hadoop git commit: HADOOP-12765. HttpServer2 should switch to using the non-blocking SslSelectChannelConnector to prevent performance degradation when handling SSL connections. Contributed by Min Shen

2016-08-29 Thread zhz 
Repository: hadoop
Updated Branches:
  refs/heads/branch-2.7 4f4360731 -> 1d0170406


HADOOP-12765. HttpServer2 should switch to using the non-blocking 
SslSelectChannelConnector to prevent performance degradation when handling SSL 
connections. Contributed by Min Shen. Branch-2 patch contributed by Wei-Chiu 
Chuang.

(cherry picked from commit dfcbc12026b591745a7d7279f2b840152cb53a91)
(cherry picked from commit 8bc33bf343b7e9005e04f0dc6078bfb06fb22815)


Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo
Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/1d017040
Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/1d017040
Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/1d017040

Branch: refs/heads/branch-2.7
Commit: 1d017040605b64c7092d8e83d057f4427044aa87
Parents: 4f43607
Author: Zhe Zhang 
Authored: Tue Aug 23 14:46:08 2016 -0700
Committer: Zhe Zhang 
Committed: Mon Aug 29 10:10:47 2016 -0700

--
 hadoop-common-project/hadoop-common/pom.xml |  5 ++
 .../org/apache/hadoop/http/HttpServer2.java | 76 +++-
 .../ssl/SslSelectChannelConnectorSecure.java| 58 +++
 .../security/ssl/SslSocketConnectorSecure.java  | 58 ---
 .../hadoop/crypto/key/kms/server/MiniKMS.java   |  9 +--
 .../org/apache/hadoop/test/TestJettyHelper.java |  6 +-
 hadoop-project/pom.xml  |  5 ++
 7 files changed, 118 insertions(+), 99 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/hadoop/blob/1d017040/hadoop-common-project/hadoop-common/pom.xml
--
diff --git a/hadoop-common-project/hadoop-common/pom.xml 
b/hadoop-common-project/hadoop-common/pom.xml
index d2acb46..b304bab 100644
--- a/hadoop-common-project/hadoop-common/pom.xml
+++ b/hadoop-common-project/hadoop-common/pom.xml
@@ -105,6 +105,11 @@
 
 
 
+  org.mortbay.jetty
+  jetty-sslengine
+  compile
+
+
   javax.servlet.jsp
   jsp-api
   runtime

http://git-wip-us.apache.org/repos/asf/hadoop/blob/1d017040/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/http/HttpServer2.java
--
diff --git 
a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/http/HttpServer2.java
 
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/http/HttpServer2.java
index 6575fc8..4293a03 100644
--- 
a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/http/HttpServer2.java
+++ 
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/http/HttpServer2.java
@@ -59,7 +59,7 @@ import 
org.apache.hadoop.security.authentication.util.FileSignerSecretProvider;
 import 
org.apache.hadoop.security.authentication.util.RandomSignerSecretProvider;
 import org.apache.hadoop.security.authentication.util.SignerSecretProvider;
 import org.apache.hadoop.security.authentication.util.ZKSignerSecretProvider;
-import org.apache.hadoop.security.ssl.SslSocketConnectorSecure;
+import org.apache.hadoop.security.ssl.SslSelectChannelConnectorSecure;
 import org.apache.hadoop.jmx.JMXJsonServlet;
 import org.apache.hadoop.log.LogLevel;
 import org.apache.hadoop.metrics.MetricsServlet;
@@ -81,7 +81,7 @@ import org.mortbay.jetty.handler.ContextHandlerCollection;
 import org.mortbay.jetty.handler.HandlerCollection;
 import org.mortbay.jetty.handler.RequestLogHandler;
 import org.mortbay.jetty.nio.SelectChannelConnector;
-import org.mortbay.jetty.security.SslSocketConnector;
+import org.mortbay.jetty.security.SslSelectChannelConnector;
 import org.mortbay.jetty.servlet.AbstractSessionManager;
 import org.mortbay.jetty.servlet.Context;
 import org.mortbay.jetty.servlet.DefaultServlet;
@@ -305,29 +305,7 @@ public final class HttpServer2 implements FilterContainer {
 if ("http".equals(scheme)) {
   listener = HttpServer2.createDefaultChannelConnector();
 } else if ("https".equals(scheme)) {
-  SslSocketConnector c = new SslSocketConnectorSecure();
-  c.setHeaderBufferSize(1024*64);
-  c.setNeedClientAuth(needsClientAuth);
-  c.setKeyPassword(keyPassword);
-
-  if (keyStore != null) {
-c.setKeystore(keyStore);
-c.setKeystoreType(keyStoreType);
-c.setPassword(keyStorePassword);
-  }
-
-  if (trustStore != null) {
-c.setTruststore(trustStore);
-c.setTruststoreType(trustStoreType);
-c.setTrustPassword(trustStorePassword);
-  }
-
-  if(null != excludeCiphers && !excludeCiphers.isEmpty()) {
-c.setExcludeCipherSuites(excludeCiphers.split(","));
-LOG.info("Excluded Cipher List:" + excludeCiphers);
-  }
-
-

