Apache/hadoop
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
11,950 Commits 326 Branches 371 Tags
Commit Graph

101 Commits

Author SHA1 Message Date
Xiao Chen
49f9e7cf71 HADOOP-13847. KMSWebApp should close KeyProviderCryptoExtension. Contributed by John Zhuge. 
(cherry picked from commit 291df5c7fb713d5442ee29eb3f272127afb05a3c)
 2016-12-05 09:35:54 -08:00
Akira Ajisaka
129beeeddd HADOOP-13812. Upgrade Tomcat to 6.0.48. Contributed by John Zhuge. 
(cherry picked from commit 00096dcc0c23af38e697cd7c6c29e3f00d744e54)
(cherry picked from commit 0c895e8a62b4b69a020a5f004e97323520a1b1d0)
 2016-11-29 19:51:38 +09:00
Robert Kanter
92ee5e2077 HADOOP-13838. KMSTokenRenewer should close providers (xiaochen via rkanter) 
(cherry picked from commit 47ca9e26fba4a639e43bee5bfc001ffc4b42330d)
(cherry picked from commit 285edf691db42a3e17138d960f8560c62d8d0dde)
 2016-11-28 18:23:23 -08:00
Akira Ajisaka
402606323a HADOOP-13814. Sample configuration of KMS HTTP Authentication signature is misleading. Contributed by Masahiro Tanaka. 
(cherry picked from commit c65d6b65415742288b53f8e38314b71794e47ecc)
(cherry picked from commit d29e3d0f52e869e0c87839056637d815ea308353)
 2016-11-21 11:29:00 +09:00
Xiao Chen
cf366a0fd6 HADOOP-13815. TestKMS#testDelegationTokensOpsSimple and TestKMS#testDelegationTokensOpsKerberized Fails in Trunk. 
(cherry picked from commit 61c0bedf775e6e794d4704485ec2c41a95aecae9)
(cherry picked from commit efc9ffc3b62a3de7660ab6fadeb59c8c2bca368b)
 2016-11-15 16:26:59 -08:00
Xiao Chen
a22ca0aa58 HADOOP-12453. Support decoding KMS Delegation Token with its own Identifier. Contributed by Xiaoyu Yao. 
(cherry picked from commit 7154a20bcb1559c23aeb3b78b920bed03d834cb5)
 2016-11-03 13:10:41 -07:00
Xiao Chen
a8aabf9be6 HADOOP-13669. Addendum patch 2 for KMS Server should log exceptions before throwing. 
(cherry picked from commit 09ef97dccbd4c11aaeedf7503d414f999435ad91)
 2016-10-25 09:59:48 -07:00
Xiaoyu Yao
7d826631ea HADOOP-13749. KMSClientProvider combined with KeyProviderCache can result in wrong UGI being used. Contributed by Xiaoyu Yao. 
(cherry picked from commit d0a347984da175948b553a675dc357491df2fd0f)
 2016-10-23 10:59:10 -07:00
Xiao Chen
7d19394bd5 HADOOP-13381. KMS clients should use KMS Delegation Tokens from current UGI. Contributed by Xiao Chen. 
(cherry picked from commit 8ebf2e95d2053cb94c6ff87ca018811fe8276f2b)

Conflicts:
	hadoop-common-project/hadoop-kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/TestKMS.java

(cherry picked from commit 8fe4b2429a22cf932b701863170336a3b6986dd2)
 2016-10-21 14:59:56 -07:00
Xiao Chen
1ea7070042 HADOOP-13669. Addendum patch for KMS Server should log exceptions before throwing. 
(cherry picked from commit ae51b11f7872eaac558acf00fd23f6d7b1841cfe)
 2016-10-13 22:32:30 -07:00
Xiao Chen
97105d8733 HADOOP-13669. KMS Server should log exceptions before throwing. Contributed by Suraj Acharya. 
(cherry picked from commit fc18c32540ed6a410adb123e1105729e0343b7f5)
 2016-10-10 12:50:59 -07:00
Xiao Chen
b1eb21e940 HADOOP-13317. Add logs to KMS server-side to improve supportability. Contributed by Suraj Acharya. 
(cherry picked from commit 89bd6d29a62afd7ed8ff87bcc29d17b1cb53dcb6)
 2016-09-30 17:52:17 -07:00
Xiao Chen
09964a1629 HADOOP-13638. KMS should set UGI's Configuration object properly. Contributed by Wei-Chiu Chuang. 
(cherry picked from commit fa397e74fe988bcbb05c816de73eb738794ace4b)

