[08/50] [abbrv] hadoop git commit: HADOOP-15674. Test failure TestSSLHttpServer.testExcludedCiphers with TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 cipher suite. Contributed by Szilard Nemeth.
HADOOP-15674. Test failure TestSSLHttpServer.testExcludedCiphers with TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 cipher suite. Contributed by Szilard Nemeth. Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/8d7c9318 Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/8d7c9318 Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/8d7c9318 Branch: refs/heads/HDFS-12943 Commit: 8d7c93186e3090b19aa59006bb6b32ba929bd8e6 Parents: fb5b3dc Author: Xiao Chen Authored: Fri Aug 17 10:08:52 2018 -0700 Committer: Xiao Chen Committed: Fri Aug 17 10:09:23 2018 -0700 -- .../apache/hadoop/http/TestSSLHttpServer.java | 54 +++- 1 file changed, 53 insertions(+), 1 deletion(-) -- http://git-wip-us.apache.org/repos/asf/hadoop/blob/8d7c9318/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/http/TestSSLHttpServer.java -- diff --git a/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/http/TestSSLHttpServer.java b/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/http/TestSSLHttpServer.java index 5af6d6f..2166464 100644 --- a/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/http/TestSSLHttpServer.java +++ b/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/http/TestSSLHttpServer.java @@ -48,7 +48,7 @@ import org.slf4j.LoggerFactory; /** * This testcase issues SSL certificates configures the HttpServer to serve - * HTTPS using the created certficates and calls an echo servlet using the + * HTTPS using the created certificates and calls an echo servlet using the * corresponding HTTPS URL. */ public class TestSSLHttpServer extends HttpServerFunctionalTest { @@ -58,11 +58,15 @@ public class TestSSLHttpServer extends HttpServerFunctionalTest { private static final Logger LOG = LoggerFactory.getLogger(TestSSLHttpServer.class); + private static final String HTTPS_CIPHER_SUITES_KEY = "https.cipherSuites"; + private static final String JAVAX_NET_DEBUG_KEY = "javax.net.debug"; private static Configuration conf; private static HttpServer2 server; private static String keystoresDir; private static String sslConfDir; private static SSLFactory clientSslFactory; + private static String cipherSuitesPropertyValue; + private static String sslDebugPropertyValue; private static final String excludeCiphers = "TLS_ECDHE_RSA_WITH_RC4_128_SHA," + "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, \n" + "SSL_RSA_WITH_DES_CBC_SHA," @@ -83,6 +87,9 @@ public class TestSSLHttpServer extends HttpServerFunctionalTest { @BeforeClass public static void setup() throws Exception { +turnOnSSLDebugLogging(); +storeHttpsCipherSuites(); + conf = new Configuration(); conf.setInt(HttpServer2.HTTP_MAX_THREADS_KEY, 10); @@ -127,6 +134,51 @@ public class TestSSLHttpServer extends HttpServerFunctionalTest { FileUtil.fullyDelete(new File(BASEDIR)); KeyStoreTestUtil.cleanupSSLConfig(keystoresDir, sslConfDir); clientSslFactory.destroy(); +restoreHttpsCipherSuites(); +restoreSSLDebugLogging(); + } + + /** + * Stores the JVM property value of https.cipherSuites and sets its + * value to an empty string. + * This ensures that the value https.cipherSuites does + * not affect the result of tests. + */ + private static void storeHttpsCipherSuites() { +String cipherSuites = System.getProperty(HTTPS_CIPHER_SUITES_KEY); +if (cipherSuites != null) { + LOG.info( + "Found value for property {}: {}", HTTPS_CIPHER_SUITES_KEY, + cipherSuites); + cipherSuitesPropertyValue = cipherSuites; +} +System.clearProperty(HTTPS_CIPHER_SUITES_KEY); + } + + private static void restoreHttpsCipherSuites() { +if (cipherSuitesPropertyValue != null) { + LOG.info("Restoring property {} to value: {}", HTTPS_CIPHER_SUITES_KEY, + cipherSuitesPropertyValue); + System.setProperty(HTTPS_CIPHER_SUITES_KEY, cipherSuitesPropertyValue); + cipherSuitesPropertyValue = null; +} + } + + private static void turnOnSSLDebugLogging() { +String sslDebug = System.getProperty(JAVAX_NET_DEBUG_KEY); +if (sslDebug != null) { + sslDebugPropertyValue = sslDebug; +} +System.setProperty(JAVAX_NET_DEBUG_KEY, "all"); + } + + private static void restoreSSLDebugLogging() { +if (sslDebugPropertyValue != null) { + System.setProperty(JAVAX_NET_DEBUG_KEY, sslDebugPropertyValue); + sslDebugPropertyValue = null; +} else { + System.clearProperty(JAVAX_NET_DEBUG_KEY); +} } @Test - To unsubscribe, e-mail:
hadoop git commit: HADOOP-15674. Test failure TestSSLHttpServer.testExcludedCiphers with TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 cipher suite. Contributed by Szilard Nemeth.
