svn merge -c 1582851 from trunk for HADOOP-10449. Fix the javac warnings in the security package.
git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/branches/branch-2@1582852 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Tsz-wo Sze
parent
ea1b523902
commit
144ab4b15b
|
|
@ -162,6 +162,8 @@ Release 2.4.0 - UNRELEASED
|
||||||
HADOOP-10441. Namenode metric "rpc.RetryCache/NameNodeRetryCache.CacheHit"
|
HADOOP-10441. Namenode metric "rpc.RetryCache/NameNodeRetryCache.CacheHit"
|
||||||
can't be correctly processed by Ganglia. (jing9)
|
can't be correctly processed by Ganglia. (jing9)
|
||||||
|
|
||||||
|
HADOOP-10449. Fix the javac warnings in the security package. (szetszwo)
|
||||||
|
|
||||||
BREAKDOWN OF HADOOP-10184 SUBTASKS AND RELATED JIRAS
|
BREAKDOWN OF HADOOP-10184 SUBTASKS AND RELATED JIRAS
|
||||||
|
|
||||||
HADOOP-10185. FileSystem API for ACLs. (cnauroth)
|
HADOOP-10185. FileSystem API for ACLs. (cnauroth)
|
||||||
|
|
|
||||||
|
|
@ -251,7 +251,6 @@ public class LdapGroupsMapping
|
||||||
return groups;
|
return groups;
|
||||||
}
|
}
|
||||||
|
|
||||||
@SuppressWarnings("deprecation")
|
|
||||||
DirContext getDirContext() throws NamingException {
|
DirContext getDirContext() throws NamingException {
|
||||||
if (ctx == null) {
|
if (ctx == null) {
|
||||||
// Set up the initial environment for LDAP connectivity
|
// Set up the initial environment for LDAP connectivity
|
||||||
|
|
|
||||||
|
|
@ -39,9 +39,6 @@ import org.apache.commons.logging.LogFactory;
|
||||||
@InterfaceAudience.LimitedPrivate({"HDFS", "MapReduce"})
|
@InterfaceAudience.LimitedPrivate({"HDFS", "MapReduce"})
|
||||||
@InterfaceStability.Unstable
|
@InterfaceStability.Unstable
|
||||||
public class NetgroupCache {
|
public class NetgroupCache {
|
||||||
|
|
||||||
private static final Log LOG = LogFactory.getLog(NetgroupCache.class);
|
|
||||||
|
|
||||||
private static boolean netgroupToUsersMapUpdated = true;
|
private static boolean netgroupToUsersMapUpdated = true;
|
||||||
private static Map<String, Set<String>> netgroupToUsersMap =
|
private static Map<String, Set<String>> netgroupToUsersMap =
|
||||||
new ConcurrentHashMap<String, Set<String>>();
|
new ConcurrentHashMap<String, Set<String>>();
|
||||||
|
|
|
||||||
|
|
@ -57,7 +57,6 @@ import org.apache.hadoop.ipc.StandbyException;
|
||||||
import org.apache.hadoop.security.token.SecretManager;
|
import org.apache.hadoop.security.token.SecretManager;
|
||||||
import org.apache.hadoop.security.token.SecretManager.InvalidToken;
|
import org.apache.hadoop.security.token.SecretManager.InvalidToken;
|
||||||
import org.apache.hadoop.security.token.TokenIdentifier;
|
import org.apache.hadoop.security.token.TokenIdentifier;
|
||||||
import org.apache.hadoop.util.StringUtils;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* A utility class for dealing with SASL on RPC server
|
* A utility class for dealing with SASL on RPC server
|
||||||
|
|
@ -70,7 +69,6 @@ public class SaslRpcServer {
|
||||||
public static final Map<String, String> SASL_PROPS =
|
public static final Map<String, String> SASL_PROPS =
|
||||||
new TreeMap<String, String>();
|
new TreeMap<String, String>();
|
||||||
private static SaslServerFactory saslFactory;
|
private static SaslServerFactory saslFactory;
|
||||||
private static SaslPropertiesResolver resolver;
|
|
||||||
|
|
||||||
public static enum QualityOfProtection {
|
public static enum QualityOfProtection {
|
||||||
AUTHENTICATION("auth"),
|
AUTHENTICATION("auth"),
|
||||||
|
|
|
||||||
|
|
@ -31,9 +31,6 @@
|
||||||
|
|
||||||
package org.apache.hadoop.security.ssl;
|
package org.apache.hadoop.security.ssl;
|
||||||
|
|
||||||
import org.apache.hadoop.classification.InterfaceAudience;
|
|
||||||
import org.apache.hadoop.classification.InterfaceStability;
|
|
||||||
|
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
import java.io.InputStream;
|
import java.io.InputStream;
|
||||||
import java.security.cert.Certificate;
|
import java.security.cert.Certificate;
|
||||||
|
|
@ -44,6 +41,7 @@ import java.util.Collection;
|
||||||
import java.util.Iterator;
|
import java.util.Iterator;
|
||||||
import java.util.LinkedList;
|
import java.util.LinkedList;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
import java.util.Set;
|
||||||
import java.util.StringTokenizer;
|
import java.util.StringTokenizer;
|
||||||
import java.util.TreeSet;
|
import java.util.TreeSet;
|
||||||
|
|
||||||
|
|
@ -52,6 +50,9 @@ import javax.net.ssl.SSLPeerUnverifiedException;
|
||||||
import javax.net.ssl.SSLSession;
|
import javax.net.ssl.SSLSession;
|
||||||
import javax.net.ssl.SSLSocket;
|
import javax.net.ssl.SSLSocket;
|
||||||
|
|
||||||
|
import org.apache.hadoop.classification.InterfaceAudience;
|
||||||
|
import org.apache.hadoop.classification.InterfaceStability;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
************************************************************************
|
************************************************************************
|
||||||
* Copied from the not-yet-commons-ssl project at
|
* Copied from the not-yet-commons-ssl project at
|
||||||
|
|
@ -224,7 +225,6 @@ public interface SSLHostnameVerifier extends javax.net.ssl.HostnameVerifier {
|
||||||
public final String toString() { return "ALLOW_ALL"; }
|
public final String toString() { return "ALLOW_ALL"; }
|
||||||
};
|
};
|
||||||
|
|
||||||
@SuppressWarnings("unchecked")
|
|
||||||
abstract class AbstractVerifier implements SSLHostnameVerifier {
|
abstract class AbstractVerifier implements SSLHostnameVerifier {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
@ -378,7 +378,7 @@ public interface SSLHostnameVerifier extends javax.net.ssl.HostnameVerifier {
|
||||||
// STRICT implementations of the HostnameVerifier only use the
|
// STRICT implementations of the HostnameVerifier only use the
|
||||||
// first CN provided. All other CNs are ignored.
