Repository: incubator-geode Updated Branches: refs/heads/feature/GEODE-420 6853f56dd -> 9626269f3
GEODE-1792: ssl-ciphers and ssl-protocols are comma delimited. Changed JMX_MANAGER_SSL_ALIAS -> JMX_SSL_ALIAS Project: http://git-wip-us.apache.org/repos/asf/incubator-geode/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-geode/commit/156d2d15 Tree: http://git-wip-us.apache.org/repos/asf/incubator-geode/tree/156d2d15 Diff: http://git-wip-us.apache.org/repos/asf/incubator-geode/diff/156d2d15 Branch: refs/heads/feature/GEODE-420 Commit: 156d2d151c714ece94604f1ac0f0563af096fd8c Parents: c6f5997 Author: Udo Kohlmeyer <[email protected]> Authored: Tue Sep 6 15:50:18 2016 +1000 Committer: Udo Kohlmeyer <[email protected]> Committed: Tue Sep 6 15:50:18 2016 +1000 ---------------------------------------------------------------------- .../distributed/ConfigurationProperties.java | 6 +- .../internal/AbstractDistributionConfig.java | 2 +- .../internal/DistributionConfig.java | 16 +- .../internal/DistributionConfigImpl.java | 18 ++- .../internal/net/SSLConfigurationFactory.java | 2 +- .../gemfire/internal/net/SocketCreator.java | 3 +- .../gemfire/management/GemFireProperties.java | 161 ++++++++++++++++++- .../internal/beans/BeanUtilFuncs.java | 17 ++ .../gemfire/distributed/LocatorDUnitTest.java | 5 +- .../net/SSLConfigurationFactoryTest.java | 2 +- .../net/SocketCreatorFactoryJUnitTest.java | 4 +- .../gemfire/management/JMXMBeanDUnitTest.java | 6 +- 12 files changed, 206 insertions(+), 36 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/156d2d15/geode-core/src/main/java/com/gemstone/gemfire/distributed/ConfigurationProperties.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/com/gemstone/gemfire/distributed/ConfigurationProperties.java b/geode-core/src/main/java/com/gemstone/gemfire/distributed/ConfigurationProperties.java index df85aca..6db4142 100644 --- a/geode-core/src/main/java/com/gemstone/gemfire/distributed/ConfigurationProperties.java +++ b/geode-core/src/main/java/com/gemstone/gemfire/distributed/ConfigurationProperties.java @@ -849,7 +849,7 @@ public interface ConfigurationProperties { * <U>Default</U>: "" </p> * <U>Since</U>: Geode 1.0 */ - String SSL_JMX_MANAGER_ALIAS = "ssl-jmx-alias"; + String SSL_JMX_ALIAS = "ssl-jmx-alias"; /** * The static String definition of the <i>"jmx-manager-ssl-ciphers"</i> property * <a name="jmx-manager-ssl-ciphers"/a></p> @@ -871,7 +871,7 @@ public interface ConfigurationProperties { * Ignored if jmx-manager is false. * </p> * <U>Default</U>: "false" - * @deprecated Since Geode 1.0 use {@link #SSL_ENABLED_COMPONENTS} with optional {@link #SSL_JMX_MANAGER_ALIAS} + * @deprecated Since Geode 1.0 use {@link #SSL_ENABLED_COMPONENTS} with optional {@link #SSL_JMX_ALIAS} */ @Deprecated String JMX_MANAGER_SSL_ENABLED = "jmx-manager-ssl-enabled"; @@ -1813,7 +1813,7 @@ public interface ConfigurationProperties { * * <U>Description</U>This property will be set when using multi-key keystores. This will define the alias that * the ssl connection factory would use when no alias has been set for the different component aliases. - * {@link #SSL_CLUSTER_ALIAS}, {@link #SSL_SERVER_ALIAS},{@link #SSL_LOCATOR_ALIAS},{@link #SSL_GATEWAY_ALIAS},{@link #SSL_JMX_MANAGER_ALIAS} , {@link #SSL_HTTP_SERVICE_ALIAS} + * {@link #SSL_CLUSTER_ALIAS}, {@link #SSL_SERVER_ALIAS},{@link #SSL_LOCATOR_ALIAS},{@link #SSL_GATEWAY_ALIAS},{@link #SSL_JMX_ALIAS} , {@link #SSL_HTTP_SERVICE_ALIAS} * </p> * <U>Default</U>: ""</p> * <U>Since</U>: Geode 1.0 http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/156d2d15/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/AbstractDistributionConfig.