Repository: hadoop Updated Branches: refs/heads/branch-2.7 4845464ba -> 2ed1a5d00 HADOOP-15674. Test failure TestSSLHttpServer.testExcludedCiphers with TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 cipher suite. Contributed by Szilard Nemeth. (cherry picked from commit 8d7c93186e3090b19aa59006bb6b32ba929bd8e6) Conflicts: hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/http/TestSSLHttpServer.java (cherry picked from commit 5232653ec0bf8d08187f41930eec073e1b7b1df2) Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/2ed1a5d0 Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/2ed1a5d0 Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/2ed1a5d0 Branch: refs/heads/branch-2.7 Commit: 2ed1a5d000e3c18003a51dae3d161dcc19f0a307 Parents: 4845464 Author: Xiao Chen Authored: Fri Aug 17 10:08:52 2018 -0700 Committer: Xiao Chen Committed: Fri Aug 17 10:21:10 2018 -0700 -- .../apache/hadoop/http/TestSSLHttpServer.java | 61 ++-- 1 file changed, 57 insertions(+), 4 deletions(-) -- http://git-wip-us.apache.org/repos/asf/hadoop/blob/2ed1a5d0/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/http/TestSSLHttpServer.java -- diff --git a/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/http/TestSSLHttpServer.java b/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/http/TestSSLHttpServer.java index 0436cc0..cdeb3b5 100644 --- a/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/http/TestSSLHttpServer.java +++ b/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/http/TestSSLHttpServer.java @@ -32,8 +32,6 @@ import javax.net.ssl.SSLHandshakeException; import javax.net.ssl.SSLSocket; import javax.net.ssl.SSLSocketFactory; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; import org.apache.hadoop.conf.Configuration; import org.apache.hadoop.fs.FileUtil; import org.apache.hadoop.io.IOUtils; @@ -43,10 +41,12 @@ import org.apache.hadoop.security.ssl.SSLFactory; import org.junit.AfterClass; import org.junit.BeforeClass; import org.junit.Test; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; /** * This testcase issues SSL certificates configures the HttpServer to serve - * HTTPS using the created certficates and calls an echo servlet using the + * HTTPS using the created certificates and calls an echo servlet using the * corresponding HTTPS URL. */ public class TestSSLHttpServer extends HttpServerFunctionalTest { @@ -54,12 +54,17 @@ public class TestSSLHttpServer extends HttpServerFunctionalTest { private static final String BASEDIR = System.getProperty("test.build.dir", "target/test-dir") + "/" + TestSSLHttpServer.class.getSimpleName(); - private static final Log LOG = LogFactory.getLog(TestSSLHttpServer.class); + private static final Logger LOG = + LoggerFactory.getLogger(TestSSLHttpServer.class); + private static final String HTTPS_CIPHER_SUITES_KEY = "https.cipherSuites"; + private static final String JAVAX_NET_DEBUG_KEY = "javax.net.debug"; private static Configuration conf; private static HttpServer2 server; private static String keystoresDir; private static String sslConfDir; private static SSLFactory clientSslFactory; + private static String cipherSuitesPropertyValue; + private static String sslDebugPropertyValue; private static final String excludeCiphers = "TLS_ECDHE_RSA_WITH_RC4_128_SHA," + "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA," + "SSL_RSA_WITH_DES_CBC_SHA," @@ -80,6 +85,9 @@ public class TestSSLHttpServer extends HttpServerFunctionalTest { @BeforeClass public static void setup() throws Exception { +turnOnSSLDebugLogging(); +storeHttpsCipherSuites(); + conf = new Configuration(); conf.setInt(HttpServer2.HTTP_MAX_THREADS, 10); @@ -125,6 +133,51 @@ public class TestSSLHttpServer extends HttpServerFunctionalTest { FileUtil.fullyDelete(new File(BASEDIR)); KeyStoreTestUtil.cleanupSSLConfig(keystoresDir, sslConfDir); clientSslFactory.destroy(); +restoreHttpsCipherSuites(); +restoreSSLDebugLogging(); + } + + /** + * Stores the JVM property value of https.cipherSuites and sets its + * value to an empty string. + * This ensures that the value https.cipherSuites does + * not affect the result of tests. + */ + private static void storeHttpsCipherSuites() { +String cipherSuites = System.getProperty(HTTPS_CIPHER_SUITES_KEY); +if (cipherSuites != null) { + LOG.info( + "Found value for property {}: {}", HTTPS_CIPHER_SUITES_KEY, + cipherSuites); + cipherSuitesPropertyValue = cipherSuites; +
hadoop git commit: HADOOP-15674. Test failure TestSSLHttpServer.testExcludedCiphers with TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 cipher suite. Contributed by Szilard Nemeth.
