Jim Apple has uploaded a new change for review. http://gerrit.cloudera.org:8080/3764
Change subject: IMPALA-3159: impala-shell does not accept wildcard or SAN certificates ...................................................................... IMPALA-3159: impala-shell does not accept wildcard or SAN certificates The impala-shell could not accept wildcard or SAN certificates previously as the thrift library it depended on did not support them. This patch subclasses TSSLSocket and adds the logic to take care of the above mentioned cases by introducing the new TSSLSocketWithWildcardSAN class. The certificate matching logic is based on the python-ssl source code. Added custom cluster tests to test both wildcard matching and SAN matching. Added be/src/testutil/certificates-info.txt which contains all the information about the certificates which are added for the tests. This has been tested with Python2.4 and Python2.6. Change-Id: I8908f05afe4a6da9713fd303c499c50f692985ef --- A be/src/testutil/certificates-info.txt A be/src/testutil/incorrect-commonname-cert.key A be/src/testutil/incorrect-commonname-cert.pem A be/src/testutil/wildcard-cert.key A be/src/testutil/wildcard-cert.pem A be/src/testutil/wildcard-san-cert.key A be/src/testutil/wildcard-san-cert.pem A be/src/testutil/wildcardCA.key A be/src/testutil/wildcardCA.pem A shell/TSSLSocketWithWildcardSAN.py M shell/impala_client.py M tests/custom_cluster/test_client_ssl.py M tests/shell/util.py 13 files changed, 509 insertions(+), 14 deletions(-) git pull ssh://gerrit.cloudera.org:29418/Impala-ASF refs/changes/64/3764/1 -- To view, visit http://gerrit.cloudera.org:8080/3764 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I8908f05afe4a6da9713fd303c499c50f692985ef Gerrit-PatchSet: 1 Gerrit-Project: Impala-ASF Gerrit-Branch: master Gerrit-Owner: Jim Apple <[email protected]> Gerrit-Reviewer: Sailesh Mukil <[email protected]>