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/AbstractDistributionConfig.java b/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/AbstractDistributionConfig.java index f92511e..ce77c5e 100644 --- a/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/AbstractDistributionConfig.java +++ b/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/AbstractDistributionConfig.java @@ -885,7 +885,7 @@ public abstract class AbstractDistributionConfig extends AbstractConfig implemen m.put(JMX_MANAGER, "If true then this member is willing to be a jmx manager. Defaults to false except on a locator."); m.put(JMX_MANAGER_START, "If true then the jmx manager will be started when the cache is created. Defaults to false."); m.put(JMX_MANAGER_SSL_ENABLED, "If true then the jmx manager will only allow SSL clients to connect. Defaults to false. This property is ignored if jmx-manager-port is \"0\"."); - m.put(SSL_JMX_MANAGER_ALIAS, LocalizedStrings.AbstractDistributionConfig_JMX_MANAGER_SSL_ALIAS_0.toLocalizedString(Boolean.valueOf(DEFAULT_SSL_ALIAS))); + m.put(SSL_JMX_ALIAS, LocalizedStrings.AbstractDistributionConfig_JMX_MANAGER_SSL_ALIAS_0.toLocalizedString(Boolean.valueOf(DEFAULT_SSL_ALIAS))); m.put(JMX_MANAGER_SSL_CIPHERS, "List of available SSL cipher suites that are to be enabled for JMX Manager. Defaults to \"" + DEFAULT_JMX_MANAGER_SSL_CIPHERS + "\" meaning your provider''s defaults."); m.put(JMX_MANAGER_SSL_PROTOCOLS, "List of available SSL protocols that are to be enabled for JMX Manager. Defaults to \"" + DEFAULT_JMX_MANAGER_SSL_PROTOCOLS + "\" meaning defaults of your provider."); m.put(JMX_MANAGER_SSL_REQUIRE_AUTHENTICATION, "If set to false, ciphers and protocols that permit anonymous JMX Clients are allowed. Defaults to \"" + DEFAULT_JMX_MANAGER_SSL_REQUIRE_AUTHENTICATION + "\"."); http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/156d2d15/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/DistributionConfig.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/DistributionConfig.java b/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/DistributionConfig.java index 4ad95c6..628231b 100644 --- a/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/DistributionConfig.java +++ b/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/DistributionConfig.java @@ -4316,27 +4316,27 @@ public interface DistributionConfig extends Config, LogConfig { String HTTP_SERVICE_SSL_ALIAS_NAME = SSL_HTTP_SERVICE_ALIAS; /** - * Returns the value of the {@link ConfigurationProperties#SSL_JMX_MANAGER_ALIAS} + * Returns the value of the {@link ConfigurationProperties#SSL_JMX_ALIAS} * property. * @since Geode 1.0 */ - @ConfigAttributeGetter(name = SSL_JMX_MANAGER_ALIAS) - String getJMXManagerSSLAlias(); + @ConfigAttributeGetter(name = SSL_JMX_ALIAS) + String getJMXSSLAlias(); /** - * Sets the value of the {@link ConfigurationProperties#SSL_JMX_MANAGER_ALIAS} + * Sets the value of the {@link ConfigurationProperties#SSL_JMX_ALIAS} * property. * @since Geode 1.0 */ - @ConfigAttributeSetter(name = SSL_JMX_MANAGER_ALIAS) - void setJMXManagerSSLAlias(String alias); + @ConfigAttributeSetter(name = SSL_JMX_ALIAS) + void setJMXSSLAlias(String alias); /** - * The name of the {@link ConfigurationProperties#SSL_JMX_MANAGER_ALIAS} property + * The name of the {@link ConfigurationProperties#SSL_JMX_ALIAS} property * @since Geode 1.0 */ @ConfigAttribute(type = String.class) - String JMX_MANAGER_SSL_ALIAS_NAME = SSL_JMX_MANAGER_ALIAS; + String JMX_SSL_ALIAS_NAME = SSL_JMX_ALIAS; /** * Returns the value of the {@link ConfigurationProperties#SSL_SERVER_ALIAS} http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/156d2d15/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/DistributionConfigImpl.