HADOOP-13077. Handle special characters in passwords in httpfs.sh (Xiao Chen via aw)
This commit is contained in:
parent
d0da13229c
commit
35cf503149
|
@ -2082,3 +2082,26 @@ function hadoop_parse_args
|
||||||
|
|
||||||
hadoop_debug "hadoop_parse: asking caller to skip ${HADOOP_PARSE_COUNTER}"
|
hadoop_debug "hadoop_parse: asking caller to skip ${HADOOP_PARSE_COUNTER}"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
## @description XML-escapes the characters (&'"<>) in the given parameter.
|
||||||
|
## @audience private
|
||||||
|
## @stability evolving
|
||||||
|
## @replaceable yes
|
||||||
|
## @param string
|
||||||
|
## @return XML-escaped string
|
||||||
|
function hadoop_xml_escape
|
||||||
|
{
|
||||||
|
sed -e 's/&/\&/g' -e 's/"/\\\"/g' \
|
||||||
|
-e "s/'/\\\\\'/g" -e 's/</\\\</g' -e 's/>/\\\>/g' <<< "$1"
|
||||||
|
}
|
||||||
|
|
||||||
|
## @description sed-escapes the characters (\/&) in the given parameter.
|
||||||
|
## @audience private
|
||||||
|
## @stability evolving
|
||||||
|
## @replaceable yes
|
||||||
|
## @param string
|
||||||
|
## @return sed-escaped string
|
||||||
|
function hadoop_sed_escape
|
||||||
|
{
|
||||||
|
sed -e 's/[\/&]/\\&/g' <<< "$1"
|
||||||
|
}
|
|
@ -0,0 +1,32 @@
|
||||||
|
# Licensed to the Apache Software Foundation (ASF) under one or more
|
||||||
|
# contributor license agreements. See the NOTICE file distributed with
|
||||||
|
# this work for additional information regarding copyright ownership.
|
||||||
|
# The ASF licenses this file to You under the Apache License, Version 2.0
|
||||||
|
# (the "License"); you may not use this file except in compliance with
|
||||||
|
# the License. You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
load hadoop-functions_test_helper
|
||||||
|
|
||||||
|
@test "hadoop_escape_sed (positive 1)" {
|
||||||
|
ret="$(hadoop_sed_escape "\pass&&word\0#\$asdf/g ><'\"~\`!@#$%^&*()_+-=")"
|
||||||
|
expected="\\\\pass\&\&word\\\0#\$asdf\/g ><'\"~\`!@#$%^\&*()_+-="
|
||||||
|
echo "actual >${ret}<"
|
||||||
|
echo "expected >${expected}<"
|
||||||
|
[ "${ret}" = "${expected}" ]
|
||||||
|
}
|
||||||
|
|
||||||
|
@test "hadoop_escape_xml (positive 1)" {
|
||||||
|
ret="$(hadoop_xml_escape "\pass&&word\0#\$asdf/g ><'\"~\`!@#$%^&*()_+-=")"
|
||||||
|
expected="\\pass&&word\0#\$asdf/g \>\<\'\"~\`!@#\$%^&*()_+-="
|
||||||
|
echo "actual >${ret}<"
|
||||||
|
echo "expected >${expected}<"
|
||||||
|
[ "${ret}" = "${expected}" ]
|
||||||
|
}
|
|
@ -29,14 +29,6 @@ function hadoop_usage
|
||||||
hadoop_generate_usage "${MYNAME}" false
|
hadoop_generate_usage "${MYNAME}" false
|
||||||
}
|
}
|
||||||
|
|
||||||
function hadoop_escape() {
|
|
||||||
# Escape special chars for the later sed which saves the text as xml attribute
|
|
||||||
local ret
|
|
||||||
ret=$(sed 's/[\/&]/\\&/g' <<< "$1" | sed 's/&/\&/g' | sed 's/"/\\\"/g' \
|
|
||||||
| sed "s/'/\\\\\'/g" | sed 's/</\\\</g' | sed 's/>/\\\>/g')
|
|
||||||
echo "$ret"