Conflicts:
	hadoop-common-project/hadoop-kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/TestKMS.java

(cherry picked from commit 06187e4f98c70b12fbf61c21580ccded27c87185)

Conflicts:
	hadoop-common-project/hadoop-kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/TestKMS.java
 2016-09-26 13:04:29 -07:00
Brahma Reddy Battula
fa042ff9af HADOOP-12597. In kms-site.xml configuration hadoop.security.keystore.JavaKeyStoreProvider.password should be updated with new name. ( Contributed by Surendra Singh Lilhore via Brahma Reddy Battula) 2016-09-26 23:19:36 +05:30
Xiao Chen
900dc70a01 HDFS-10489. Deprecate dfs.encryption.key.provider.uri for HDFS encryption zones. Contributed by Xiao Chen. 
(cherry picked from commit ea839bd48e4478fc7b6d0a69e0eaeae2de5e0f0d)

Conflicts:
	hadoop-hdfs-project/hadoop-hdfs-client/src/main/java/org/apache/hadoop/hdfs/HdfsConfiguration.java
	hadoop-hdfs-project/hadoop-hdfs/src/main/resources/hdfs-default.xml

(cherry picked from commit 20585ade1d9d7fbd8b9df8b1e3db5a74fd4441a6)
 2016-09-19 16:38:00 -07:00
Zhe Zhang
8bc33bf343 HADOOP-12765. HttpServer2 should switch to using the non-blocking SslSelectChannelConnector to prevent performance degradation when handling SSL connections. Contributed by Min Shen. Branch-2 patch contributed by Wei-Chiu Chuang. 
(cherry picked from commit dfcbc12026b591745a7d7279f2b840152cb53a91)
 2016-08-23 14:46:47 -07:00
Wei-Chiu Chuang
b0bc7681c3 HADOOP-13190. Mention LoadBalancingKMSClientProvider in KMS HA documentation. Contributed by Wei-Chiu Chuang. 
(cherry picked from commit db719ef125b11b01eab3353e2dc4b48992bf88d5)
(cherry picked from commit 6d53e096b2d96b9aace46fa9f34cd93e7f0f22a6)
 2016-08-11 12:33:15 -07:00
Wei-Chiu Chuang
7b042c5c72 HADOOP-13395. Enhance TestKMSAudit. Contributed by Xiao Chen. 
(cherry picked from commit 070548943a16370a74277d1b1d10b713e2ca81d0)

Conflicts:
hadoop-common-project/hadoop-kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/TestKMSAudit.java

(cherry picked from commit cc20316b55ee108ccd880e8fb0565eacae2b90bd)
 2016-08-08 15:18:19 -07:00
Andrew Wang
59a70977c3 HADOOP-13251. Authenticate with Kerberos credentials when renewing KMS delegation token. Contributed by Xiao Chen. 
(cherry picked from commit 771f798edf97b27ae003395118c0317b484df6ee)

 Conflicts:
	hadoop-common-project/hadoop-kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/TestKMS.java

(cherry picked from commit d8a69c873725b681b06b116cdd10bdb3c2082963)
 2016-06-27 18:29:58 -07:00
Xiaoyu Yao
e84a9c976a HADOOP-13255. KMSClientProvider should check and renew tgt when doing delegation token operations. Contributed by Xiao Chen. 
(cherry picked from commit ddf66427ff92a3886f94954e21d59e998412059b)
 2016-06-16 20:12:55 -07:00
Andrew Wang
d712b2ee3b HADOOP-13155. Implement TokenRenewer to renew and cancel delegation tokens in KMS. Contributed by Xiao Chen. 
(cherry picked from commit 713cb71820ad94a5436f35824d07aa12fcba5cc6)