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/DistributionConfigImpl.java b/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/DistributionConfigImpl.java index 1ac92d0..bcc0413 100644 --- a/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/DistributionConfigImpl.java +++ b/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/DistributionConfigImpl.java @@ -26,13 +26,11 @@ import java.lang.reflect.Method; import java.net.InetAddress; import java.net.URL; import java.net.UnknownHostException; -import java.util.Arrays; import java.util.Collections; import java.util.HashMap; import java.util.HashSet; import java.util.Iterator; import java.util.Map; -import java.util.Objects; import java.util.Properties; import java.util.Set; @@ -770,7 +768,7 @@ public class DistributionConfigImpl extends AbstractDistributionConfig implement this.clusterSSLAlias = other.getClusterSSLAlias(); this.gatewaySSLAlias = other.getGatewaySSLAlias(); this.httpServiceSSLAlias = other.getHTTPServiceSSLAlias(); - this.jmxManagerSSLAlias = other.getJMXManagerSSLAlias(); + this.jmxManagerSSLAlias = other.getJMXSSLAlias(); this.serverSSLAlias = other.getServerSSLAlias(); this.locatorSSLAlias = other.getLocatorSSLAlias(); @@ -993,7 +991,7 @@ public class DistributionConfigImpl extends AbstractDistributionConfig implement return StringUtils.isEmpty(getHTTPServiceSSLAlias()) ? true : (getSSLEnabledComponents().length > 1 ? !StringUtils.isEmpty(getSSLDefaultAlias()) : true); } case JMX: { - return StringUtils.isEmpty(getJMXManagerSSLAlias()) ? true : (getSSLEnabledComponents().length > 1 ? !StringUtils.isEmpty(getSSLDefaultAlias()) : true); + return StringUtils.isEmpty(getJMXSSLAlias()) ? true : (getSSLEnabledComponents().length > 1 ? !StringUtils.isEmpty(getSSLDefaultAlias()) : true); } case LOCATOR: { return StringUtils.isEmpty(getLocatorSSLAlias()) ? true : (getSSLEnabledComponents().length > 1 ? !StringUtils.isEmpty(getSSLDefaultAlias()) : true); @@ -1470,6 +1468,10 @@ public class DistributionConfigImpl extends AbstractDistributionConfig implement continue; } Object propVal = me.getValue(); + if(propName.equals(SSL_CIPHERS) || propName.equals(SSL_PROTOCOLS)) + { + propVal = convertCommaDelimitedToSpaceDelimitedString((String)propVal); + } if (propVal != null && (propVal instanceof String)) { // weed out extraneous non-string properties this.setAttribute(propName, ((String) propVal).trim(), this.sourceMap.get(propName)); } @@ -1490,6 +1492,10 @@ public class DistributionConfigImpl extends AbstractDistributionConfig implement this.modifiable = false; } + private String convertCommaDelimitedToSpaceDelimitedString(final String propVal) { + return propVal.replace(","," "); + } + public void close() { // Clear the extra stuff from System properties Properties props = System.getProperties(); @@ -2559,12 +2565,12 @@ public class DistributionConfigImpl extends AbstractDistributionConfig implement } @Override - public String getJMXManagerSSLAlias() { + public String getJMXSSLAlias() { return jmxManagerSSLAlias; } @Override - public void setJMXManagerSSLAlias(final String alias) { + public void setJMXSSLAlias(final String alias) { jmxManagerSSLAlias = alias; } http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/156d2d15/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SSLConfigurationFactory.