Re: Review Request 63209: RANGER-1644 changed crypto algorithm to a strong one

2017-12-20 Thread Endre Zoltan Kovacs via Review Board 


> On Dec. 7, 2017, 2:41 p.m., Velmurugan Periasamy wrote:
> > agents-common/src/main/java/org/apache/ranger/plugin/util/PasswordUtils.java
> > Line 65 (original), 78 (patched)
> > 
> >
> > Patch fails to apply. Could you please check?
> > 
> > ```
> > $ git apply --check -v < 
> > ~/Downloads/0001-RANGER-1644-replacing-MD5-DES-with-SHA512-AES128.patch
> > Checking patch 
> > agents-common/src/main/java/org/apache/ranger/plugin/util/PasswordUtils.java...
> > error: while searching for:
> > 
> > PasswordUtils(String aPassword) {
> > String[] crypt_algo_array = null;
> > int count = 0;
> > if (aPassword != null && aPassword.contains(",")) {
> > count = StringUtils.countMatches(aPassword, ",");
> > crypt_algo_array = aPassword.split(",");
> > }
> > if (crypt_algo_array != null && crypt_algo_array.length > 
> > 1) {
> > CRYPT_ALGO = crypt_algo_array[0];
> > ENCRYPT_KEY = crypt_algo_array[1].toCharArray();
> > SALT = crypt_algo_array[2].getBytes();
> > ITERATION_COUNT = Integer.parseInt(crypt_algo_array[3]);
> > password = crypt_algo_array[4];
> > if (count > 4) {
> > for (int i = 5 ; i<=count ; i++){
> > password = password + "," + crypt_algo_array[i];
> > }
> > }
> > } else {
> > CRYPT_ALGO = DEFAULT_CRYPT_ALGO;
> > ENCRYPT_KEY = DEFAULT_ENCRYPT_KEY.toCharArray();
> > SALT = DEFAULT_SALT.getBytes();
> > ITERATION_COUNT = DEFAULT_ITERATION_COUNT;
> > password = aPassword;
> > }
> > Map env = System.getenv();
> > String encryptKeyStr = env.get("ENCRYPT_KEY");
> > if (encryptKeyStr == null) {
> > encryptKey=ENCRYPT_KEY;
> > }else{
> > encryptKey=encryptKeyStr.toCharArray();
> > }
> > String saltStr = env.get("ENCRYPT_SALT");
> > if (saltStr == null) {
> > salt = SALT;
> > }else{
> > salt=saltStr.getBytes();
> > }
> > }
> > 
> > public static String decryptPassword(String aPassword) throws 
> > IOException {
> > return new PasswordUtils(aPassword).decrypt();
> > }
> > 
> > private String decrypt() throws IOException {
> > String ret = null;
> > try {
> > byte[] decodedPassword = Base64.decode(password);
> > Cipher engine = Cipher.getInstance(CRYPT_ALGO);
> > PBEKeySpec keySpec = new PBEKeySpec(encryptKey);
> > SecretKeyFactory skf = 
> > SecretKeyFactory.getInstance(CRYPT_ALGO);
> > SecretKey key = skf.generateSecret(keySpec);
> > engine.init(Cipher.DECRYPT_MODE, key,new 
> > PBEParameterSpec(salt, ITERATION_COUNT));
> > String decrypted = new 
> > String(engine.doFinal(decodedPassword));
> > int foundAt = decrypted.indexOf(LEN_SEPARATOR_STR);
> > if (foundAt > -1) {
> > if (decrypted.length() > foundAt) {
> > ret = decrypted.substring(foundAt+1);
> > }
> > else {
> > ret = "";
> > }
> > }
> > else {
> > ret = null;
> > }
> > }
> > catch(Throwable t) {
> > LOG.error("Unable to decrypt password due to error", t);
> > throw new IOException("Unable to decrypt password due to 
> > error", t);
> > }
> > return ret;
> > }
> > }
> > 
> > error: patch failed: 
> > agents-common/src/main/java/org/apache/ranger/plugin/util/PasswordUtils.java:78
> > error: 
> > agents-common/src/main/java/org/apache/ranger/plugin/util/PasswordUtils.java:
> >  patch does not apply
> > Checking patch 
> > agents-common/src/test/java/org/apache/ranger/plugin/util/PasswordUtilsTest.java...
