketCreatorFactory.getSSLSocketCreatorForComponent(SSLEnabledComponent.JMX); + final SocketCreator socketCreator = SocketCreatorFactory.getSSLSocketCreatorForComponent(SecurableComponent.JMX); final boolean ssl = socketCreator.useSSL(); http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/24545408/geode-core/src/main/java/com/gemstone/gemfire/management/internal/RestAgent.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/RestAgent.java b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/RestAgent.java index 110d447..a8c480b 100644 --- a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/RestAgent.java +++ b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/RestAgent.java @@ -31,13 +31,12 @@ import com.gemstone.gemfire.cache.RegionAttributes; import com.gemstone.gemfire.cache.Scope; import com.gemstone.gemfire.distributed.internal.DistributionConfig; import com.gemstone.gemfire.internal.GemFireVersion; -import com.gemstone.gemfire.internal.admin.SSLConfig; import com.gemstone.gemfire.internal.net.SSLConfigurationFactory; -import com.gemstone.gemfire.internal.net.SSLEnabledComponent; import com.gemstone.gemfire.internal.net.SocketCreator; import com.gemstone.gemfire.internal.cache.GemFireCacheImpl; import com.gemstone.gemfire.internal.cache.InternalRegionArguments; import com.gemstone.gemfire.internal.logging.LogService; +import com.gemstone.gemfire.internal.security.SecurableComponent; import com.gemstone.gemfire.management.ManagementService; /** @@ -134,7 +133,7 @@ public class RestAgent { final int port = this.config.getHttpServicePort(); - this.httpServer = JettyHelper.initJetty(httpServiceBindAddress, port, SSLConfigurationFactory.getSSLConfigForComponent(SSLEnabledComponent.HTTP_SERVICE)); + this.httpServer = JettyHelper.initJetty(httpServiceBindAddress, port, SSLConfigurationFactory.getSSLConfigForComponent(SecurableComponent.HTTP_SERVICE)); this.httpServer = JettyHelper.addWebApplication(httpServer, "/gemfire-api", gemfireAPIWar); this.httpServer = JettyHelper.addWebApplication(httpServer, "/geode", gemfireAPIWar); http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/24545408/geode-core/src/main/java/org/apache/geode/security/SecurableComponents.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/org/apache/geode/security/SecurableComponents.java b/geode-core/src/main/java/org/apache/geode/security/SecurableComponents.java index a7ae766..2c739b9 100644 --- a/geode-core/src/main/java/org/apache/geode/security/SecurableComponents.java +++ b/geode-core/src/main/java/org/apache/geode/security/SecurableComponents.java @@ -54,4 +54,9 @@ public interface SecurableComponents { * <U>Since</U>: Geode 1.0 */ String GATEWAY = "gateway"; + /** + * This determines that the locator communication will be secured. + * <U>Since</U>: Geode 1.0 + */ + String LOCATOR = "locator"; } http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/24545408/geode-core/src/test/java/com/gemstone/gemfire/cache/client/internal/CacheServerSSLConnectionDUnitTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/com/gemstone/gemfire/cache/client/internal/CacheServerSSLConnectionDUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/cache/client/internal/CacheServerSSLConnectionDUnitTest.java index 6d524ef..5884c1f 100644 --- a/geode-core/src/test/java/com/gemstone/gemfire/cache/client/internal/CacheServerSSLConnectionDUnitTest.java +++ b/geode-core/src/test/java/com/gemstone/gemfire/cache/client/internal/CacheServerSSLConnectionDUnitTest.java @@ -37,8 +37,8 @@ import com.gemstone.gemfire.cache.client.ClientCacheFactory; import