Sailesh Mukil has uploaded a new change for review. http://gerrit.cloudera.org:8080/3765
Change subject: IMPALA-3159: impala-shell does not accept wildcard or SAN certificates ...................................................................... IMPALA-3159: impala-shell does not accept wildcard or SAN certificates The impala-shell could not accept wildcard or SAN certificates previously as the thrift library it depended on did not support them. This patch subclasses TSSLSocket and adds the logic to take care of the above mentioned cases by introducing the new TSSLSocketWithWildcardSAN class. The certificate matching logic is based on the python-ssl source code. Added custom cluster tests to test both wildcard matching and SAN matching. Added be/src/testutil/certificates-info.txt which contains all the information about the certificates which are added for the tests. This has been tested with Python2.4 and Python2.6. Change-Id: I75e37012eeeb0bcf87a5edf875f0ff915daf8b89 --- A be/src/testutil/certificates-info.txt A be/src/testutil/incorrect-commonname-cert.key A be/src/testutil/incorrect-commonname-cert.pem A be/src/testutil/wildcard-cert.key A be/src/testutil/wildcard-cert.pem A be/src/testutil/wildcard-san-cert.key A be/src/testutil/wildcard-san-cert.pem A be/src/testutil/wildcardCA.key A be/src/testutil/wildcardCA.pem A shell/TSSLSocketWithWildcardSAN.py M shell/impala_client.py M tests/custom_cluster/test_client_ssl.py M tests/shell/util.py 13 files changed, 509 insertions(+), 14 deletions(-) git pull ssh://gerrit.cloudera.org:29418/Impala-ASF refs/changes/65/3765/1 -- To view, visit http://gerrit.cloudera.org:8080/3765 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I75e37012eeeb0bcf87a5edf875f0ff915daf8b89 Gerrit-PatchSet: 1 Gerrit-Project: Impala-ASF Gerrit-Branch: master Gerrit-Owner: Sailesh Mukil <[email protected]>
