HADOOP-11133. Should trim the content of keystore password file for JavaKeyStoreProvider (Yi Liu via umamahesh)

This commit is contained in:
Uma Maheswara Rao G 2014-10-09 20:06:41 +05:30
parent 2a51494ce1
commit 8d7c54967d
5 changed files with 18 additions and 14 deletions

View File

@ -814,6 +814,9 @@ Release 2.6.0 - UNRELEASED
HADOOP-11161. Expose close method in KeyProvider to give clients of HADOOP-11161. Expose close method in KeyProvider to give clients of
Provider implementations a hook to release resources. (Arun Suresh via atm) Provider implementations a hook to release resources. (Arun Suresh via atm)
HADOOP-11133. Should trim the content of keystore password file for JavaKeyStoreProvider
(Yi Liu via umamahesh)
BREAKDOWN OF HDFS-6134 AND HADOOP-10150 SUBTASKS AND RELATED JIRAS BREAKDOWN OF HDFS-6134 AND HADOOP-10150 SUBTASKS AND RELATED JIRAS
HADOOP-10734. Implement high-performance secure random number sources. HADOOP-10734. Implement high-performance secure random number sources.

View File

@ -146,7 +146,7 @@ public class JavaKeyStoreProvider extends KeyProvider {
if (pwdFile != null) { if (pwdFile != null) {
InputStream is = pwdFile.openStream(); InputStream is = pwdFile.openStream();
try { try {
password = IOUtils.toCharArray(is); password = IOUtils.toString(is).trim().toCharArray();
} finally { } finally {
is.close(); is.close();
} }

View File

@ -99,7 +99,7 @@ public class JavaKeyStoreProvider extends CredentialProvider {
if (pwdFile != null) { if (pwdFile != null) {
InputStream is = pwdFile.openStream(); InputStream is = pwdFile.openStream();
try { try {
password = IOUtils.toCharArray(is); password = IOUtils.toString(is).trim().toCharArray();
} finally { } finally {
is.close(); is.close();
} }

View File

@ -21,12 +21,12 @@ import java.io.File;
import java.io.IOException; import java.io.IOException;
import java.net.URI; import java.net.URI;
import java.util.List; import java.util.List;
import java.util.UUID;
import org.apache.hadoop.conf.Configuration; import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.crypto.key.KeyProvider.KeyVersion; import org.apache.hadoop.crypto.key.KeyProvider.KeyVersion;
import org.apache.hadoop.fs.FileStatus; import org.apache.hadoop.fs.FileStatus;
import org.apache.hadoop.fs.FileSystem; import org.apache.hadoop.fs.FileSystem;
import org.apache.hadoop.fs.FileSystemTestHelper;
import org.apache.hadoop.fs.Path; import org.apache.hadoop.fs.Path;
import org.apache.hadoop.fs.permission.FsPermission; import org.apache.hadoop.fs.permission.FsPermission;
import org.apache.hadoop.io.Text; import org.apache.hadoop.io.Text;
@ -44,20 +44,21 @@ import static org.junit.Assert.assertNotNull;
public class TestKeyProviderFactory { public class TestKeyProviderFactory {
private static File tmpDir; private FileSystemTestHelper fsHelper;
private File testRootDir;
@Before @Before
public void setup() { public void setup() {
tmpDir = new File(System.getProperty("test.build.data", "target"), fsHelper = new FileSystemTestHelper();
UUID.randomUUID().toString()); String testRoot = fsHelper.getTestRootDir();
tmpDir.mkdirs(); testRootDir = new File(testRoot).getAbsoluteFile();
} }
@Test @Test
public void testFactory() throws Exception { public void testFactory() throws Exception {
Configuration conf = new Configuration(); Configuration conf = new Configuration();
final String userUri = UserProvider.SCHEME_NAME + ":///"; final String userUri = UserProvider.SCHEME_NAME + ":///";
final Path jksPath = new Path(tmpDir.toString(), "test.jks"); final Path jksPath = new Path(testRootDir.toString(), "test.jks");
final String jksUri = JavaKeyStoreProvider.SCHEME_NAME + final String jksUri = JavaKeyStoreProvider.SCHEME_NAME +
"://file" + jksPath.toUri().toString(); "://file" + jksPath.toUri().toString();
conf.set(KeyProviderFactory.KEY_PROVIDER_PATH, conf.set(KeyProviderFactory.KEY_PROVIDER_PATH,
@ -209,11 +210,11 @@ public class TestKeyProviderFactory {
@Test @Test
public void testJksProvider() throws Exception { public void testJksProvider() throws Exception {
Configuration conf = new Configuration(); Configuration conf = new Configuration();
final Path jksPath = new Path(tmpDir.toString(), "test.jks"); final Path jksPath = new Path(testRootDir.toString(), "test.jks");
final String ourUrl = final String ourUrl =
JavaKeyStoreProvider.SCHEME_NAME + "://file" + jksPath.toUri(); JavaKeyStoreProvider.SCHEME_NAME + "://file" + jksPath.toUri();
File file = new File(tmpDir, "test.jks"); File file = new File(testRootDir, "test.jks");
file.delete(); file.delete();
conf.set(KeyProviderFactory.KEY_PROVIDER_PATH, ourUrl); conf.set(KeyProviderFactory.KEY_PROVIDER_PATH, ourUrl);
checkSpecificProvider(conf, ourUrl); checkSpecificProvider(conf, ourUrl);
@ -364,10 +365,10 @@ public class TestKeyProviderFactory {
@Test @Test
public void testJksProviderPasswordViaConfig() throws Exception { public void testJksProviderPasswordViaConfig() throws Exception {
Configuration conf = new Configuration(); Configuration conf = new Configuration();
final Path jksPath = new Path(tmpDir.toString(), "test.jks"); final Path jksPath = new Path(testRootDir.toString(), "test.jks");
final String ourUrl = final String ourUrl =
JavaKeyStoreProvider.SCHEME_NAME + "://file" + jksPath.toUri(); JavaKeyStoreProvider.SCHEME_NAME + "://file" + jksPath.toUri();
File file = new File(tmpDir, "test.jks"); File file = new File(testRootDir, "test.jks");
file.delete(); file.delete();
try { try {
conf.set(KeyProviderFactory.KEY_PROVIDER_PATH, ourUrl); conf.set(KeyProviderFactory.KEY_PROVIDER_PATH, ourUrl);
@ -408,7 +409,7 @@ public class TestKeyProviderFactory {
@Test @Test
public void testGetProviderViaURI() throws Exception { public void testGetProviderViaURI() throws Exception {
Configuration conf = new Configuration(false); Configuration conf = new Configuration(false);
final Path jksPath = new Path(tmpDir.toString(), "test.jks"); final Path jksPath = new Path(testRootDir.toString(), "test.jks");
URI uri = new URI(JavaKeyStoreProvider.SCHEME_NAME + "://file" + jksPath.toUri()); URI uri = new URI(JavaKeyStoreProvider.SCHEME_NAME + "://file" + jksPath.toUri());
KeyProvider kp = KeyProviderFactory.get(uri, conf); KeyProvider kp = KeyProviderFactory.get(uri, conf);
Assert.assertNotNull(kp); Assert.assertNotNull(kp);