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SSLConfigurationFactory.java b/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SSLConfigurationFactory.java index df4f49c..1339f5a 100644 --- a/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SSLConfigurationFactory.java +++ b/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SSLConfigurationFactory.java @@ -128,7 +128,7 @@ public class SSLConfigurationFactory { } case JMX: { if (sslEnabledComponents.length > 0) { - sslConfig = setAliasForComponent(sslConfig, getDistributionConfig().getJMXManagerSSLAlias()); + sslConfig = setAliasForComponent(sslConfig, getDistributionConfig().getJMXSSLAlias()); } else { sslConfig = configureLegacyJMXSSL(sslConfig); } http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/156d2d15/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SocketCreator.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SocketCreator.java b/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SocketCreator.java index 0a2bfa3..6ddd0a2 100755 --- a/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SocketCreator.java +++ b/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SocketCreator.java @@ -1019,11 +1019,12 @@ public class SocketCreator { } serverSocket.setEnableSessionCreation(true); - // restrict cyphers + // restrict protocols String[] protocols = this.sslConfig.getProtocolsAsStringArray(); if (!"any".equalsIgnoreCase(protocols[0])) { serverSocket.setEnabledProtocols(protocols); } + // restrict ciphers String[] ciphers = this.sslConfig.getCiphersAsStringArray(); if (!"any".equalsIgnoreCase(ciphers[0])) { serverSocket.setEnabledCipherSuites(ciphers); http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/156d2d15/geode-core/src/main/java/com/gemstone/gemfire/management/GemFireProperties.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/GemFireProperties.java b/geode-core/src/main/java/com/gemstone/gemfire/management/GemFireProperties.java index 410d658..61f4072 100644 --- a/geode-core/src/main/java/com/gemstone/gemfire/management/GemFireProperties.java +++ b/geode-core/src/main/java/com/gemstone/gemfire/management/GemFireProperties.java @@ -17,6 +17,7 @@ package com.gemstone.gemfire.management; +import com.gemstone.gemfire.internal.security.SecurableComponent; /** * Composite Data type to be used by member to depict gemfire properties in key value manner @@ -478,7 +479,7 @@ public class GemFireProperties { */ @Deprecated private String jmxManagerSSLTrustStorePassword; - private String jmxManagerSSLAlias; + private String jmxSSLAlias; private boolean clusterSSLEnabled; private String clusterSSLProtocols; @@ -636,6 +637,20 @@ public class GemFireProperties { * Specifies whether the default transaction mode should be distributed. */ private boolean distributedTransactions; + + private String locatorSSLAlias; + + private SecurableComponent[] sslEnabledComponents; + private String sslProtocols; + private String sslCiphers; + private boolean sslRequireAuthentication; + private String sslKeyStore; + private String sslKeyStoreType; + private String sslKeyStorePassword; + private String sslTrustStore; + private String sslTrustStorePassword; + private boolean sslHttpServiceRequireAuthentication; + private String sslDefaultAlias; /** @@ -1018,22 +1033,22 @@ public class GemFireProperties { } -// public void setSslEnabled(boolean sslEnabled) { +// public void setSSLEnabled(boolean sslEnabled) { // this.sslEnabled = sslEnabled; // // } // -// public void setSslCiphers(String sslCiphers) { +// public void setSSLCiphers(String sslCiphers) { // this.sslCiphers = sslCiphers; // // } // -// public void setSslProtocols(String sslProtocols) { +// public void setSSLProtocols(String sslProtocols) { // this.sslProtocols = sslProtocols; // // } // -// public void setSslRequireAuthentication(boolean sslRequireAuthentication) { +// public