 Conflicts:
	hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/KeyProviderDelegationTokenExtension.java
	hadoop-hdfs-project/hadoop-hdfs-client/src/main/java/org/apache/hadoop/hdfs/DFSUtilClient.java

(cherry picked from commit 03c4724c884b133eeb1114e417f7d49d239f4783)

 Conflicts:
	hadoop-hdfs-project/hadoop-hdfs-client/src/main/java/org/apache/hadoop/hdfs/DFSUtilClient.java
 2016-06-03 17:03:40 -07:00
Andrew Wang
0d4fbf01be HADOOP-13030. Handle special characters in passwords in KMS startup script. Contributed by Xiao Chen. 
(cherry picked from commit 7271e91b791ba277fd2a9b8f870eb9bc4f395566)
 2016-04-27 17:14:00 -07:00
Andrew Wang
bc148530d4 HADOOP-12951. Improve documentation on KMS ACLs and delegation tokens. Contributed by Xiao Chen. 
(cherry picked from commit 594c70f779b277bd0b9d0a5dc98c3e9cc49b7e91)
(cherry picked from commit 2f983b161ffcbed23cfd7c1fac237244aec7e78d)
 2016-04-07 23:51:19 -07:00
Andrew Wang
d2c33ba61e HADOOP-12962. KMS key names are incorrectly encoded when creating key. Contributed by Xiao Chen. 
(cherry picked from commit d4df7849a5caf749403bd89d29652f69c9c3f5a8)
(cherry picked from commit c58599acba369fd18f42e4c0c32094440787b2cc)
 2016-03-25 15:29:09 -07:00
Masatake Iwasaki
9d551a3adf HADOOP-12470. In-page TOC of documentation should be automatically generated by doxia macro (iwasakims) 
(cherry picked from commit cbd31328a61252f253aa2bcdb9cad70f7876d231)

 Conflicts:
	hadoop-common-project/hadoop-common/src/site/markdown/CommandsManual.md
	hadoop-common-project/hadoop-common/src/site/markdown/UnixShellGuide.md

(cherry picked from commit 722182fdfbb654be655fbca42f34bba5a05c2f6d)
 2016-03-04 14:13:30 +09:00
Yongjun Zhang
62ba1e415a HADOOP-12828. Print user when services are started. (Wei-Chiu Chuang via Yongjun Zhang) 
(cherry picked from commit a963baba10648859ad88d4ed9a4325b66b1af0d5)
 2016-02-19 09:58:09 -08:00
Andrew Wang
9afa321fd2 HADOOP-12699. TestKMS#testKMSProvider intermittently fails during 'test rollover draining'. Contributed by Xiao Chen. 
(cherry picked from commit 8fdef0bd9d1ece560ab4e1a1ec7fc77c46a034bb)
(cherry picked from commit fb57c01eaaf572dee59e91e75d59237cf540d6d1)
 2016-02-11 17:21:55 -08:00
cnauroth
ddd82d24be HADOOP-12795. KMS does not log detailed stack trace for unexpected errors. Contributed by Chris Nauroth. 
(cherry picked from commit 70c756d35e6ed5608ce82d1a6fbfb02e19af5ecf)
(cherry picked from commit 25dcb88630eb4a6c30db4f20323beeb7fd2584cc)
 2016-02-11 16:53:21 -08:00
Zhe Zhang
9023751de6 HADOOP-12764. Increase default value of KMS maxHttpHeaderSize and make it configurable. (zhz) 
Change-Id: Iabb766f6311b83a1ac03093b0ba26a0284b74d70
 2016-02-11 09:29:45 -08:00
Xiaoyu Yao
a48fdc1907 HADOOP-12682. Fix TestKMS#testKMSRestart* failure. Contributed by Wei-Chiu Chuang. 
(cherry picked from commit ab725cff66e8a047e9437e42ac49ac8685ee7a94)
 2015-12-30 10:44:13 -08:00
Haohui Mai
64add87f5c HADOOP-11218. Add TLSv1.1,TLSv1.2 to KMS, HttpFS, SSLFactory. Contributed by Vijay Singh. 2015-11-22 16:00:44 -08:00
Haohui Mai
950e8a459e HADOOP-12474. MiniKMS should use random ports for Jetty server by default. Contributed by Mingliang Liu. 2015-10-13 13:08:03 -07:00
Andrew Wang
bdaa0fed13 HADOOP-11885. hadoop-dist dist-layout-stitching.sh does not work with dash. (wang) 
(cherry picked from commit 7673d4f205b26a6a26cfc47d999ece96f3c42782)