Repository: hadoop Updated Branches: refs/heads/branch-3.0 185c8f2ab -> a41f18098 HADOOP-15674. Test failure TestSSLHttpServer.testExcludedCiphers with TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 cipher suite. Contributed by Szilard Nemeth. (cherry picked from commit 8d7c93186e3090b19aa59006bb6b32ba929bd8e6) Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/a41f1809 Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/a41f1809 Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/a41f1809 Branch: refs/heads/branch-3.0 Commit: a41f18098b849ba2ccbae824a5a57bfe7b6ad44e Parents: 185c8f2 Author: Xiao Chen Authored: Fri Aug 17 10:08:52 2018 -0700 Committer: Xiao Chen Committed: Fri Aug 17 10:20:20 2018 -0700 -- .../apache/hadoop/http/TestSSLHttpServer.java | 54 +++- 1 file changed, 53 insertions(+), 1 deletion(-) -- http://git-wip-us.apache.org/repos/asf/hadoop/blob/a41f1809/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/http/TestSSLHttpServer.java -- diff --git a/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/http/TestSSLHttpServer.java b/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/http/TestSSLHttpServer.java index 5af6d6f..2166464 100644 --- a/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/http/TestSSLHttpServer.java +++ b/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/http/TestSSLHttpServer.java @@ -48,7 +48,7 @@ import org.slf4j.LoggerFactory; /** * This testcase issues SSL certificates configures the HttpServer to serve - * HTTPS using the created certficates and calls an echo servlet using the + * HTTPS using the created certificates and calls an echo servlet using the * corresponding HTTPS URL. */ public class TestSSLHttpServer extends HttpServerFunctionalTest { @@ -58,11 +58,15 @@ public class TestSSLHttpServer extends HttpServerFunctionalTest { private static final Logger LOG = LoggerFactory.getLogger(TestSSLHttpServer.class); + private static final String HTTPS_CIPHER_SUITES_KEY = "https.cipherSuites"; + private static final String JAVAX_NET_DEBUG_KEY = "javax.net.debug"; private static Configuration conf; private static HttpServer2 server; private static String keystoresDir; private static String sslConfDir; private static SSLFactory clientSslFactory; + private static String cipherSuitesPropertyValue; + private static String sslDebugPropertyValue; private static final String excludeCiphers = "TLS_ECDHE_RSA_WITH_RC4_128_SHA," + "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, \n" + "SSL_RSA_WITH_DES_CBC_SHA," @@ -83,6 +87,9 @@ public class TestSSLHttpServer extends HttpServerFunctionalTest { @BeforeClass public static void setup() throws Exception { +turnOnSSLDebugLogging(); +storeHttpsCipherSuites(); + conf = new Configuration(); conf.setInt(HttpServer2.HTTP_MAX_THREADS_KEY, 10); @@ -127,6 +134,51 @@ public class TestSSLHttpServer extends HttpServerFunctionalTest { FileUtil.fullyDelete(new File(BASEDIR)); KeyStoreTestUtil.cleanupSSLConfig(keystoresDir, sslConfDir); clientSslFactory.destroy(); +restoreHttpsCipherSuites(); +restoreSSLDebugLogging(); + } + + /** + * Stores the JVM property value of https.cipherSuites and sets its + * value to an empty string. + * This ensures that the value https.cipherSuites does + * not affect the result of tests. + */ + private static void storeHttpsCipherSuites() { +String cipherSuites = System.getProperty(HTTPS_CIPHER_SUITES_KEY); +if (cipherSuites != null) { + LOG.info( + "Found value for property {}: {}", HTTPS_CIPHER_SUITES_KEY, + cipherSuites); + cipherSuitesPropertyValue = cipherSuites; +} +System.clearProperty(HTTPS_CIPHER_SUITES_KEY); + } + + private static void restoreHttpsCipherSuites() { +if (cipherSuitesPropertyValue != null) { + LOG.info("Restoring property {} to value: {}", HTTPS_CIPHER_SUITES_KEY, + cipherSuitesPropertyValue); + System.setProperty(HTTPS_CIPHER_SUITES_KEY, cipherSuitesPropertyValue); + cipherSuitesPropertyValue = null; +} + } + + private static void turnOnSSLDebugLogging() { +String sslDebug = System.getProperty(JAVAX_NET_DEBUG_KEY); +if (sslDebug != null) { + sslDebugPropertyValue = sslDebug; +} +System.setProperty(JAVAX_NET_DEBUG_KEY, "all"); + } + + private static void restoreSSLDebugLogging() { +if (sslDebugPropertyValue != null) { + System.setProperty(JAVAX_NET_DEBUG_KEY, sslDebugPropertyValue); + sslDebugPropertyValue = null; +} else { +
hadoop git commit: HADOOP-15674. Test failure TestSSLHttpServer.testExcludedCiphers with TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 cipher suite. Contributed by Szilard Nemeth.