com.gemstone.gemfire.cache.client.ClientRegionFactory; import com.gemstone.gemfire.cache.client.ClientRegionShortcut; import com.gemstone.gemfire.cache.server.CacheServer; -import com.gemstone.gemfire.internal.net.SSLEnabledComponent; import com.gemstone.gemfire.internal.net.SocketCreatorFactory; +import com.gemstone.gemfire.internal.security.SecurableComponent; import com.gemstone.gemfire.security.AuthenticationRequiredException; import com.gemstone.gemfire.test.dunit.Host; import com.gemstone.gemfire.test.dunit.IgnoredException; @@ -111,7 +111,7 @@ public class CacheServerSSLConnectionDUnitTest extends JUnit4DistributedTestCase String cacheServerSslciphers = "any"; boolean cacheServerSslRequireAuth = true; if (!legacy) { - gemFireProps.put(SSL_ENABLED_COMPONENTS, SSLEnabledComponent.CLUSTER+","+SSLEnabledComponent.SERVER); + gemFireProps.put(SSL_ENABLED_COMPONENTS, SecurableComponent.CLUSTER + "," + SecurableComponent.SERVER); gemFireProps.put(SSL_PROTOCOLS, cacheServerSslprotocols); gemFireProps.put(SSL_CIPHERS, cacheServerSslciphers); gemFireProps.put(SSL_REQUIRE_AUTHENTICATION, String.valueOf(cacheServerSslRequireAuth)); @@ -248,14 +248,12 @@ public class CacheServerSSLConnectionDUnitTest extends JUnit4DistributedTestCase public static void closeCacheTask() { if (instance != null && instance.cache != null) { instance.cache.close(); - SocketCreatorFactory.close(); } } public static void closeClientCacheTask() { if (instance != null && instance.clientCache != null) { instance.clientCache.close(); - SocketCreatorFactory.close(); } } http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/24545408/geode-core/src/test/java/com/gemstone/gemfire/distributed/LocatorDUnitTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/com/gemstone/gemfire/distributed/LocatorDUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/distributed/LocatorDUnitTest.java index 530cf20..4a82789 100755 --- a/geode-core/src/test/java/com/gemstone/gemfire/distributed/LocatorDUnitTest.java +++ b/geode-core/src/test/java/com/gemstone/gemfire/distributed/LocatorDUnitTest.java @@ -55,8 +55,8 @@ import com.gemstone.gemfire.internal.AvailablePortHelper; import com.gemstone.gemfire.internal.cache.GemFireCacheImpl; import com.gemstone.gemfire.internal.logging.InternalLogWriter; import com.gemstone.gemfire.internal.logging.LocalLogWriter; -import com.gemstone.gemfire.internal.net.SSLEnabledComponent; import com.gemstone.gemfire.internal.net.SocketCreatorFactory; +import com.gemstone.gemfire.internal.security.SecurableComponent; import com.gemstone.gemfire.internal.tcp.Connection; import com.gemstone.gemfire.test.dunit.DistributedTestUtils; import com.gemstone.gemfire.test.dunit.Host; @@ -366,7 +366,7 @@ public class LocatorDUnitTest extends JUnit4DistributedTestCase { properties.put(SSL_KEYSTORE_TYPE, "JKS"); properties.put(SSL_TRUSTSTORE, getSingleKeyKeystore()); properties.put(SSL_TRUSTSTORE_PASSWORD, "password"); - properties.put(SSL_ENABLED_COMPONENTS, SSLEnabledComponent.LOCATOR.getConstant()); + properties.put(SSL_ENABLED_COMPONENTS, SecurableComponent.LOCATOR.getConstant()); try { loc2.invoke("startLocator2", () -> startLocatorWithPortAndProperties(port2, properties)); @@ -415,7 +415,7 @@ public class LocatorDUnitTest extends JUnit4DistributedTestCase { properties.put(SSL_TRUSTSTORE, getMultiKeyTruststore()); properties.put(SSL_TRUSTSTORE_PASSWORD, "password"); properties.put(SSL_LOCATOR_ALIAS, "locatorkey"); - properties.put(SSL_ENABLED_COMPONENTS, SSLEnabledComponent.LOCATOR.getConstant()); + properties.put(SSL_ENABLED_COMPONENTS, SecurableComponent.LOCATOR.getConstant()); try { @@ -466,7 +466,7 @@ public class LocatorDUnitTest extends JUnit4DistributedTestCase { properties.put(SSL_TRUSTSTORE, getSingleKeyKeystore()); properties.put(SSL_TRUSTSTORE_PASSWORD, "password"); properties.put(SSL_REQUIRE_AUTHENTICATION, "true"); - properties.put(SSL_ENABLED_COMPONENTS, SSLEnabledComponent.LOCATOR.getConstant()); + properties.put(SSL_ENABLED_COMPONENTS, SecurableComponent.LOCATOR.getConstant()); try { loc1.invoke("start Locator1", () -> startLocator(port1, properties)); @@ -532,7 +532,7 @@ public class LocatorDUnitTest extends JUnit4DistributedTestCase { properties.put(SSL_TRUSTSTORE, getSingleKeyKeystore()); properties.put(SSL_TRUSTSTORE_PASSWORD, "password"); properties.put(SSL_REQUIRE_AUTHENTICATION, "true"); - properties.put(SSL_ENABLED_COMPONENTS, SSLEnabledComponent.LOCATOR.getConstant()); + properties.put(SSL_ENABLED_COMPONENTS, SecurableComponent.LOCATOR.getConstant()); loc2.invoke("start Locator2", () -> startLocator(port2, properties)); } finally { @@ -583,7 +583,7 @@ public class LocatorDUnitTest extends JUnit4DistributedTestCase { properties.put(SSL_TRUSTSTORE, getSingleKeyKeystore()); properties.put(SSL_TRUSTSTORE_PASSWORD, "password"); properties.put(SSL_REQUIRE_AUTHENTICATION, "true"); - properties.put(SSL_ENABLED_COMPONENTS, SSLEnabledComponent.LOCATOR.getConstant()); + properties.put(SSL_ENABLED_COMPONENTS, SecurableComponent.LOCATOR.getConstant()); try { loc1.invoke("start Locator1", () -> startLocator(port1, properties)); http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/24545408/geode-core/src/test/java/com/gemstone/gemfire/distributed/LocatorLauncherLocalIntegrationTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/com/gemstone/gemfire/distributed/LocatorLauncherLocalIntegrationTest.java b/geode-core/src/test/java/com/gemstone/gemfire/distributed/LocatorLauncherLocalIntegrationTest.java index 48778f3..9d3556e 100755 --- a/geode-core/src/test/java/com/gemstone/gemfire/distributed/LocatorLauncherLocalIntegrationTest.java +++ b/geode-core/src/test/java/com/gemstone/gemfire/distributed/LocatorLauncherLocalIntegrationTest.java @@ -21,12 +21,11 @@ import com.gemstone.gemfire.distributed.LocatorLauncher.Builder; import com.gemstone.gemfire.distributed.LocatorLauncher.LocatorState; import com.gemstone.gemfire.distributed.internal.InternalLocator; import com.gemstone.gemfire.internal.*; -import com.gemstone.gemfire.internal.net.SSLEnabledComponent; -import com.gemstone.gemfire.internal.net.SocketCreator; import com.gemstone.gemfire.internal.net.SocketCreatorFactory; import com.gemstone.gemfire.internal.process.ProcessControllerFactory; import com.gemstone.gemfire.internal.process.ProcessType; import com.gemstone.gemfire.internal.process.ProcessUtils; +import com.gemstone.gemfire.internal.security.SecurableComponent; import com.gemstone.gemfire.test.junit.categories.IntegrationTest; import com.gemstone.gemfire.test.junit.runners.CategoryWithParameterizedRunnerFactory; import org.junit.After; @@ -328,7 +327,7 @@ public class LocatorLauncherLocalIntegrationTest extends AbstractLocatorLauncher return; } - this.socket = SocketCreatorFactory.getSSLSocketCreatorForComponent(SSLEnabledComponent.CLUSTER).createServerSocket(this.locatorPort, 50, null, -1); + this.socket = SocketCreatorFactory.getSSLSocketCreatorForComponent(SecurableComponent.CLUSTER).createServerSocket(this.locatorPort, 50, null, -1); assertTrue(this.socket.isBound()); assertFalse(this.socket.isClosed()); assertFalse(AvailablePort.isPortAvailable(this.locatorPort, AvailablePort.SOCKET)); @@ -545,7 +544,7 @@ public class LocatorLauncherLocalIntegrationTest