> > Checking patch 
> > security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java...
> > error: while searching for:
> > import org.apache.poi.ss.usermodel.Workbook;
> > import org.codehaus.jettison.json.JSONException;
> > 
> > import com.google.gson.Gson;
> > 
> > @Component
> > 
> > error: patch failed: 
> >

Re: Review Request 63209: RANGER-1644 changed crypto algorithm to a strong one

2017-12-07 Thread Velmurugan Periasamy 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/63209/#review193115
---




agents-common/src/main/java/org/apache/ranger/plugin/util/PasswordUtils.java
Line 65 (original), 78 (patched)


Patch fails to apply. Could you please check?

```
$ git apply --check -v < 
~/Downloads/0001-RANGER-1644-replacing-MD5-DES-with-SHA512-AES128.patch
Checking patch 
agents-common/src/main/java/org/apache/ranger/plugin/util/PasswordUtils.java...
error: while searching for:

PasswordUtils(String aPassword) {
String[] crypt_algo_array = null;
int count = 0;
if (aPassword != null && aPassword.contains(",")) {
count = StringUtils.countMatches(aPassword, ",");
crypt_algo_array = aPassword.split(",");
}
if (crypt_algo_array != null && crypt_algo_array.length > 1) {
CRYPT_ALGO = crypt_algo_array[0];
ENCRYPT_KEY = crypt_algo_array[1].toCharArray();
SALT = crypt_algo_array[2].getBytes();
ITERATION_COUNT = Integer.parseInt(crypt_algo_array[3]);
password = crypt_algo_array[4];
if (count > 4) {
for (int i = 5 ; i<=count ; i++){
password = password + "," + crypt_algo_array[i];
}
}
} else {
CRYPT_ALGO = DEFAULT_CRYPT_ALGO;
ENCRYPT_KEY = DEFAULT_ENCRYPT_KEY.toCharArray();
SALT = DEFAULT_SALT.getBytes();
ITERATION_COUNT = DEFAULT_ITERATION_COUNT;
password = aPassword;
}
Map env = System.getenv();
String encryptKeyStr = env.get("ENCRYPT_KEY");
if (encryptKeyStr == null) {
encryptKey=ENCRYPT_KEY;
}else{
encryptKey=encryptKeyStr.toCharArray();
}
String saltStr = env.get("ENCRYPT_SALT");
if (saltStr == null) {
salt = SALT;
}else{
salt=saltStr.getBytes();
}
}

public static String decryptPassword(String aPassword) throws 
IOException {
return new PasswordUtils(aPassword).decrypt();
}

private String decrypt() throws IOException {
String ret = null;
try {
byte[] decodedPassword = Base64.decode(password);
Cipher engine = Cipher.getInstance(CRYPT_ALGO);
PBEKeySpec keySpec = new PBEKeySpec(encryptKey);
SecretKeyFactory skf = SecretKeyFactory.getInstance(CRYPT_ALGO);
SecretKey key = skf.generateSecret(keySpec);
engine.init(Cipher.DECRYPT_MODE, key,new PBEParameterSpec(salt, 
ITERATION_COUNT));
String decrypted = new String(engine.doFinal(decodedPassword));
int foundAt = decrypted.indexOf(LEN_SEPARATOR_STR);
if (foundAt > -1) {
if (decrypted.length() > foundAt) {
ret = decrypted.substring(foundAt+1);
}
else {
ret = "";
}
}
else {
ret = null;
}
}
catch(Throwable t) {
LOG.error("Unable to decrypt password due to error", t);
throw new IOException("Unable to decrypt password due to 
error", t);
}
return ret;
}
}

error: patch failed: 
agents-common/src/main/java/org/apache/ranger/plugin/util/PasswordUtils.java:78
error: 
agents-common/src/main/java/org/apache/ranger/plugin/util/PasswordUtils.java: 
patch does not apply
Checking patch 
agents-common/src/test/java/org/apache/ranger/plugin/util/PasswordUtilsTest.java...
Checking patch 
security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java...
error: while searching for:
import org.apache.poi.ss.usermodel.Workbook;
import org.codehaus.jettison.json.JSONException;

import com.google.gson.Gson;

@Component

error: patch failed: 
security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java:183
error: 
security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java: patch 
does not apply
Checking patch 
security-admin/src/main/java/org/apache/ranger/service/RangerServiceService.java...
Hunk #2 succeeded at 45 (offset 1 line).
Hunk #3 succeeded at

Re: Review Request 63209: RANGER-1644 changed crypto algorithm to a strong one

2017-11-03 Thread Endre Zoltan Kovacs via Review Board 


> On Oct. 23, 2017, 4:56 a.m., bhavik patel wrote:
> > @Endre Zoltan Kovacs : Have you tested plugins test-connection? If someone 
> > upgrade from ranger-0.6 to ranger-0.7 or master after then check plugins 
> > test-connection should not break, can you please confirm that.
> > 
> > note: If you want to use stronger crypto algorithm than you can directly 
> > specify in ranger-admin-default-site.xml rather than changing default value 
> > in PasswordUtils.java
> 
> Endre Zoltan Kovacs wrote:
> hi!
> i've checked this patch agains HDP 2.6.3 with ranger 0.7.0.2.6 and tested 
> the 'test-connection'. it brought problems to light,so i fixed them and 
> re-created the patch.
> this version should work well with service check and service update.
> 
> i tested and verified that upgrading from an older crypto algo (e.g.: 
> PBEWithSHA1AndDESede) to this new algo works.
> 
> Best regards,
> Endre
> 
> bhavik patel wrote:
> Hi,
> Can you please verify one more case : user password which contain special 
> character , at that time also test-connection should work
> 
> Endre Zoltan Kovacs wrote:
> Hi!
> This was a great idea! i added some more unit tests, aiming catch coma 
> related password problems, and it turned out there were issues during encrypt 
> phase.
> with the new patch these are gone.
> 
> besides the unit tests, i also tested passwords with coma on HDP cluster 
> to verify it in a live settings.
> i also tested and verified that it is possible to go back to a less 
> secure algo (that doesn't need initializer vector) and test/update of service 
> still worked.

re: "note: If you want to use stronger crypto algorithm than you can directly 
specify in ranger-admin-default-site.xml rather than changing default value in 
PasswordUtils.java"

indeed!

Now, i changed back the default value in PasswordUtils to it's original one, to 
prevent decryption failures for passwords, where customer didn't have algorithm 
configuration included in the password string.

public static final String CRYPT_ALGO = 
PropertiesUtil.getProperty("ranger.password.encryption.algorithm", 
PasswordUtils.DEFAULT_CRYPT_ALGO);

takes care of reading the default value from 'ranger-admin-default-site.xml' 
where the user can specify the newer/stronger crypto algorithm (e.g.: 
PBEWITHHMACSHA512ANDAES_128)


- Endre Zoltan


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/63209/#review188920
---


On Nov. 3, 2017, 3:59 p.m., Endre Zoltan Kovacs wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/63209/
> ---
> 
> (Updated Nov. 3, 2017, 3:59 p.m.)
> 
> 
> Review request for ranger.
> 
> 
> Bugs: RANGER-1644
> https://issues.apache.org/jira/browse/RANGER-1644
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> changing outdate hash algorigthms: MD5 => SHA512
> 
> 
> Diffs
> -
> 
>   
> agents-common/src/main/java/org/apache/ranger/plugin/util/PasswordUtils.java 
> 58cdd3531 
>   
> agents-common/src/test/java/org/apache/ranger/plugin/util/PasswordUtilsTest.java
>  4e135aaa7 
>   security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java 
> da650747d 
>   
> security-admin/src/main/java/org/apache/ranger/service/RangerServiceService.java
>  3dd761a2b 
>   security-admin/src/main/resources/conf.dist/ranger-admin-default-site.xml 
> 9dfc03df1 
>   security-admin/src/test/java/org/apache/ranger/biz/TestServiceDBStore.java 
> 976fd0cb8 
> 
> 
> Diff: https://reviews.apache.org/r/63209/diff/4/
> 
> 
> Testing
> ---
> 
> PasswordUtilsTest: added new unit test and updated previous ones
> Added service update test: on service update new service password will be 
> encrypted with the new algorithm
> 
> 
> Thanks,
> 
> Endre Zoltan Kovacs
> 
>

Re: Review Request 63209: RANGER-1644 changed crypto algorithm to a strong one

2017-11-03 Thread Endre Zoltan Kovacs via Review Board 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/63209/
---

(Updated Nov. 3, 2017, 3:59 p.m.)