void setSSLRequireAuthentication(boolean sslRequireAuthentication) { // this.sslRequireAuthentication = sslRequireAuthentication; // // } @@ -1721,4 +1736,140 @@ public class GemFireProperties { public boolean getDistributedTransactions() { return this.distributedTransactions; } + + public String getJmxSSLAlias() { + return jmxSSLAlias; + } + + public void setJmxSSLAlias(final String jmxSSLAlias) { + this.jmxSSLAlias = jmxSSLAlias; + } + + public String getClusterSSLAlias() { + return clusterSSLAlias; + } + + public void setClusterSSLAlias(final String clusterSSLAlias) { + this.clusterSSLAlias = clusterSSLAlias; + } + + public String getServerSSLAlias() { + return serverSSLAlias; + } + + public void setServerSSLAlias(final String serverSSLAlias) { + this.serverSSLAlias = serverSSLAlias; + } + + public String getGatewaySSLAlias() { + return gatewaySSLAlias; + } + + public void setGatewaySSLAlias(final String gatewaySSLAlias) { + this.gatewaySSLAlias = gatewaySSLAlias; + } + + public String getHttpServiceSSLAlias() { + return httpServiceSSLAlias; + } + + public void setHttpServiceSSLAlias(final String httpServiceSSLAlias) { + this.httpServiceSSLAlias = httpServiceSSLAlias; + } + + public String getLocatorSSLAlias() { + return locatorSSLAlias; + } + + public void setLocatorSSLAlias(final String locatorSSLAlias) { + this.locatorSSLAlias = locatorSSLAlias; + } + + public SecurableComponent[] getSSLEnabledComponents() { + return sslEnabledComponents; + } + + public void setSSLEnabledComponents(final SecurableComponent[] sslEnabledComponents) { + this.sslEnabledComponents = sslEnabledComponents; + } + + public String getSSLProtocols() { + return sslProtocols; + } + + public void setSSLProtocols(final String sslProtocols) { + this.sslProtocols = sslProtocols; + } + + public String getSSLCiphers() { + return sslCiphers; + } + + public void setSSLCiphers(final String sslCiphers) { + this.sslCiphers = sslCiphers; + } + + public boolean isSSLRequireAuthentication() { + return sslRequireAuthentication; + } + + public void setSSLRequireAuthentication(final boolean sslRequireAuthentication) { + this.sslRequireAuthentication = sslRequireAuthentication; + } + + public String getSSLKeyStore() { + return sslKeyStore; + } + + public void setSSLKeyStore(final String sslKeyStore) { + this.sslKeyStore = sslKeyStore; + } + + public String getSSLKeyStoreType() { + return sslKeyStoreType; + } + + public void setSSLKeyStoreType(final String sslKeyStoreType) { + this.sslKeyStoreType = sslKeyStoreType; + } + + public String getSSLKeyStorePassword() { + return sslKeyStorePassword; + } + + public void setSSLKeyStorePassword(final String sslKeyStorePassword) { + this.sslKeyStorePassword = sslKeyStorePassword; + } + + public String getSSLTrustStore() { + return sslTrustStore; + } + + public void setSSLTrustStore(final String sslTrustStore) { + this.sslTrustStore = sslTrustStore; + } + + public String getSSLTrustStorePassword() { + return sslTrustStorePassword; + } + + public void setSSLTrustStorePassword(final String sslTrustStorePassword) { + this.sslTrustStorePassword = sslTrustStorePassword; + } + + public boolean isSSLHttpServiceRequireAuthentication() { + return sslHttpServiceRequireAuthentication; + } + + public void setSSLHttpServiceRequireAuthentication(final boolean sslHttpServiceRequireAuthentication) { + this.sslHttpServiceRequireAuthentication = sslHttpServiceRequireAuthentication; + } + + public String getSSLDefaultAlias() { + return sslDefaultAlias; + } + + public void setSSLDefaultAlias(final String sslDefaultAlias) { + this.sslDefaultAlias = sslDefaultAlias; + } } http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/156d2d15/geode-core/src/main/java/com/gemstone/gemfire/management/internal/beans/BeanUtilFuncs.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/beans/BeanUtilFuncs.java b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/beans/BeanUtilFuncs.java index 9d62fbf..8e05d74 100644 --- a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/beans/BeanUtilFuncs.java +++ b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/beans/BeanUtilFuncs.java @@ -333,6 +333,23 @@ public class BeanUtilFuncs { gemFirePropertyData.setHttpServiceBindAddress(config.getHttpServiceBindAddress()); gemFirePropertyData.setStartDevRestApi(config.getStartDevRestApi()); + gemFirePropertyData.setSSLCiphers(config.getSSLCiphers()); + gemFirePropertyData.setSSLEnabledComponents(config.getSSLEnabledComponents()); + gemFirePropertyData.setSSLHttpServiceRequireAuthentication(config.getSSLHTTPRequireAuthentication()); + gemFirePropertyData.setSSLKeyStore(config.getSSLKeyStore()); + gemFirePropertyData.setSSLKeyStoreType(config.getSSLKeyStoreType()); + gemFirePropertyData.setSSLKeyStorePassword(config.getSSLKeyStorePassword()); + gemFirePropertyData.setSSLTrustStore(config.getSSLTrustStore()); + gemFirePropertyData.setSSLTrustStorePassword(config.getSSLTrustStorePassword()); + + gemFirePropertyData.setClusterSSLAlias(config.getClusterSSLAlias()); + gemFirePropertyData.setServerSSLAlias(config.getServerSSLAlias()); + gemFirePropertyData.setJmxSSLAlias(config.getJMXSSLAlias()); + gemFirePropertyData.setGatewaySSLAlias(config.getGatewaySSLAlias()); + gemFirePropertyData.setLocatorSSLAlias(config.getLocatorSSLAlias()); + gemFirePropertyData.setHttpServiceSSLAlias(config.getHTTPServiceSSLAlias()); + gemFirePropertyData.setSSLDefaultAlias(config.getSSLDefaultAlias()); + return gemFirePropertyData; } http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/156d2d15/geode-core/src/test/java/com/gemstone/gemfire/distributed/LocatorDUnitTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/com/gemstone/gemfire/distributed/LocatorDUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/distributed/LocatorDUnitTest.java index fc0e93b..a373e82 100755 --- a/geode-core/src/test/java/com/gemstone/gemfire/distributed/LocatorDUnitTest.java +++ b/geode-core/src/test/java/com/gemstone/gemfire/distributed/LocatorDUnitTest.java @@ -55,7 +55,6 @@ import com.gemstone.gemfire.internal.AvailablePortHelper; import com.gemstone.gemfire.internal.cache.GemFireCacheImpl; import com.gemstone.gemfire.internal.logging.InternalLogWriter; import com.gemstone.gemfire.internal.logging.LocalLogWriter; -import com.gemstone.gemfire.internal.net.SocketCreatorFactory; import com.gemstone.gemfire.internal.security.SecurableComponent; import com.gemstone.gemfire.internal.tcp.Connection; import com.gemstone.gemfire.test.dunit.DistributedTestUtils; @@ -365,8 +364,8 @@ public class LocatorDUnitTest extends JUnit4DistributedTestCase { properties.put(MEMBER_TIMEOUT, "2000"); properties.put(LOG_LEVEL, LogWriterUtils.getDUnitLogLevel()); properties.put(ENABLE_CLUSTER_CONFIGURATION, "false"); - properties.put(SSL_CIPHERS, "any"); - properties.put(SSL_PROTOCOLS, "any"); + properties.put(SSL_CIPHERS, "TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,TLS_DHE_DSS_WITH_AES_256_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"); + properties.put(SSL_PROTOCOLS, "TLSv1,TLSv1.1,TLSv1.2"); properties.put(SSL_KEYSTORE, getSingleKeyKeystore()); properties.put(SSL_KEYSTORE_PASSWORD, "password"); properties.put(SSL_KEYSTORE_TYPE, "JKS"); http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/156d2d15/geode-core/src/test/java/com/gemstone/gemfire/internal/net/SSLConfigurationFactoryTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/com/gemstone/gemfire/internal/net/SSLConfigurationFactoryTest.java