hadoop git commit: HADOOP-12765. HttpServer2 should switch to using the non-blocking SslSelectChannelConnector to prevent performance degradation when handling SSL connections. Contributed by Min Shen

2016-08-23 Thread zhz 
Repository: hadoop
Updated Branches:
  refs/heads/branch-2.8 80d8e79e2 -> 8bc33bf34


HADOOP-12765. HttpServer2 should switch to using the non-blocking 
SslSelectChannelConnector to prevent performance degradation when handling SSL 
connections. Contributed by Min Shen. Branch-2 patch contributed by Wei-Chiu 
Chuang.

(cherry picked from commit dfcbc12026b591745a7d7279f2b840152cb53a91)


Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo
Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/8bc33bf3
Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/8bc33bf3
Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/8bc33bf3

Branch: refs/heads/branch-2.8
Commit: 8bc33bf343b7e9005e04f0dc6078bfb06fb22815
Parents: 80d8e79
Author: Zhe Zhang 
Authored: Tue Aug 23 14:46:08 2016 -0700
Committer: Zhe Zhang 
Committed: Tue Aug 23 14:46:47 2016 -0700

--
 hadoop-common-project/hadoop-common/pom.xml |  5 ++
 .../org/apache/hadoop/http/HttpServer2.java | 76 +++-
 .../ssl/SslSelectChannelConnectorSecure.java| 58 +++
 .../security/ssl/SslSocketConnectorSecure.java  | 58 ---
 .../hadoop/crypto/key/kms/server/MiniKMS.java   |  9 +--
 .../org/apache/hadoop/test/TestJettyHelper.java |  6 +-
 hadoop-project/pom.xml  |  5 ++
 7 files changed, 118 insertions(+), 99 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/hadoop/blob/8bc33bf3/hadoop-common-project/hadoop-common/pom.xml
--
diff --git a/hadoop-common-project/hadoop-common/pom.xml 
b/hadoop-common-project/hadoop-common/pom.xml
index 9fc4afc..42a2f21 100644
--- a/hadoop-common-project/hadoop-common/pom.xml
+++ b/hadoop-common-project/hadoop-common/pom.xml
@@ -106,6 +106,11 @@
 
 
 
+  org.mortbay.jetty
+  jetty-sslengine
+  compile
+
+
   javax.servlet.jsp
   jsp-api
   runtime

http://git-wip-us.apache.org/repos/asf/hadoop/blob/8bc33bf3/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/http/HttpServer2.java
--
diff --git 
a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/http/HttpServer2.java
 