Review request for ranger.


Changes
---

made sure that passwords with no config info are decrypted with the crpto 
defaults they were encrypted with


Bugs: RANGER-1644
https://issues.apache.org/jira/browse/RANGER-1644


Repository: ranger


Description
---

changing outdate hash algorigthms: MD5 => SHA512


Diffs (updated)
-

  agents-common/src/main/java/org/apache/ranger/plugin/util/PasswordUtils.java 
58cdd3531 
  
agents-common/src/test/java/org/apache/ranger/plugin/util/PasswordUtilsTest.java
 4e135aaa7 
  security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java 
da650747d 
  
security-admin/src/main/java/org/apache/ranger/service/RangerServiceService.java
 3dd761a2b 
  security-admin/src/main/resources/conf.dist/ranger-admin-default-site.xml 
9dfc03df1 
  security-admin/src/test/java/org/apache/ranger/biz/TestServiceDBStore.java 
976fd0cb8 


Diff: https://reviews.apache.org/r/63209/diff/4/

Changes: https://reviews.apache.org/r/63209/diff/3-4/


Testing
---

PasswordUtilsTest: added new unit test and updated previous ones
Added service update test: on service update new service password will be 
encrypted with the new algorithm


Thanks,

Endre Zoltan Kovacs

Re: Review Request 63209: RANGER-1644 changed crypto algorithm to a strong one

2017-11-03 Thread Endre Zoltan Kovacs via Review Board 


> On Oct. 23, 2017, 4:56 a.m., bhavik patel wrote:
> > @Endre Zoltan Kovacs : Have you tested plugins test-connection? If someone 
> > upgrade from ranger-0.6 to ranger-0.7 or master after then check plugins 
> > test-connection should not break, can you please confirm that.
> > 
> > note: If you want to use stronger crypto algorithm than you can directly 
> > specify in ranger-admin-default-site.xml rather than changing default value 
> > in PasswordUtils.java
> 
> Endre Zoltan Kovacs wrote:
> hi!
> i've checked this patch agains HDP 2.6.3 with ranger 0.7.0.2.6 and tested 
> the 'test-connection'. it brought problems to light,so i fixed them and 
> re-created the patch.
> this version should work well with service check and service update.
> 
> i tested and verified that upgrading from an older crypto algo (e.g.: 
> PBEWithSHA1AndDESede) to this new algo works.
> 
> Best regards,
> Endre
> 
> bhavik patel wrote:
> Hi,
> Can you please verify one more case : user password which contain special 
> character , at that time also test-connection should work

Hi!
This was a great idea! i added some more unit tests, aiming catch coma related 
password problems, and it turned out there were issues during encrypt phase.
with the new patch these are gone.

besides the unit tests, i also tested passwords with coma on HDP cluster to 
verify it in a live settings.
i also tested and verified that it is possible to go back to a less secure algo 
(that doesn't need initializer vector) and test/update of service still worked.


- Endre Zoltan


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/63209/#review188920
---


On Nov. 3, 2017, 2:24 p.m., Endre Zoltan Kovacs wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/63209/
> ---
> 
> (Updated Nov. 3, 2017, 2:24 p.m.)
> 
> 
> Review request for ranger.