extends AbstractLocatorLauncher } // generate one free port and then use it instead of default - this.socket = SocketCreatorFactory.getSSLSocketCreatorForComponent(SSLEnabledComponent.CLUSTER).createServerSocket(this.locatorPort, 50, null, -1); + this.socket = SocketCreatorFactory.getSSLSocketCreatorForComponent(SecurableComponent.CLUSTER).createServerSocket(this.locatorPort, 50, null, -1); this.launcher = new Builder() .setMemberName(getUniqueName()) http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/24545408/geode-core/src/test/java/com/gemstone/gemfire/distributed/LocatorLauncherRemoteIntegrationTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/com/gemstone/gemfire/distributed/LocatorLauncherRemoteIntegrationTest.java b/geode-core/src/test/java/com/gemstone/gemfire/distributed/LocatorLauncherRemoteIntegrationTest.java index a94f6bd..a788b1d 100755 --- a/geode-core/src/test/java/com/gemstone/gemfire/distributed/LocatorLauncherRemoteIntegrationTest.java +++ b/geode-core/src/test/java/com/gemstone/gemfire/distributed/LocatorLauncherRemoteIntegrationTest.java @@ -20,12 +20,9 @@ import com.gemstone.gemfire.distributed.AbstractLauncher.Status; import com.gemstone.gemfire.distributed.LocatorLauncher.Builder; import com.gemstone.gemfire.distributed.LocatorLauncher.LocatorState; import com.gemstone.gemfire.distributed.internal.DistributionConfig; -import com.gemstone.gemfire.distributed.internal.DistributionConfigImpl; import com.gemstone.gemfire.internal.AvailablePort; import com.gemstone.gemfire.internal.DistributionLocator; import com.gemstone.gemfire.internal.GemFireVersion; -import com.gemstone.gemfire.internal.net.SSLEnabledComponent; -import com.gemstone.gemfire.internal.net.SocketCreator; import com.gemstone.gemfire.internal.logging.InternalLogWriter; import com.gemstone.gemfire.internal.logging.LocalLogWriter; import com.gemstone.gemfire.internal.net.SocketCreatorFactory; @@ -33,6 +30,7 @@ import com.gemstone.gemfire.internal.process.ProcessControllerFactory; import com.gemstone.gemfire.internal.process.ProcessStreamReader; import com.gemstone.gemfire.internal.process.ProcessType; import com.gemstone.gemfire.internal.process.ProcessUtils; +import com.gemstone.gemfire.internal.security.SecurableComponent; import com.gemstone.gemfire.test.junit.categories.FlakyTest; import com.gemstone.gemfire.test.junit.categories.IntegrationTest; import com.gemstone.gemfire.test.junit.runners.CategoryWithParameterizedRunnerFactory; @@ -401,7 +399,7 @@ public class LocatorLauncherRemoteIntegrationTest extends AbstractLocatorLaunche @Test public void testStartUsingPortInUseFails() throws Throwable { - this.socket = SocketCreatorFactory.getSSLSocketCreatorForComponent(SSLEnabledComponent.CLUSTER).createServerSocket(this.locatorPort, 50, null, -1); + this.socket = SocketCreatorFactory.getSSLSocketCreatorForComponent(SecurableComponent.CLUSTER).createServerSocket(this.locatorPort, 50, null, -1); this.locatorPort = this.socket.getLocalPort(); final List<String> jvmArguments = getJvmArguments(); @@ -473,7 +471,7 @@ public class LocatorLauncherRemoteIntegrationTest extends AbstractLocatorLaunche String expectedString = "java.net.BindException"; AtomicBoolean outputContainedExpectedString = new AtomicBoolean(); - this.socket = SocketCreatorFactory.getSSLSocketCreatorForComponent(SSLEnabledComponent.CLUSTER).createServerSocket(this.locatorPort, 50, null, -1); + this.socket = SocketCreatorFactory.getSSLSocketCreatorForComponent(SecurableComponent.CLUSTER).createServerSocket(this.locatorPort, 50, null, -1); this.locatorPort = this.socket.getLocalPort(); assertFalse(AvailablePort.isPortAvailable(this.locatorPort, AvailablePort.SOCKET)); http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/24545408/geode-core/src/test/java/com/gemstone/gemfire/distributed/ServerLauncherLocalIntegrationTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/com/gemstone/gemfire/distributed/ServerLauncherLocalIntegrationTest.java b/geode-core/src/test/java/com/gemstone/gemfire/distributed/ServerLauncherLocalIntegrationTest.java index cfc3960..32ed996 100755 --- a/geode-core/src/test/java/com/gemstone/gemfire/distributed/ServerLauncherLocalIntegrationTest.java +++ b/geode-core/src/test/java/com/gemstone/gemfire/distributed/ServerLauncherLocalIntegrationTest.java @@ -27,8 +27,6 @@ import com.gemstone.gemfire.distributed.ServerLauncher.ServerState; import com.gemstone.gemfire.internal.AvailablePort; import com.gemstone.gemfire.internal.AvailablePortHelper; import com.gemstone.gemfire.internal.GemFireVersion; -import com.gemstone.gemfire.internal.net.SSLEnabledComponent; -import com.gemstone.gemfire.internal.net.SocketCreator; import com.gemstone.gemfire.internal.cache.AbstractCacheServer; import com.gemstone.gemfire.internal.cache.xmlcache.CacheCreation; import com.gemstone.gemfire.internal.cache.xmlcache.CacheXmlGenerator; @@ -37,6 +35,7 @@ import com.gemstone.gemfire.internal.net.SocketCreatorFactory; import com.gemstone.gemfire.internal.process.ProcessControllerFactory; import com.gemstone.gemfire.internal.process.ProcessType; import com.gemstone.gemfire.internal.process.ProcessUtils; +import com.gemstone.gemfire.internal.security.SecurableComponent; import com.gemstone.gemfire.test.junit.categories.IntegrationTest; import org.junit.After; import org.junit.Before; @@ -351,7 +350,7 @@ public class ServerLauncherLocalIntegrationTest extends AbstractServerLauncherIn String rootFolder = this.temporaryFolder.getRoot().getCanonicalPath(); // generate one free port and then use TEST_OVERRIDE_DEFAULT_PORT_PROPERTY - this.socket = SocketCreatorFactory.getSSLSocketCreatorForComponent(SSLEnabledComponent.CLUSTER).createServerSocket(this.serverPort, 50, null, -1); + this.socket = SocketCreatorFactory.getSSLSocketCreatorForComponent(SecurableComponent.CLUSTER).createServerSocket(this.serverPort, 50, null, -1); assertFalse(AvailablePort.isPortAvailable(this.serverPort, AvailablePort.SOCKET)); // build and start the server @@ -610,7 +609,7 @@ public class ServerLauncherLocalIntegrationTest extends AbstractServerLauncherIn String rootFolder = this.temporaryFolder.getRoot().getCanonicalPath(); // generate one free port and then use TEST_OVERRIDE_DEFAULT_PORT_PROPERTY - this.socket = SocketCreatorFactory.getSSLSocketCreatorForComponent(SSLEnabledComponent.CLUSTER).createServerSocket(this.serverPort, 50, null, -1); + this.socket = SocketCreatorFactory.getSSLSocketCreatorForComponent(SecurableComponent.CLUSTER).createServerSocket(this.serverPort, 50, null, -1); assertFalse(AvailablePort.isPortAvailable(this.serverPort, AvailablePort.SOCKET)); // build and start the server @@ -771,7 +770,7 @@ public class ServerLauncherLocalIntegrationTest extends AbstractServerLauncherIn // generate one free port and then use TEST_OVERRIDE_DEFAULT_PORT_PROPERTY final int freeTCPPort = AvailablePort.getRandomAvailablePort(AvailablePort.SOCKET); - this.socket = SocketCreatorFactory.getSSLSocketCreatorForComponent(SSLEnabledComponent.CLUSTER).createServerSocket(freeTCPPort, 50, null, -1); + this.socket = SocketCreatorFactory.getSSLSocketCreatorForComponent(SecurableComponent.CLUSTER).createServerSocket(freeTCPPort, 50, null, -1); // build and