b/geode-core/src/test/java/com/gemstone/gemfire/internal/net/SSLConfigurationFactoryTest.java index d890457..3cbe55e 100644 --- a/geode-core/src/test/java/com/gemstone/gemfire/internal/net/SSLConfigurationFactoryTest.java +++ b/geode-core/src/test/java/com/gemstone/gemfire/internal/net/SSLConfigurationFactoryTest.java @@ -155,7 +155,7 @@ public class SSLConfigurationFactoryTest extends JUnit4DistributedTestCase { case HTTP_SERVICE: return getAliasForComponent(properties, SSL_HTTP_SERVICE_ALIAS); case JMX: - return getAliasForComponent(properties, SSL_JMX_MANAGER_ALIAS); + return getAliasForComponent(properties, SSL_JMX_ALIAS); case LOCATOR: return getAliasForComponent(properties, SSL_LOCATOR_ALIAS); case SERVER: http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/156d2d15/geode-core/src/test/java/com/gemstone/gemfire/internal/net/SocketCreatorFactoryJUnitTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/com/gemstone/gemfire/internal/net/SocketCreatorFactoryJUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/internal/net/SocketCreatorFactoryJUnitTest.java index c55c661..06de622 100644 --- a/geode-core/src/test/java/com/gemstone/gemfire/internal/net/SocketCreatorFactoryJUnitTest.java +++ b/geode-core/src/test/java/com/gemstone/gemfire/internal/net/SocketCreatorFactoryJUnitTest.java @@ -216,8 +216,8 @@ public class SocketCreatorFactoryJUnitTest extends JSSESocketJUnitTest { properties.setProperty(MCAST_PORT, "0"); properties.setProperty(SSL_REQUIRE_AUTHENTICATION, "true"); - properties.setProperty(SSL_CIPHERS, "any"); - properties.setProperty(SSL_PROTOCOLS, "TLSv1.2"); + properties.setProperty(SSL_CIPHERS, "MD2withRSA,MD5withRSA,SHA1withRSA,SHA256withRSA,SHA384withRSA,SHA512withRS"); + properties.setProperty(SSL_PROTOCOLS, "TLSv1,TLSv1.1,TLSv1.2"); properties.setProperty(SSL_KEYSTORE, jks.getCanonicalPath()); properties.setProperty(SSL_KEYSTORE_PASSWORD, "password"); properties.setProperty(SSL_KEYSTORE_TYPE, "JKS"); http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/156d2d15/geode-core/src/test/java/com/gemstone/gemfire/management/JMXMBeanDUnitTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/JMXMBeanDUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/management/JMXMBeanDUnitTest.java index f08c172..3c1f944 100644 --- a/geode-core/src/test/java/com/gemstone/gemfire/management/JMXMBeanDUnitTest.java +++ b/geode-core/src/test/java/com/gemstone/gemfire/management/JMXMBeanDUnitTest.java @@ -22,9 +22,6 @@ import static org.junit.Assert.*; import java.io.File; import java.io.IOException; -import java.io.Serializable; -import java.net.Socket; -import java.rmi.server.RMIClientSocketFactory; import java.util.HashMap; import java.util.Map; import java.util.Properties; @@ -43,7 +40,6 @@ import org.junit.experimental.categories.Category; import com.gemstone.gemfire.distributed.LocatorLauncher; import com.gemstone.gemfire.internal.AvailablePortHelper; -import com.gemstone.gemfire.internal.net.SocketCreator; import com.gemstone.gemfire.internal.security.SecurableComponent; import com.gemstone.gemfire.test.dunit.DistributedTestCase; import com.gemstone.gemfire.test.dunit.DistributedTestUtils; @@ -246,7 +242,7 @@ public class JMXMBeanDUnitTest extends DistributedTestCase { if (useMultiKey) { properties.setProperty(SSL_KEYSTORE, getMultiKeyKeystore()); properties.setProperty(SSL_TRUSTSTORE, getMultiKeyTruststore()); - properties.setProperty(SSL_JMX_MANAGER_ALIAS, "jmxkey"); + properties.setProperty(SSL_JMX_ALIAS, "jmxkey"); } } }