> 
> 
> Bugs: RANGER-1644
> https://issues.apache.org/jira/browse/RANGER-1644
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> changing outdate hash algorigthms: MD5 => SHA512
> 
> 
> Diffs
> -
> 
>   
> agents-common/src/main/java/org/apache/ranger/plugin/util/PasswordUtils.java 
> 58cdd3531 
>   
> agents-common/src/test/java/org/apache/ranger/plugin/util/PasswordUtilsTest.java
>  4e135aaa7 
>   security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java 
> da650747d 
>   
> security-admin/src/main/java/org/apache/ranger/service/RangerServiceService.java
>  3dd761a2b 
>   security-admin/src/main/resources/conf.dist/ranger-admin-default-site.xml 
> 9dfc03df1 
>   security-admin/src/test/java/org/apache/ranger/biz/TestServiceDBStore.java 
> 976fd0cb8 
> 
> 
> Diff: https://reviews.apache.org/r/63209/diff/3/
> 
> 
> Testing
> ---
> 
> PasswordUtilsTest: added new unit test and updated previous ones
> Added service update test: on service update new service password will be 
> encrypted with the new algorithm
> 
> 
> Thanks,
> 
> Endre Zoltan Kovacs
> 
>

Re: Review Request 63209: RANGER-1644 changed crypto algorithm to a strong one

2017-11-03 Thread Endre Zoltan Kovacs via Review Board 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/63209/
---

(Updated Nov. 3, 2017, 2:24 p.m.)


Review request for ranger.


Changes
---

added test cases testing passwords with comas at a variety of places
fixed bug related to password containing one or more comas


Bugs: RANGER-1644
https://issues.apache.org/jira/browse/RANGER-1644


Repository: ranger


Description
---

changing outdate hash algorigthms: MD5 => SHA512


Diffs (updated)
-

  agents-common/src/main/java/org/apache/ranger/plugin/util/PasswordUtils.java 
58cdd3531 
  
agents-common/src/test/java/org/apache/ranger/plugin/util/PasswordUtilsTest.java
 4e135aaa7 
  security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java 
da650747d 
  
security-admin/src/main/java/org/apache/ranger/service/RangerServiceService.java
 3dd761a2b 
  security-admin/src/main/resources/conf.dist/ranger-admin-default-site.xml 
9dfc03df1 
  security-admin/src/test/java/org/apache/ranger/biz/TestServiceDBStore.java 
976fd0cb8 


Diff: https://reviews.apache.org/r/63209/diff/3/

Changes: https://reviews.apache.org/r/63209/diff/2-3/


Testing
---

PasswordUtilsTest: added new unit test and updated previous ones
Added service update test: on service update new service password will be 
encrypted with the new algorithm


Thanks,

Endre Zoltan Kovacs

Re: Review Request 63209: RANGER-1644 changed crypto algorithm to a strong one

2017-10-26 Thread bhavik patel 


> On Oct. 23, 2017, 4:56 a.m., bhavik patel wrote:
> > @Endre Zoltan Kovacs : Have you tested plugins test-connection? If someone 
> > upgrade from ranger-0.6 to ranger-0.7 or master after then check plugins 
> > test-connection should not break, can you please confirm that.
> > 
> > note: If you want to use stronger crypto algorithm than you can directly 
> > specify in ranger-admin-default-site.xml rather than changing default value 
> > in PasswordUtils.java
> 
> Endre Zoltan Kovacs wrote:
> hi!
> i've checked this patch agains HDP 2.6.3 with ranger 0.7.0.2.6 and tested 
> the 'test-connection'. it brought problems to light,so i fixed them and 
> re-created the patch.
> this version should work well with service check and service update.
> 
> i tested and verified that upgrading from an older crypto algo (e.g.: 
> PBEWithSHA1AndDESede) to this new algo works.
> 
> Best regards,
> Endre

Hi,
Can you please verify one more case : user password which contain special 
character , at that time also test-connection should work


- bhavik


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/63209/#review188920
---


On Oct. 26, 2017, 9:51 a.m., Endre Zoltan Kovacs wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/63209/
> ---
> 
> (Updated Oct. 26, 2017, 9:51 a.m.)
> 
> 
> Review request for ranger.