Repository: hadoop Updated Branches: refs/heads/branch-2.9 50ba2272e -> 42c47971d HADOOP-15674. Test failure TestSSLHttpServer.testExcludedCiphers with TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 cipher suite. Contributed by Szilard Nemeth. (cherry picked from commit 8d7c93186e3090b19aa59006bb6b32ba929bd8e6) Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/42c47971 Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/42c47971 Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/42c47971 Branch: refs/heads/branch-2.9 Commit: 42c47971d8bb2ce2ea06b4e94d7c12b4b61870cd Parents: 50ba227 Author: Xiao Chen Authored: Fri Aug 17 10:08:52 2018 -0700 Committer: Xiao Chen Committed: Fri Aug 17 10:20:37 2018 -0700 -- .../apache/hadoop/http/TestSSLHttpServer.java | 54 +++- 1 file changed, 53 insertions(+), 1 deletion(-) -- http://git-wip-us.apache.org/repos/asf/hadoop/blob/42c47971/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/http/TestSSLHttpServer.java -- diff --git a/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/http/TestSSLHttpServer.java b/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/http/TestSSLHttpServer.java index 3c68986..38fd926 100644 --- a/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/http/TestSSLHttpServer.java +++ b/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/http/TestSSLHttpServer.java @@ -48,7 +48,7 @@ import org.slf4j.LoggerFactory; /** * This testcase issues SSL certificates configures the HttpServer to serve - * HTTPS using the created certficates and calls an echo servlet using the + * HTTPS using the created certificates and calls an echo servlet using the * corresponding HTTPS URL. */ public class TestSSLHttpServer extends HttpServerFunctionalTest { @@ -58,11 +58,15 @@ public class TestSSLHttpServer extends HttpServerFunctionalTest { private static final Logger LOG = LoggerFactory.getLogger(TestSSLHttpServer.class); + private static final String HTTPS_CIPHER_SUITES_KEY = "https.cipherSuites"; + private static final String JAVAX_NET_DEBUG_KEY = "javax.net.debug"; private static Configuration conf; private static HttpServer2 server; private static String keystoresDir; private static String sslConfDir; private static SSLFactory clientSslFactory; + private static String cipherSuitesPropertyValue; + private static String sslDebugPropertyValue; private static final String excludeCiphers = "TLS_ECDHE_RSA_WITH_RC4_128_SHA," + "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, \n" + "SSL_RSA_WITH_DES_CBC_SHA," @@ -83,6 +87,9 @@ public class TestSSLHttpServer extends HttpServerFunctionalTest { @BeforeClass public static void setup() throws Exception { +turnOnSSLDebugLogging(); +storeHttpsCipherSuites(); + conf = new Configuration(); conf.setInt(HttpServer2.HTTP_MAX_THREADS, 10); @@ -127,6 +134,51 @@ public class TestSSLHttpServer extends HttpServerFunctionalTest { FileUtil.fullyDelete(new File(BASEDIR)); KeyStoreTestUtil.cleanupSSLConfig(keystoresDir, sslConfDir); clientSslFactory.destroy(); +restoreHttpsCipherSuites(); +restoreSSLDebugLogging(); + } + + /** + * Stores the JVM property value of https.cipherSuites and sets its + * value to an empty string. + * This ensures that the value https.cipherSuites does + * not affect the result of tests. + */ + private static void storeHttpsCipherSuites() { +String cipherSuites = System.getProperty(HTTPS_CIPHER_SUITES_KEY); +if (cipherSuites != null) { + LOG.info( + "Found value for property {}: {}", HTTPS_CIPHER_SUITES_KEY, + cipherSuites); + cipherSuitesPropertyValue = cipherSuites; +} +System.clearProperty(HTTPS_CIPHER_SUITES_KEY); + } + + private static void restoreHttpsCipherSuites() { +if (cipherSuitesPropertyValue != null) { + LOG.info("Restoring property {} to value: {}", HTTPS_CIPHER_SUITES_KEY, + cipherSuitesPropertyValue); + System.setProperty(HTTPS_CIPHER_SUITES_KEY, cipherSuitesPropertyValue); + cipherSuitesPropertyValue = null; +} + } + + private static void turnOnSSLDebugLogging() { +String sslDebug = System.getProperty(JAVAX_NET_DEBUG_KEY); +if (sslDebug != null) { + sslDebugPropertyValue = sslDebug; +} +System.setProperty(JAVAX_NET_DEBUG_KEY, "all"); + } + + private static void restoreSSLDebugLogging() { +if (sslDebugPropertyValue != null) { + System.setProperty(JAVAX_NET_DEBUG_KEY, sslDebugPropertyValue); + sslDebugPropertyValue = null; +} else { + System.clearProperty(JAVAX_NET_DEBUG_KEY);
hadoop git commit: HADOOP-15674. Test failure TestSSLHttpServer.testExcludedCiphers with TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 cipher suite. Contributed by Szilard Nemeth.
