Repository: incubator-ranger Updated Branches: refs/heads/master fa4f291a2 -> 8aef120e7
RANGER-475 Coverity scan problems about hbase plugin Signed-off-by: Madhan Neethiraj <mad...@apache.org> Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/8aef120e Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/8aef120e Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/8aef120e Branch: refs/heads/master Commit: 8aef120e72545f014a438a31c7c20c5398f3cf62 Parents: fa4f291 Author: Alok Lal <a...@hortonworks.com> Authored: Wed May 13 18:01:40 2015 -0700 Committer: Madhan Neethiraj <mad...@apache.org> Committed: Thu May 14 09:32:00 2015 -0700 ---------------------------------------------------------------------- .../ranger/authorization/hbase/Crypt.java | 86 -------------------- .../hbase/RangerAuthorizationCoprocessor.java | 11 ++- 2 files changed, 9 insertions(+), 88 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/8aef120e/hbase-agent/src/main/java/org/apache/ranger/authorization/hbase/Crypt.java ---------------------------------------------------------------------- diff --git a/hbase-agent/src/main/java/org/apache/ranger/authorization/hbase/Crypt.java b/hbase-agent/src/main/java/org/apache/ranger/authorization/hbase/Crypt.java deleted file mode 100644 index 1a32533..0000000 --- a/hbase-agent/src/main/java/org/apache/ranger/authorization/hbase/Crypt.java +++ /dev/null @@ -1,86 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.apache.ranger.authorization.hbase; - -import javax.crypto.Cipher; -import javax.crypto.spec.IvParameterSpec; -import javax.crypto.spec.SecretKeySpec; - -import org.apache.commons.codec.binary.Hex; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; - -public class Crypt { - - private static final Log LOG = LogFactory.getLog("SecurityLogger." + RangerAuthorizationCoprocessor.class.getName()); - - private static byte[] IV = { 01, 21, 22, 86, 121, 45, 98, 28, 111, 72, 54, 39, 96, 47, 84, 13 }; - private static final byte[] encryptionKey = "324234sdff3a7d8e".getBytes(); - private static final String CIPHER_ALGO = "AES/CBC/PKCS5Padding"; - private static final String CIPHER_INIT_ALGO = "AES"; - - private static volatile Crypt me = null ; - - private Cipher encrypter = null; - private Cipher descrypter = null; - - - public static Crypt getInstance() { - Crypt result = me; - if (result == null) { - synchronized (Crypt.class) { - result = me ; - if (result == null) { - me = result = new Crypt() ; - } - } - } - return result ; - } - - private Crypt() { - try { - encrypter = Cipher.getInstance(CIPHER_ALGO); - SecretKeySpec enckey = new SecretKeySpec(encryptionKey, CIPHER_INIT_ALGO); - encrypter.init(Cipher.ENCRYPT_MODE, enckey, new IvParameterSpec(IV)); - - descrypter = Cipher.getInstance(CIPHER_ALGO); - SecretKeySpec deckey = new SecretKeySpec(encryptionKey, CIPHER_INIT_ALGO); - descrypter.init(Cipher.DECRYPT_MODE, deckey, new IvParameterSpec(IV)); - } catch (Throwable t) { - LOG.error("Unable to initialzie Encrypt/Decrypt module - Exiting from HBase", t); - throw new RuntimeException(t); - } - } - - public synchronized byte[] encrypt(byte[] plainText) throws Exception { - byte[] ret = encrypter.doFinal(plainText); - LOG.debug("Encrypted plain text: [" + new String(plainText) + "] => {" + Hex.encodeHexString(ret) + "}") ; - return ret ; - } - - public synchronized byte[] decrypt(byte[] cipherText) throws Exception { - byte[] ret = descrypter.doFinal(cipherText); - LOG.debug("Decrypted From text: [" + Hex.encodeHexString(cipherText) + "] => {" + new String(ret) + "}") ; - return ret ; - } - - -} http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/8aef120e/hbase-agent/src/main/java/org/apache/ranger/authorization/hbase/RangerAuthorizationCoprocessor.java ---------------------------------------------------------------------- diff --git a/hbase-agent/src/main/java/org/apache/ranger/authorization/hbase/RangerAuthorizationCoprocessor.java b/hbase-agent/src/main/java/org/apache/ranger/authorization/hbase/RangerAuthorizationCoprocessor.java index c1d040b..d6aeddd 100644 --- a/hbase-agent/src/main/java/org/apache/ranger/authorization/hbase/RangerAuthorizationCoprocessor.java +++ b/hbase-agent/src/main/java/org/apache/ranger/authorization/hbase/RangerAuthorizationCoprocessor.java @@ -159,8 +159,15 @@ public class RangerAuthorizationCoprocessor extends RangerAuthorizationCoprocess protected boolean isSpecialTable(byte[] tableName) { return isSpecialTable(Bytes.toString(tableName)); } - protected boolean isSpecialTable(String tableNameStr) { - return tableNameStr.equals("hbase:meta") || tableNameStr.equals("-ROOT-") || tableNameStr.equals(".META."); + protected boolean isSpecialTable(String input) { + final String[] specialTables = new String[] { "hbase:meta", "-ROOT-", ".META."}; + for (String specialTable : specialTables ) { + if (specialTable.equals(input)) { + return true; + } + } + + return false; } protected boolean isAccessForMetaTables(RegionCoprocessorEnvironment env) { HRegionInfo hri = env.getRegion().getRegionInfo();