start the server final Builder builder = new Builder() http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/24545408/geode-core/src/test/java/com/gemstone/gemfire/distributed/ServerLauncherRemoteIntegrationTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/com/gemstone/gemfire/distributed/ServerLauncherRemoteIntegrationTest.java b/geode-core/src/test/java/com/gemstone/gemfire/distributed/ServerLauncherRemoteIntegrationTest.java index 96686a0..6483a9b 100755 --- a/geode-core/src/test/java/com/gemstone/gemfire/distributed/ServerLauncherRemoteIntegrationTest.java +++ b/geode-core/src/test/java/com/gemstone/gemfire/distributed/ServerLauncherRemoteIntegrationTest.java @@ -25,8 +25,6 @@ import com.gemstone.gemfire.distributed.internal.DistributionConfig; import com.gemstone.gemfire.internal.AvailablePort; import com.gemstone.gemfire.internal.AvailablePortHelper; import com.gemstone.gemfire.internal.GemFireVersion; -import com.gemstone.gemfire.internal.net.SSLEnabledComponent; -import com.gemstone.gemfire.internal.net.SocketCreator; import com.gemstone.gemfire.internal.cache.AbstractCacheServer; import com.gemstone.gemfire.internal.cache.xmlcache.CacheCreation; import com.gemstone.gemfire.internal.cache.xmlcache.CacheXmlGenerator; @@ -35,6 +33,7 @@ import com.gemstone.gemfire.internal.logging.InternalLogWriter; import com.gemstone.gemfire.internal.logging.LocalLogWriter; import com.gemstone.gemfire.internal.net.SocketCreatorFactory; import com.gemstone.gemfire.internal.process.*; +import com.gemstone.gemfire.internal.security.SecurableComponent; import com.gemstone.gemfire.test.junit.categories.FlakyTest; import com.gemstone.gemfire.test.junit.categories.IntegrationTest; import com.gemstone.gemfire.test.process.ProcessWrapper; @@ -429,7 +428,7 @@ public class ServerLauncherRemoteIntegrationTest extends AbstractServerLauncherR @Test public void testStartUsingDisableDefaultServerSkipsPortCheck() throws Throwable { // make serverPort in use - this.socket = SocketCreatorFactory.getSSLSocketCreatorForComponent(SSLEnabledComponent.CLUSTER).createServerSocket(this.serverPort, 50, null, -1); + this.socket = SocketCreatorFactory.getSSLSocketCreatorForComponent(SecurableComponent.CLUSTER).createServerSocket(this.serverPort, 50, null, -1); assertFalse(AvailablePort.isPortAvailable(this.serverPort, AvailablePort.SOCKET)); // build and start the server @@ -553,7 +552,7 @@ public class ServerLauncherRemoteIntegrationTest extends AbstractServerLauncherR @Test public void testStartUsingServerPortInUseFails() throws Throwable { // make serverPort in use - this.socket = SocketCreatorFactory.getSSLSocketCreatorForComponent(SSLEnabledComponent.CLUSTER).createServerSocket(this.serverPort, 50, null, -1); + this.socket = SocketCreatorFactory.getSSLSocketCreatorForComponent(SecurableComponent.CLUSTER).createServerSocket(this.serverPort, 50, null, -1); assertFalse(AvailablePort.isPortAvailable(this.serverPort, AvailablePort.SOCKET)); final List<String> jvmArguments = getJvmArguments(); @@ -800,7 +799,7 @@ public class ServerLauncherRemoteIntegrationTest extends AbstractServerLauncherR AtomicBoolean outputContainedExpectedString = new AtomicBoolean(); // make serverPort in use - this.socket = SocketCreatorFactory.getSSLSocketCreatorForComponent(SSLEnabledComponent.CLUSTER).createServerSocket(this.serverPort, 50, null, -1); + this.socket = SocketCreatorFactory.getSSLSocketCreatorForComponent(SecurableComponent.CLUSTER).createServerSocket(this.serverPort, 50, null, -1); assertFalse(AvailablePort.isPortAvailable(this.serverPort, AvailablePort.SOCKET)); // launch server