Repository: hadoop Updated Branches: refs/heads/branch-2.8 2a6b62655 -> 5232653ec HADOOP-15674. Test failure TestSSLHttpServer.testExcludedCiphers with TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 cipher suite. Contributed by Szilard Nemeth. (cherry picked from commit 8d7c93186e3090b19aa59006bb6b32ba929bd8e6) Conflicts: hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/http/TestSSLHttpServer.java Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/5232653e Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/5232653e Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/5232653e Branch: refs/heads/branch-2.8 Commit: 5232653ec0bf8d08187f41930eec073e1b7b1df2 Parents: 2a6b626 Author: Xiao Chen Authored: Fri Aug 17 10:08:52 2018 -0700 Committer: Xiao Chen Committed: Fri Aug 17 10:20:48 2018 -0700 -- .../apache/hadoop/http/TestSSLHttpServer.java | 61 ++-- 1 file changed, 57 insertions(+), 4 deletions(-) -- http://git-wip-us.apache.org/repos/asf/hadoop/blob/5232653e/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/http/TestSSLHttpServer.java -- diff --git a/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/http/TestSSLHttpServer.java b/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/http/TestSSLHttpServer.java index f52a055..38fd926 100644 --- a/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/http/TestSSLHttpServer.java +++ b/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/http/TestSSLHttpServer.java @@ -32,8 +32,6 @@ import javax.net.ssl.SSLHandshakeException; import javax.net.ssl.SSLSocket; import javax.net.ssl.SSLSocketFactory; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; import org.apache.hadoop.conf.Configuration; import org.apache.hadoop.fs.FileUtil; import org.apache.hadoop.io.IOUtils; @@ -45,10 +43,12 @@ import org.apache.hadoop.util.StringUtils; import org.junit.AfterClass; import org.junit.BeforeClass; import org.junit.Test; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; /** * This testcase issues SSL certificates configures the HttpServer to serve - * HTTPS using the created certficates and calls an echo servlet using the + * HTTPS using the created certificates and calls an echo servlet using the * corresponding HTTPS URL. */ public class TestSSLHttpServer extends HttpServerFunctionalTest { @@ -56,12 +56,17 @@ public class TestSSLHttpServer extends HttpServerFunctionalTest { private static final String BASEDIR = GenericTestUtils.getTempPath(TestSSLHttpServer.class.getSimpleName()); - private static final Log LOG = LogFactory.getLog(TestSSLHttpServer.class); + private static final Logger LOG = + LoggerFactory.getLogger(TestSSLHttpServer.class); + private static final String HTTPS_CIPHER_SUITES_KEY = "https.cipherSuites"; + private static final String JAVAX_NET_DEBUG_KEY = "javax.net.debug"; private static Configuration conf; private static HttpServer2 server; private static String keystoresDir; private static String sslConfDir; private static SSLFactory clientSslFactory; + private static String cipherSuitesPropertyValue; + private static String sslDebugPropertyValue; private static final String excludeCiphers = "TLS_ECDHE_RSA_WITH_RC4_128_SHA," + "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, \n" + "SSL_RSA_WITH_DES_CBC_SHA," @@ -82,6 +87,9 @@ public class TestSSLHttpServer extends HttpServerFunctionalTest { @BeforeClass public static void setup() throws Exception { +turnOnSSLDebugLogging(); +storeHttpsCipherSuites(); + conf = new Configuration(); conf.setInt(HttpServer2.HTTP_MAX_THREADS, 10); @@ -126,6 +134,51 @@ public class TestSSLHttpServer extends HttpServerFunctionalTest { FileUtil.fullyDelete(new File(BASEDIR)); KeyStoreTestUtil.cleanupSSLConfig(keystoresDir, sslConfDir); clientSslFactory.destroy(); +restoreHttpsCipherSuites(); +restoreSSLDebugLogging(); + } + + /** + * Stores the JVM property value of https.cipherSuites and sets its + * value to an empty string. + * This ensures that the value https.cipherSuites does + * not affect the result of tests. + */ + private static void storeHttpsCipherSuites() { +String cipherSuites = System.getProperty(HTTPS_CIPHER_SUITES_KEY); +if (cipherSuites != null) { + LOG.info( + "Found value for property {}: {}", HTTPS_CIPHER_SUITES_KEY, + cipherSuites); + cipherSuitesPropertyValue = cipherSuites; +} +System.clearProperty(HTTPS_CIPHER_SUITES_KEY); + } + + private static void
hadoop git commit: HADOOP-15674. Test failure TestSSLHttpServer.testExcludedCiphers with TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 cipher suite. Contributed by Szilard Nemeth.