> 
> 
> Bugs: RANGER-1644
> https://issues.apache.org/jira/browse/RANGER-1644
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> changing outdate hash algorigthms: MD5 => SHA512
> 
> 
> Diffs
> -
> 
>   
> agents-common/src/main/java/org/apache/ranger/plugin/util/PasswordUtils.java 
> 58cdd3531 
>   
> agents-common/src/test/java/org/apache/ranger/plugin/util/PasswordUtilsTest.java
>  4e135aaa7 
>   security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java 
> da650747d 
>   
> security-admin/src/main/java/org/apache/ranger/service/RangerServiceService.java
>  3dd761a2b 
>   security-admin/src/main/resources/conf.dist/ranger-admin-default-site.xml 
> 9dfc03df1 
>   security-admin/src/test/java/org/apache/ranger/biz/TestServiceDBStore.java 
> 976fd0cb8 
> 
> 
> Diff: https://reviews.apache.org/r/63209/diff/2/
> 
> 
> Testing
> ---
> 
> PasswordUtilsTest: added new unit test and updated previous ones
> Added service update test: on service update new service password will be 
> encrypted with the new algorithm
> 
> 
> Thanks,
> 
> Endre Zoltan Kovacs
> 
>

Re: Review Request 63209: RANGER-1644 changed crypto algorithm to a strong one

2017-10-26 Thread Endre Zoltan Kovacs via Review Board 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/63209/
---

(Updated Oct. 26, 2017, 9:51 a.m.)


Review request for ranger.


Changes
---

fixed encrypt/decrypt problems and whitespace violations


Bugs: RANGER-1644
https://issues.apache.org/jira/browse/RANGER-1644


Repository: ranger


Description
---

changing outdate hash algorigthms: MD5 => SHA512


Diffs (updated)
-

  agents-common/src/main/java/org/apache/ranger/plugin/util/PasswordUtils.java 
58cdd3531 
  
agents-common/src/test/java/org/apache/ranger/plugin/util/PasswordUtilsTest.java
 4e135aaa7 
  security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java 
da650747d 
  
security-admin/src/main/java/org/apache/ranger/service/RangerServiceService.java
 3dd761a2b 
  security-admin/src/main/resources/conf.dist/ranger-admin-default-site.xml 
9dfc03df1 
  security-admin/src/test/java/org/apache/ranger/biz/TestServiceDBStore.java 
976fd0cb8 


Diff: https://reviews.apache.org/r/63209/diff/2/

Changes: https://reviews.apache.org/r/63209/diff/1-2/


Testing
---

PasswordUtilsTest: added new unit test and updated previous ones
Added service update test: on service update new service password will be 
encrypted with the new algorithm


Thanks,

Endre Zoltan Kovacs

Re: Review Request 63209: RANGER-1644 changed crypto algorithm to a strong one

2017-10-22 Thread bhavik patel 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/63209/#review188920
---



@Endre Zoltan Kovacs : Have you tested plugins test-connection? If someone 
upgrade from ranger-0.6 to ranger-0.7 or master after then check plugins 
test-connection should not break, can you please confirm that.

note: If you want to use stronger crypto algorithm than you can directly 
specify in ranger-admin-default-site.xml rather than changing default value in 
PasswordUtils.java

- bhavik patel


On Oct. 22, 2017, 3:46 p.m., Endre Zoltan Kovacs wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/63209/
> ---
> 
> (Updated Oct. 22, 2017, 3:46 p.m.)
> 
> 
> Review request for ranger.
> 
> 
> Bugs: RANGER-1644
> https://issues.apache.org/jira/browse/RANGER-1644
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> changing outdate hash algorigthms: MD5 => SHA512
> 
> 
> Diffs
> -
> 
>   
> agents-common/src/main/java/org/apache/ranger/plugin/util/PasswordUtils.java 
> 58cdd3531 
>   
> agents-common/src/test/java/org/apache/ranger/plugin/util/PasswordUtilsTest.java
>  4e135aaa7 
>   security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java 
> da650747d 
>   
> security-admin/src/main/java/org/apache/ranger/service/RangerServiceService.java
>  3dd761a2b 
>   security-admin/src/main/resources/conf.dist/ranger-admin-default-site.xml 
> 9dfc03df1 
>   security-admin/src/test/java/org/apache/ranger/biz/TestServiceDBStore.java 
> 976fd0cb8 
> 
> 
> Diff: https://reviews.apache.org/r/63209/diff/1/
> 
> 
> Testing
> ---
> 
> PasswordUtilsTest: added new unit test and updated previous ones
> Added service update test: on service update new service password will be 
> encrypted with the new algorithm
> 
> 
> Thanks,
> 
> Endre Zoltan Kovacs
> 
>