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/http/HttpServer2.java
index 2a46836..4b1e6ab 100644
--- 
a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/http/HttpServer2.java
+++ 
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/http/HttpServer2.java
@@ -56,7 +56,7 @@ import org.apache.hadoop.conf.Configuration;
 import org.apache.hadoop.fs.CommonConfigurationKeys;
 import org.apache.hadoop.security.AuthenticationFilterInitializer;
 import org.apache.hadoop.security.authentication.util.SignerSecretProvider;
-import org.apache.hadoop.security.ssl.SslSocketConnectorSecure;
+import org.apache.hadoop.security.ssl.SslSelectChannelConnectorSecure;
 import org.apache.hadoop.jmx.JMXJsonServlet;
 import org.apache.hadoop.log.LogLevel;
 import org.apache.hadoop.metrics.MetricsServlet;
@@ -78,7 +78,7 @@ import org.mortbay.jetty.handler.ContextHandlerCollection;
 import org.mortbay.jetty.handler.HandlerCollection;
 import org.mortbay.jetty.handler.RequestLogHandler;
 import org.mortbay.jetty.nio.SelectChannelConnector;
-import org.mortbay.jetty.security.SslSocketConnector;
+import org.mortbay.jetty.security.SslSelectChannelConnector;
 import org.mortbay.jetty.servlet.AbstractSessionManager;
 import org.mortbay.jetty.servlet.Context;
 import org.mortbay.jetty.servlet.DefaultServlet;
@@ -333,29 +333,7 @@ public final class HttpServer2 implements FilterContainer {
 if ("http".equals(scheme)) {
   listener = HttpServer2.createDefaultChannelConnector();
 } else if ("https".equals(scheme)) {
-  SslSocketConnector c = new SslSocketConnectorSecure();
-  c.setHeaderBufferSize(1024*64);
-  c.setNeedClientAuth(needsClientAuth);
-  c.setKeyPassword(keyPassword);
-
-  if (keyStore != null) {
-c.setKeystore(keyStore);
-c.setKeystoreType(keyStoreType);
-c.setPassword(keyStorePassword);
-  }
-
-  if (trustStore != null) {
-c.setTruststore(trustStore);
-c.setTruststoreType(trustStoreType);
-c.setTrustPassword(trustStorePassword);
-  }
-
-  if(null != excludeCiphers && !excludeCiphers.isEmpty()) {
-c.setExcludeCipherSuites(excludeCiphers.split(","));
-LOG.info("Excluded Cipher List:" + excludeCiphers);
-  }
-
-  listener = c;
+  listener = createHttpsChannelConnector();
 
 } else {
   throw new HadoopIllegalArgumentException(
@@ -368,6

hadoop git commit: HADOOP-12765. HttpServer2 should switch to using the non-blocking SslSelectChannelConnector to prevent performance degradation when handling SSL connections. Contributed by Min Shen

2016-08-23 Thread zhz 
Repository: hadoop
Updated Branches:
  refs/heads/branch-2 5fa241daa -> dfcbc1202


HADOOP-12765. HttpServer2 should switch to using the non-blocking 
SslSelectChannelConnector to prevent performance degradation when handling SSL 
connections. Contributed by Min Shen. Branch-2 patch contributed by Wei-Chiu 
Chuang.


Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo
Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/dfcbc120
Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/dfcbc120
Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/dfcbc120

Branch: refs/heads/branch-2
Commit: dfcbc12026b591745a7d7279f2b840152cb53a91
Parents: 5fa241d
Author: Zhe Zhang 
Authored: Tue Aug 23 14:46:08 2016 -0700
Committer: Zhe Zhang 
Committed: Tue Aug 23 14:46:08 2016 -0700

--
 hadoop-common-project/hadoop-common/pom.xml |  5 ++
 .../org/apache/hadoop/http/HttpServer2.java | 76 +++-
 .../ssl/SslSelectChannelConnectorSecure.java| 58 +++
 .../security/ssl/SslSocketConnectorSecure.java  | 58 ---
 .../hadoop/crypto/key/kms/server/MiniKMS.java   |  9 +--
 .../org/apache/hadoop/test/TestJettyHelper.java |  6 +-
 hadoop-project/pom.xml  |  5 ++
 7 files changed, 118 insertions(+), 99 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/hadoop/blob/dfcbc120/hadoop-common-project/hadoop-common/pom.xml
--
diff --git a/hadoop-common-project/hadoop-common/pom.xml 
b/hadoop-common-project/hadoop-common/pom.xml
index 09f630c..b35a40e 100644
--- a/hadoop-common-project/hadoop-common/pom.xml
+++ b/hadoop-common-project/hadoop-common/pom.xml
@@ -106,6 +106,11 @@
 