|
// first CN provided. All other CNs are ignored.
|
||||||
// (Firefox, wget, curl, Sun Java 1.4, 5, 6 all work this way).
|
// (Firefox, wget, curl, Sun Java 1.4, 5, 6 all work this way).
|
||||||
TreeSet names = new TreeSet();
|
final Set<String> names = new TreeSet<String>();
|
||||||
if (cns != null && cns.length > 0 && cns[0] != null) {
|
if (cns != null && cns.length > 0 && cns[0] != null) {
|
||||||
names.add(cns[0]);
|
names.add(cns[0]);
|
||||||
if (ie6) {
|
if (ie6) {
|
||||||
|
|
@ -404,10 +404,9 @@ public interface SSLHostnameVerifier extends javax.net.ssl.HostnameVerifier {
|
||||||
|
|
||||||
boolean match = false;
|
boolean match = false;
|
||||||
out:
|
out:
|
||||||
for (Iterator it = names.iterator(); it.hasNext();) {
|
for (Iterator<String> it = names.iterator(); it.hasNext();) {
|
||||||
// Don't trim the CN, though!
|
// Don't trim the CN, though!
|
||||||
String cn = (String) it.next();
|
final String cn = it.next().toLowerCase();
|
||||||
cn = cn.toLowerCase();
|
|
||||||
// Store CN in StringBuffer in case we need to report an error.
|
// Store CN in StringBuffer in case we need to report an error.
|
||||||
buf.append(" <");
|
buf.append(" <");
|
||||||
buf.append(cn);
|
buf.append(cn);
|
||||||
|
|
@ -508,10 +507,9 @@ public interface SSLHostnameVerifier extends javax.net.ssl.HostnameVerifier {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@SuppressWarnings("unchecked")
|
|
||||||
static class Certificates {
|
static class Certificates {
|
||||||
public static String[] getCNs(X509Certificate cert) {
|
public static String[] getCNs(X509Certificate cert) {
|
||||||
LinkedList cnList = new LinkedList();
|
final List<String> cnList = new LinkedList<String>();
|
||||||
/*
|
/*
|
||||||
Sebastian Hauer's original StrictSSLProtocolSocketFactory used
|
Sebastian Hauer's original StrictSSLProtocolSocketFactory used
|
||||||
getName() and had the following comment:
|
getName() and had the following comment:
|
||||||
|
|
@ -568,8 +566,8 @@ public interface SSLHostnameVerifier extends javax.net.ssl.HostnameVerifier {
|
||||||
* @return Array of SubjectALT DNS names stored in the certificate.
|
* @return Array of SubjectALT DNS names stored in the certificate.
|
||||||
*/
|
*/
|
||||||
public static String[] getDNSSubjectAlts(X509Certificate cert) {
|
public static String[] getDNSSubjectAlts(X509Certificate cert) {
|
||||||
LinkedList subjectAltList = new LinkedList();
|
final List<String> subjectAltList = new LinkedList<String>();
|
||||||
Collection c = null;
|
Collection<List<?>> c = null;
|
||||||
try {
|
try {
|
||||||
c = cert.getSubjectAlternativeNames();
|
c = cert.getSubjectAlternativeNames();
|
||||||
}
|
}
|
||||||
|
|
@ -578,9 +576,9 @@ public interface SSLHostnameVerifier extends javax.net.ssl.HostnameVerifier {
|
||||||
cpe.printStackTrace();
|
cpe.printStackTrace();
|
||||||
}
|
}
|
||||||
if (c != null) {
|
if (c != null) {
|
||||||
Iterator it = c.iterator();
|
Iterator<List<?>> it = c.iterator();
|
||||||
while (it.hasNext()) {
|
while (it.hasNext()) {
|
||||||
List list = (List) it.next();
|
List<?> list = it.next();
|
||||||
int type = ((Integer) list.get(0)).intValue();
|
int type = ((Integer) list.get(0)).intValue();
|
||||||
// If type is 2, then we've got a dNSName
|
// If type is 2, then we've got a dNSName
|
||||||
if (type == 2) {
|
if (type == 2) {
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue