HBASE-17513 Thrift Server 1 uses different QOP settings than RPC and Thrift Server 2 and can easily be misconfigured so there is no encryption when the operator expects it
Signed-off-by: Chia-Ping Tsai <chia7...@gmail.com> Signed-off-by: Josh Elser <els...@apache.org> Project: http://git-wip-us.apache.org/repos/asf/hbase/repo Commit: http://git-wip-us.apache.org/repos/asf/hbase/commit/dc6e02e4 Tree: http://git-wip-us.apache.org/repos/asf/hbase/tree/dc6e02e4 Diff: http://git-wip-us.apache.org/repos/asf/hbase/diff/dc6e02e4 Branch: refs/heads/branch-2 Commit: dc6e02e485d5169d89fad45d1559154487bd6c0c Parents: d4ffee2 Author: Reid Chan <reidddc...@outlook.com> Authored: Mon Jan 22 16:18:29 2018 +0800 Committer: Josh Elser <els...@apache.org> Committed: Mon Jan 22 11:40:28 2018 -0500 ---------------------------------------------------------------------- .../hadoop/hbase/thrift/ThriftServerRunner.java | 10 +++++++++ .../hbase/thrift/TestThriftHttpServer.java | 23 ++++++++++++++++++++ 2 files changed, 33 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/hbase/blob/dc6e02e4/hbase-thrift/src/main/java/org/apache/hadoop/hbase/thrift/ThriftServerRunner.java ---------------------------------------------------------------------- diff --git a/hbase-thrift/src/main/java/org/apache/hadoop/hbase/thrift/ThriftServerRunner.java b/hbase-thrift/src/main/java/org/apache/hadoop/hbase/thrift/ThriftServerRunner.java index 0060181..fc8fa1c 100644 --- a/hbase-thrift/src/main/java/org/apache/hadoop/hbase/thrift/ThriftServerRunner.java +++ b/hbase-thrift/src/main/java/org/apache/hadoop/hbase/thrift/ThriftServerRunner.java @@ -360,6 +360,7 @@ public class ThriftServerRunner implements Runnable { QualityOfProtection.INTEGRITY.name(), QualityOfProtection.PRIVACY.name())); } + checkHttpSecurity(qop, conf); if (!securityEnabled) { throw new IOException("Thrift server must" + " run in secure mode to support authentication"); @@ -367,6 +368,15 @@ public class ThriftServerRunner implements Runnable { } } + private void checkHttpSecurity(QualityOfProtection qop, Configuration conf) { + if (qop == QualityOfProtection.PRIVACY && + conf.getBoolean(USE_HTTP_CONF_KEY, false) && + !conf.getBoolean(THRIFT_SSL_ENABLED, false)) { + throw new IllegalArgumentException("Thrift HTTP Server's QoP is privacy, but " + + THRIFT_SSL_ENABLED + " is false"); + } + } + /* * Runs the Thrift server */ http://git-wip-us.apache.org/repos/asf/hbase/blob/dc6e02e4/hbase-thrift/src/test/java/org/apache/hadoop/hbase/thrift/TestThriftHttpServer.java ---------------------------------------------------------------------- diff --git a/hbase-thrift/src/test/java/org/apache/hadoop/hbase/thrift/TestThriftHttpServer.java b/hbase-thrift/src/test/java/org/apache/hadoop/hbase/thrift/TestThriftHttpServer.java index 4594ae6..9c113d0 100644 --- a/hbase-thrift/src/test/java/org/apache/hadoop/hbase/thrift/TestThriftHttpServer.java +++ b/hbase-thrift/src/test/java/org/apache/hadoop/hbase/thrift/TestThriftHttpServer.java @@ -19,10 +19,13 @@ package org.apache.hadoop.hbase.thrift; import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertNull; +import static org.junit.Assert.fail; import java.util.ArrayList; import java.util.List; +import org.apache.hadoop.conf.Configuration; import org.apache.hadoop.hbase.HBaseTestingUtility; import org.apache.hadoop.hbase.HConstants; import org.apache.hadoop.hbase.testclassification.ClientTests; @@ -83,6 +86,26 @@ public class TestThriftHttpServer { EnvironmentEdgeManager.reset(); } + @Test + public void testExceptionThrownWhenMisConfigured() throws Exception { + Configuration conf = new Configuration(TEST_UTIL.getConfiguration()); + conf.set("hbase.thrift.security.qop", "privacy"); + conf.setBoolean("hbase.thrift.ssl.enabled", false); + + ThriftServerRunner runner = null; + ExpectedException thrown = ExpectedException.none(); + try { + thrown.expect(IllegalArgumentException.class); + thrown.expectMessage("Thrift HTTP Server's QoP is privacy, " + + "but hbase.thrift.ssl.enabled is false"); + runner = new ThriftServerRunner(conf); + fail("Thrift HTTP Server starts up even with wrong security configurations."); + } catch (Exception e) { + } + + assertNull(runner); + } + private void startHttpServerThread(final String[] args) { LOG.info("Starting HBase Thrift server with HTTP server: " + Joiner.on(" ").join(args));