 
 
+  org.mortbay.jetty
+  jetty-sslengine
+  compile
+
+
   javax.servlet.jsp
   jsp-api
   runtime

http://git-wip-us.apache.org/repos/asf/hadoop/blob/dfcbc120/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/http/HttpServer2.java
--
diff --git 
a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/http/HttpServer2.java
 
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/http/HttpServer2.java
index c179bd0..62fb4b6 100644
--- 
a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/http/HttpServer2.java
+++ 
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/http/HttpServer2.java
@@ -56,7 +56,7 @@ import org.apache.hadoop.conf.Configuration;
 import org.apache.hadoop.fs.CommonConfigurationKeys;
 import org.apache.hadoop.security.AuthenticationFilterInitializer;
 import org.apache.hadoop.security.authentication.util.SignerSecretProvider;
-import org.apache.hadoop.security.ssl.SslSocketConnectorSecure;
+import org.apache.hadoop.security.ssl.SslSelectChannelConnectorSecure;
 import org.apache.hadoop.jmx.JMXJsonServlet;
 import org.apache.hadoop.log.LogLevel;
 import org.apache.hadoop.metrics.MetricsServlet;
@@ -78,7 +78,7 @@ import org.mortbay.jetty.handler.ContextHandlerCollection;
 import org.mortbay.jetty.handler.HandlerCollection;
 import org.mortbay.jetty.handler.RequestLogHandler;
 import org.mortbay.jetty.nio.SelectChannelConnector;
-import org.mortbay.jetty.security.SslSocketConnector;
+import org.mortbay.jetty.security.SslSelectChannelConnector;
 import org.mortbay.jetty.servlet.AbstractSessionManager;
 import org.mortbay.jetty.servlet.Context;
 import org.mortbay.jetty.servlet.DefaultServlet;
@@ -333,29 +333,7 @@ public final class HttpServer2 implements FilterContainer {
 if ("http".equals(scheme)) {
   listener = HttpServer2.createDefaultChannelConnector();
 } else if ("https".equals(scheme)) {
-  SslSocketConnector c = new SslSocketConnectorSecure();
-  c.setHeaderBufferSize(1024*64);
-  c.setNeedClientAuth(needsClientAuth);
-  c.setKeyPassword(keyPassword);
-
-  if (keyStore != null) {
-c.setKeystore(keyStore);
-c.setKeystoreType(keyStoreType);
-c.setPassword(keyStorePassword);
-  }
-
-  if (trustStore != null) {
-c.setTruststore(trustStore);
-c.setTruststoreType(trustStoreType);
-c.setTrustPassword(trustStorePassword);
-  }
-
-  if(null != excludeCiphers && !excludeCiphers.isEmpty()) {
-c.setExcludeCipherSuites(excludeCiphers.split(","));
-LOG.info("Excluded Cipher List:" + excludeCiphers);
-  }
-
-  listener = c;
+  listener = createHttpsChannelConnector();
 
 } else {
   throw new HadoopIllegalArgumentException(
@@ -368,6 +346,32 @@ public final class HttpServer2 implements FilterContainer {

hadoop git commit: HADOOP-12765. HttpServer2 should switch to using the non-blocking SslSelectChannelConnector to prevent performance degradation when handling SSL connections. Contributed by Min Shen

2016-08-19 Thread weichiu 
Repository: hadoop
Updated Branches:
  refs/heads/trunk 2550371f6 -> 03a9343d5


HADOOP-12765. HttpServer2 should switch to using the non-blocking 
SslSelectChannelConnector to prevent performance degradation when handling SSL 
connections. Contributed by Min Shen.


Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo
Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/03a9343d
Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/03a9343d
Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/03a9343d

Branch: refs/heads/trunk
Commit: 03a9343d5798384b66fbd21e1e028acaf55b00e9
Parents: 2550371
Author: Wei-Chiu Chuang 
Authored: Fri Aug 19 09:22:49 2016 -0700
Committer: Wei-Chiu Chuang 
Committed: Fri Aug 19 09:22:49 2016 -0700

--
 hadoop-common-project/hadoop-common/pom.xml |  5 ++
 .../org/apache/hadoop/http/HttpServer2.java | 76 +++-
 .../ssl/SslSelectChannelConnectorSecure.java| 58 +++
 .../security/ssl/SslSocketConnectorSecure.java  | 58 ---
 .../hadoop/crypto/key/kms/server/MiniKMS.java   |  9 +--
 .../org/apache/hadoop/test/TestJettyHelper.java |  6 +-
 hadoop-project/pom.xml  |  5 ++
 7 files changed, 118 insertions(+), 99 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/hadoop/blob/03a9343d/hadoop-common-project/hadoop-common/pom.xml
--
diff --git a/hadoop-common-project/hadoop-common/pom.xml 
b/hadoop-common-project/hadoop-common/pom.xml
index ef2fdf5..c28a05c 100644
--- a/hadoop-common-project/hadoop-common/pom.xml
+++ b/hadoop-common-project/hadoop-common/pom.xml
@@ -106,6 +106,11 @@
   compile
 
 
+  org.mortbay.jetty
+  jetty-sslengine
+  compile
+
+
   javax.servlet.jsp
   jsp-api
   runtime

http://git-wip-us.apache.org/repos/asf/hadoop/blob/03a9343d/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/http/HttpServer2.java
--
diff --git 
a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/http/HttpServer2.java
 
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/http/HttpServer2.java
index 8199c9b..a2bb18f 100644
--- 
a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/http/HttpServer2.java
+++ 
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/http/HttpServer2.java
@@ -56,7 +56,7 @@ import org.apache.hadoop.conf.Configuration;
 import org.apache.hadoop.fs.CommonConfigurationKeys;
 import org.apache.hadoop.security.AuthenticationFilterInitializer;
 import org.apache.hadoop.security.authentication.util.SignerSecretProvider;
-import org.apache.hadoop.security.ssl.SslSocketConnectorSecure;
+import org.apache.hadoop.security.ssl.SslSelectChannelConnectorSecure;
 import org.apache.hadoop.jmx.JMXJsonServlet;
 import org.apache.hadoop.log.LogLevel;
 import org.apache.hadoop.security.SecurityUtil;
@@ -77,7 +77,7 @@ import org.mortbay.jetty.handler.ContextHandlerCollection;
 import org.mortbay.jetty.handler.HandlerCollection;
 import org.mortbay.jetty.handler.RequestLogHandler;
 import org.mortbay.jetty.nio.SelectChannelConnector;
-import org.mortbay.jetty.security.SslSocketConnector;
+import org.mortbay.jetty.security.SslSelectChannelConnector;
 import org.mortbay.jetty.servlet.AbstractSessionManager;
 import org.mortbay.jetty.servlet.Context;
 import org.mortbay.jetty.servlet.DefaultServlet;
@@ -332,29 +332,7 @@ public final class HttpServer2 implements FilterContainer {
 if ("http".equals(scheme)) {
   listener = HttpServer2.createDefaultChannelConnector();
 } else if ("https".equals(scheme)) {
-  SslSocketConnector c = new SslSocketConnectorSecure();
-  c.setHeaderBufferSize(1024*64);
-  c.setNeedClientAuth(needsClientAuth);
-  c.setKeyPassword(keyPassword);
-
-  if (keyStore != null) {
-c.setKeystore(keyStore);
-c.setKeystoreType(keyStoreType);
-c.setPassword(keyStorePassword);
-  }
-
-  if (trustStore != null) {
-c.setTruststore(trustStore);
-c.setTruststoreType(trustStoreType);
-c.setTrustPassword(trustStorePassword);
-  }
-
-  if(null != excludeCiphers && !excludeCiphers.isEmpty()) {
-c.setExcludeCipherSuites(excludeCiphers.split(","));
-LOG.info("Excluded Cipher List:" + excludeCiphers);
-  }
-
-  listener = c;
+  listener = createHttpsChannelConnector();
 
 } else {
   throw new HadoopIllegalArgumentException(
@@ -367,6 +345,32 @@ public final class HttpServer2 implements FilterContainer {
   server.loadListeners();