|
|
||||||
}
|
|
||||||
|
|
||||||
# let's locate libexec...
|
# let's locate libexec...
|
||||||
if [[ -n "${HADOOP_HOME}" ]]; then
|
if [[ -n "${HADOOP_HOME}" ]]; then
|
||||||
HADOOP_DEFAULT_LIBEXEC_DIR="${HADOOP_HOME}/libexec"
|
HADOOP_DEFAULT_LIBEXEC_DIR="${HADOOP_HOME}/libexec"
|
||||||
|
@ -104,8 +96,10 @@ fi
|
||||||
if [[ -f "${HADOOP_CATALINA_HOME}/conf/ssl-server.xml.conf" ]]; then
|
if [[ -f "${HADOOP_CATALINA_HOME}/conf/ssl-server.xml.conf" ]]; then
|
||||||
if [[ -n "${KMS_SSL_KEYSTORE_PASS+x}" ]] || [[ -n "${KMS_SSL_TRUSTSTORE_PASS}" ]]; then
|
if [[ -n "${KMS_SSL_KEYSTORE_PASS+x}" ]] || [[ -n "${KMS_SSL_TRUSTSTORE_PASS}" ]]; then
|
||||||
export KMS_SSL_KEYSTORE_PASS=${KMS_SSL_KEYSTORE_PASS:-password}
|
export KMS_SSL_KEYSTORE_PASS=${KMS_SSL_KEYSTORE_PASS:-password}
|
||||||
KMS_SSL_KEYSTORE_PASS_ESCAPED=$(hadoop_escape "$KMS_SSL_KEYSTORE_PASS")
|
KMS_SSL_KEYSTORE_PASS_ESCAPED=$(hadoop_xml_escape \
|
||||||
KMS_SSL_TRUSTSTORE_PASS_ESCAPED=$(hadoop_escape "$KMS_SSL_TRUSTSTORE_PASS")
|
"$(hadoop_sed_escape "$KMS_SSL_KEYSTORE_PASS")")
|
||||||
|
KMS_SSL_TRUSTSTORE_PASS_ESCAPED=$(hadoop_xml_escape \
|
||||||
|
"$(hadoop_sed_escape "$KMS_SSL_TRUSTSTORE_PASS")")
|
||||||
sed -e 's/"_kms_ssl_keystore_pass_"/'"\"${KMS_SSL_KEYSTORE_PASS_ESCAPED}\""'/g' \
|
sed -e 's/"_kms_ssl_keystore_pass_"/'"\"${KMS_SSL_KEYSTORE_PASS_ESCAPED}\""'/g' \
|
||||||
-e 's/"_kms_ssl_truststore_pass_"/'"\"${KMS_SSL_TRUSTSTORE_PASS_ESCAPED}\""'/g' \
|
-e 's/"_kms_ssl_truststore_pass_"/'"\"${KMS_SSL_TRUSTSTORE_PASS_ESCAPED}\""'/g' \
|
||||||
"${HADOOP_CATALINA_HOME}/conf/ssl-server.xml.conf" \
|
"${HADOOP_CATALINA_HOME}/conf/ssl-server.xml.conf" \
|
||||||
|
|
|
@ -96,8 +96,12 @@ fi
|
||||||
if [[ -f "${HADOOP_CATALINA_HOME}/conf/ssl-server.xml.conf" ]]; then
|
if [[ -f "${HADOOP_CATALINA_HOME}/conf/ssl-server.xml.conf" ]]; then
|
||||||
if [[ -n "${HTTPFS_SSL_KEYSTORE_PASS+x}" ]] || [[ -n "${HTTPFS_SSL_TRUSTSTORE_PASS}" ]]; then
|
if [[ -n "${HTTPFS_SSL_KEYSTORE_PASS+x}" ]] || [[ -n "${HTTPFS_SSL_TRUSTSTORE_PASS}" ]]; then
|
||||||
export HTTPFS_SSL_KEYSTORE_PASS=${HTTPFS_SSL_KEYSTORE_PASS:-password}
|
export HTTPFS_SSL_KEYSTORE_PASS=${HTTPFS_SSL_KEYSTORE_PASS:-password}
|
||||||
sed -e 's/_httpfs_ssl_keystore_pass_/'${HTTPFS_SSL_KEYSTORE_PASS}'/g' \
|
HTTPFS_SSL_KEYSTORE_PASS_ESCAPED=$(hadoop_xml_escape \
|
||||||
-e 's/_httpfs_ssl_truststore_pass_/'${HTTPFS_SSL_TRUSTSTORE_PASS}'/g' \
|
"$(hadoop_sed_escape "$HTTPFS_SSL_KEYSTORE_PASS")")
|
||||||
|
HTTPFS_SSL_TRUSTSTORE_PASS_ESCAPED=$(hadoop_xml_escape \
|
||||||
|
"$(hadoop_sed_escape "$HTTPFS_SSL_TRUSTSTORE_PASS")")
|
||||||
|
sed -e 's/"_httpfs_ssl_keystore_pass_"/'"\"${HTTPFS_SSL_KEYSTORE_PASS_ESCAPED}\""'/g' \
|
||||||
|
-e 's/"_httpfs_ssl_truststore_pass_"/'"\"${HTTPFS_SSL_TRUSTSTORE_PASS_ESCAPED}\""'/g' \
|
||||||
"${HADOOP_CATALINA_HOME}/conf/ssl-server.xml.conf" \
|
"${HADOOP_CATALINA_HOME}/conf/ssl-server.xml.conf" \
|
||||||
> "${HADOOP_CATALINA_HOME}/conf/ssl-server.xml"
|
> "${HADOOP_CATALINA_HOME}/conf/ssl-server.xml"
|
||||||
chmod 700 "${HADOOP_CATALINA_HOME}/conf/ssl-server.xml" >/dev/null 2>&1
|
chmod 700 "${HADOOP_CATALINA_HOME}/conf/ssl-server.xml" >/dev/null 2>&1
|
||||||
|
|
Loading…
Reference in New Issue