Repository: hadoop Updated Branches: refs/heads/branch-2 e2210a517 -> 805647287 HADOOP-15674. Test failure TestSSLHttpServer.testExcludedCiphers with TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 cipher suite. Contributed by Szilard Nemeth. (cherry picked from commit 8d7c93186e3090b19aa59006bb6b32ba929bd8e6) Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/80564728 Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/80564728 Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/80564728 Branch: refs/heads/branch-2 Commit: 8056472879ff150011887e8f12948ed2ce7534ca Parents: e2210a5 Author: Xiao Chen Authored: Fri Aug 17 10:08:52 2018 -0700 Committer: Xiao Chen Committed: Fri Aug 17 10:20:29 2018 -0700 -- .../apache/hadoop/http/TestSSLHttpServer.java | 54 +++- 1 file changed, 53 insertions(+), 1 deletion(-) -- http://git-wip-us.apache.org/repos/asf/hadoop/blob/80564728/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/http/TestSSLHttpServer.java -- diff --git a/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/http/TestSSLHttpServer.java b/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/http/TestSSLHttpServer.java index 3c68986..38fd926 100644 --- a/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/http/TestSSLHttpServer.java +++ b/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/http/TestSSLHttpServer.java @@ -48,7 +48,7 @@ import org.slf4j.LoggerFactory; /** * This testcase issues SSL certificates configures the HttpServer to serve - * HTTPS using the created certficates and calls an echo servlet using the + * HTTPS using the created certificates and calls an echo servlet using the * corresponding HTTPS URL. */ public class TestSSLHttpServer extends HttpServerFunctionalTest { @@ -58,11 +58,15 @@ public class TestSSLHttpServer extends HttpServerFunctionalTest { private static final Logger LOG = LoggerFactory.getLogger(TestSSLHttpServer.class); + private static final String HTTPS_CIPHER_SUITES_KEY = "https.cipherSuites"; + private static final String JAVAX_NET_DEBUG_KEY = "javax.net.debug"; private static Configuration conf; private static HttpServer2 server; private static String keystoresDir; private static String sslConfDir; private static SSLFactory clientSslFactory; + private static String cipherSuitesPropertyValue; + private static String sslDebugPropertyValue; private static final String excludeCiphers = "TLS_ECDHE_RSA_WITH_RC4_128_SHA," + "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, \n" + "SSL_RSA_WITH_DES_CBC_SHA," @@ -83,6 +87,9 @@ public class TestSSLHttpServer extends HttpServerFunctionalTest { @BeforeClass public static void setup() throws Exception { +turnOnSSLDebugLogging(); +storeHttpsCipherSuites(); + conf = new Configuration(); conf.setInt(HttpServer2.HTTP_MAX_THREADS, 10); @@ -127,6 +134,51 @@ public class TestSSLHttpServer extends HttpServerFunctionalTest { FileUtil.fullyDelete(new File(BASEDIR)); KeyStoreTestUtil.cleanupSSLConfig(keystoresDir, sslConfDir); clientSslFactory.destroy(); +restoreHttpsCipherSuites(); +restoreSSLDebugLogging(); + } + + /** + * Stores the JVM property value of https.cipherSuites and sets its + * value to an empty string. + * This ensures that the value https.cipherSuites does + * not affect the result of tests. + */ + private static void storeHttpsCipherSuites() { +String cipherSuites = System.getProperty(HTTPS_CIPHER_SUITES_KEY); +if (cipherSuites != null) { + LOG.info( + "Found value for property {}: {}", HTTPS_CIPHER_SUITES_KEY, + cipherSuites); + cipherSuitesPropertyValue = cipherSuites; +} +System.clearProperty(HTTPS_CIPHER_SUITES_KEY); + } + + private static void restoreHttpsCipherSuites() { +if (cipherSuitesPropertyValue != null) { + LOG.info("Restoring property {} to value: {}", HTTPS_CIPHER_SUITES_KEY, + cipherSuitesPropertyValue); + System.setProperty(HTTPS_CIPHER_SUITES_KEY, cipherSuitesPropertyValue); + cipherSuitesPropertyValue = null; +} + } + + private static void turnOnSSLDebugLogging() { +String sslDebug = System.getProperty(JAVAX_NET_DEBUG_KEY); +if (sslDebug != null) { + sslDebugPropertyValue = sslDebug; +} +System.setProperty(JAVAX_NET_DEBUG_KEY, "all"); + } + + private static void restoreSSLDebugLogging() { +if (sslDebugPropertyValue != null) { + System.setProperty(JAVAX_NET_DEBUG_KEY, sslDebugPropertyValue); + sslDebugPropertyValue = null; +} else { + System.clearProperty(JAVAX_NET_DEBUG_KEY); +
hadoop git commit: HADOOP-15674. Test failure TestSSLHttpServer.testExcludedCiphers with TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 cipher suite. Contributed by Szilard Nemeth.
Repository: hadoop Updated Branches: refs/heads/branch-3.1 06f0d5e25 -> 7556b09e9 HADOOP-15674. Test failure TestSSLHttpServer.testExcludedCiphers with TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 cipher suite. Contributed by Szilard Nemeth. (cherry picked from commit 8d7c93186e3090b19aa59006bb6b32ba929bd8e6) Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/7556b09e Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/7556b09e Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/7556b09e Branch: refs/heads/branch-3.1 Commit: 7556b09e9a790e5bc697396b0871d99ed3cf1318 Parents: 06f0d5e Author: Xiao Chen Authored: Fri Aug 17 10:08:52 2018 -0700 Committer: Xiao Chen Committed: Fri Aug 17 10:20:12 2018 -0700 -- .../apache/hadoop/http/TestSSLHttpServer.java | 54 +++- 1 file changed, 53 insertions(+), 1 deletion(-) -- http://git-wip-us.apache.org/repos/asf/hadoop/blob/7556b09e/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/http/TestSSLHttpServer.java -- diff --git a/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/http/TestSSLHttpServer.java b/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/http/TestSSLHttpServer.java index 5af6d6f..2166464 100644 --- a/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/http/TestSSLHttpServer.java +++ b/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/http/TestSSLHttpServer.java @@ -48,7 +48,7 @@ import org.slf4j.LoggerFactory; /** * This testcase issues SSL certificates configures the HttpServer to serve - * HTTPS using the created certficates and calls an echo servlet using the + * HTTPS using the created certificates and calls an echo servlet using the * corresponding HTTPS URL. */ public class TestSSLHttpServer extends HttpServerFunctionalTest { @@ -58,11 +58,15 @@ public class TestSSLHttpServer extends HttpServerFunctionalTest { private static final Logger LOG = LoggerFactory.getLogger(TestSSLHttpServer.class); + private static final String HTTPS_CIPHER_SUITES_KEY = "https.cipherSuites"; + private static final String JAVAX_NET_DEBUG_KEY = "javax.net.debug"; private static Configuration conf; private static HttpServer2 server; private static String keystoresDir; private static String sslConfDir; private static SSLFactory clientSslFactory; + private static String cipherSuitesPropertyValue; + private static String sslDebugPropertyValue; private static final String excludeCiphers = "TLS_ECDHE_RSA_WITH_RC4_128_SHA," + "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, \n" + "SSL_RSA_WITH_DES_CBC_SHA," @@ -83,6 +87,9 @@ public class TestSSLHttpServer extends HttpServerFunctionalTest { @BeforeClass public static void setup() throws Exception { +turnOnSSLDebugLogging(); +storeHttpsCipherSuites(); + conf = new Configuration(); conf.setInt(HttpServer2.HTTP_MAX_THREADS_KEY, 10); @@ -127,6 +134,51 @@ public class TestSSLHttpServer extends HttpServerFunctionalTest { FileUtil.fullyDelete(new File(BASEDIR)); KeyStoreTestUtil.cleanupSSLConfig(keystoresDir, sslConfDir); clientSslFactory.destroy(); +restoreHttpsCipherSuites(); +restoreSSLDebugLogging(); + } + + /** + * Stores the JVM property value of https.cipherSuites and sets its + * value to an empty string. + * This ensures that the value https.cipherSuites does + * not affect the result of tests. + */ + private static void storeHttpsCipherSuites() { +String cipherSuites = System.getProperty(HTTPS_CIPHER_SUITES_KEY); +if (cipherSuites != null) { + LOG.info( + "Found value for property {}: {}", HTTPS_CIPHER_SUITES_KEY, + cipherSuites); + cipherSuitesPropertyValue = cipherSuites; +} +System.clearProperty(HTTPS_CIPHER_SUITES_KEY); + } + + private static void restoreHttpsCipherSuites() { +if (cipherSuitesPropertyValue != null) { + LOG.info("Restoring property {} to value: {}", HTTPS_CIPHER_SUITES_KEY, + cipherSuitesPropertyValue); + System.setProperty(HTTPS_CIPHER_SUITES_KEY, cipherSuitesPropertyValue); + cipherSuitesPropertyValue = null; +} + } + + private static void turnOnSSLDebugLogging() { +String sslDebug = System.getProperty(JAVAX_NET_DEBUG_KEY); +if (sslDebug != null) { + sslDebugPropertyValue = sslDebug; +} +System.setProperty(JAVAX_NET_DEBUG_KEY, "all"); + } + + private static void restoreSSLDebugLogging() { +if (sslDebugPropertyValue != null) { + System.setProperty(JAVAX_NET_DEBUG_KEY, sslDebugPropertyValue); + sslDebugPropertyValue = null; +} else { +
hadoop git commit: HADOOP-15674. Test failure TestSSLHttpServer.testExcludedCiphers with TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 cipher suite. Contributed by Szilard Nemeth.
Repository: hadoop Updated Branches: refs/heads/trunk fb5b3dce6 -> 8d7c93186 HADOOP-15674. Test failure TestSSLHttpServer.testExcludedCiphers with TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 cipher suite. Contributed by Szilard Nemeth. Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/8d7c9318 Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/8d7c9318 Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/8d7c9318 Branch: refs/heads/trunk Commit: 8d7c93186e3090b19aa59006bb6b32ba929bd8e6 Parents: fb5b3dc Author: Xiao Chen Authored: Fri Aug 17 10:08:52 2018 -0700 Committer: Xiao Chen Committed: Fri Aug 17 10:09:23 2018 -0700 -- .../apache/hadoop/http/TestSSLHttpServer.java | 54 +++- 1 file changed, 53 insertions(+), 1 deletion(-) -- http://git-wip-us.apache.org/repos/asf/hadoop/blob/8d7c9318/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/http/TestSSLHttpServer.java -- diff --git a/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/http/TestSSLHttpServer.java b/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/http/TestSSLHttpServer.java index 5af6d6f..2166464 100644 --- a/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/http/TestSSLHttpServer.java +++ b/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/http/TestSSLHttpServer.java @@ -48,7 +48,7 @@ import org.slf4j.LoggerFactory; /** * This testcase issues SSL certificates configures the HttpServer to serve - * HTTPS using the created certficates and calls an echo servlet using the + * HTTPS using the created certificates and calls an echo servlet using the * corresponding HTTPS URL. */ public class TestSSLHttpServer extends HttpServerFunctionalTest { @@ -58,11 +58,15 @@ public class TestSSLHttpServer extends HttpServerFunctionalTest { private static final Logger LOG = LoggerFactory.getLogger(TestSSLHttpServer.class); + private static final String HTTPS_CIPHER_SUITES_KEY = "https.cipherSuites"; + private static final String JAVAX_NET_DEBUG_KEY = "javax.net.debug"; private static Configuration conf; private static HttpServer2 server; private static String keystoresDir; private static String sslConfDir; private static SSLFactory clientSslFactory; + private static String cipherSuitesPropertyValue; + private static String sslDebugPropertyValue; private static final String excludeCiphers = "TLS_ECDHE_RSA_WITH_RC4_128_SHA," + "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, \n" + "SSL_RSA_WITH_DES_CBC_SHA," @@ -83,6 +87,9 @@ public class TestSSLHttpServer extends HttpServerFunctionalTest { @BeforeClass public static void setup() throws Exception { +turnOnSSLDebugLogging(); +storeHttpsCipherSuites(); + conf = new Configuration(); conf.setInt(HttpServer2.HTTP_MAX_THREADS_KEY, 10); @@ -127,6 +134,51 @@ public class TestSSLHttpServer extends HttpServerFunctionalTest { FileUtil.fullyDelete(new File(BASEDIR)); KeyStoreTestUtil.cleanupSSLConfig(keystoresDir, sslConfDir); clientSslFactory.destroy(); +restoreHttpsCipherSuites(); +restoreSSLDebugLogging(); + } + + /** + * Stores the JVM property value of https.cipherSuites and sets its + * value to an empty string. + * This ensures that the value https.cipherSuites does + * not affect the result of tests. + */ + private static void storeHttpsCipherSuites() { +String cipherSuites = System.getProperty(HTTPS_CIPHER_SUITES_KEY); +if (cipherSuites != null) { + LOG.info( + "Found value for property {}: {}", HTTPS_CIPHER_SUITES_KEY, + cipherSuites); + cipherSuitesPropertyValue = cipherSuites; +} +System.clearProperty(HTTPS_CIPHER_SUITES_KEY); + } + + private static void restoreHttpsCipherSuites() { +if (cipherSuitesPropertyValue != null) { + LOG.info("Restoring property {} to value: {}", HTTPS_CIPHER_SUITES_KEY, + cipherSuitesPropertyValue); + System.setProperty(HTTPS_CIPHER_SUITES_KEY, cipherSuitesPropertyValue); + cipherSuitesPropertyValue = null; +} + } + + private static void turnOnSSLDebugLogging() { +String sslDebug = System.getProperty(JAVAX_NET_DEBUG_KEY); +if (sslDebug != null) { + sslDebugPropertyValue = sslDebug; +} +System.setProperty(JAVAX_NET_DEBUG_KEY, "all"); + } + + private static void restoreSSLDebugLogging() { +if (sslDebugPropertyValue != null) { + System.setProperty(JAVAX_NET_DEBUG_KEY, sslDebugPropertyValue); + sslDebugPropertyValue = null; +} else { + System.clearProperty(JAVAX_NET_DEBUG_KEY); +} } @Test