 Conflicts:
	hadoop-mapreduce-project/hadoop-mapreduce-client/hadoop-mapreduce-client-nativetask/pom.xml
	hadoop-mapreduce-project/pom.xml
 2015-05-29 14:55:52 -07:00
Colin Patrick Mccabe
3dec58dd78 HADOOP-11969. ThreadLocal initialization in several classes is not thread safe (Sean Busbey via Colin P. McCabe) 
(cherry picked from commit 7dba7005b79994106321b0f86bc8f4ea51a3c185)
 2015-05-26 12:40:41 -07:00
Robert Kanter
f00815ac8a HADOOP-11870. [JDK8] AuthenticationFilter, CertificateUtil, SignerSecretProviders, KeyAuthorizationKeyProvider Javadoc issues (rkanter) 
(cherry picked from commit 9fec02c069f9bb24b5ee99031917075b4c7a7682)
 2015-04-27 13:26:00 -07:00
Haohui Mai
e75e6c66ea HADOOP-11633. Convert remaining branch-2 .apt.vm files to markdown. Contributed by Masatake Iwasaki. 2015-03-11 14:23:44 -07:00
Vinod Kumar Vavilapalli
d9416317a9 Preparing for 2.8.0 development. Changing SNAPSHOT version to be 2.8 on branch-2. 2015-03-08 20:32:51 -07:00
Andrew Wang
0512e50d6e HADOOP-11620. Add support for load balancing across a group of KMS for HA. Contributed by Arun Suresh. 
(cherry picked from commit 71385f9b70e22618db3f3d2b2c6dca3b1e82c317)
 2015-02-25 21:17:44 -08:00
yliu
3ac8f88989 HADOOP-11469. KMS should skip default.key.acl and whitelist.key.acl when loading key acl. (Dian Fu via yliu) 2015-01-27 23:55:52 +08:00
Andrew Wang
7b69719455 HADOOP-11482. Use correct UGI when KMSClientProvider is called by a proxy user. Contributed by Arun Suresh. 
(cherry picked from commit 4b00935643f6c3656ccbd7eeb54884738bc12c2e)
 2015-01-23 12:11:29 -08:00
Akira Ajisaka
13067cf4b1 HADOOP-11493. Fix some typos in kms-acls.xml description. (Contributed by Charles Lamb) 
(cherry picked from commit aee4500612e9d7da5a7a46e407f9f5dc6c22508b)
 2015-01-23 11:49:37 +09:00
Haohui Mai
784f481473 HADOOP-11378. Fix new findbugs warnings in hadoop-kms. Contributed by Li Lu. 2014-12-09 13:10:09 -08:00
Andrew Wang
deaa172e7a HADOOP-11368. Fix SSLFactory truststore reloader thread leak in KMSClientProvider. Contributed by Arun Suresh. 
(cherry picked from commit 74d4bfded98239507511dedb515bc6a54958d5a8)
 2014-12-09 10:47:33 -08:00
Andrew Wang
46a7365164 HADOOP-11329. Add JAVA_LIBRARY_PATH to KMS startup options. Contributed by Arun Suresh. 
(cherry picked from commit ddffcd8fac8af0ff78e63cca583af5c77a062891)
 2014-12-08 13:45:34 -08:00
Andrew Wang
b8e4fffa49 HADOOP-11355. When accessing data in HDFS and the key has been deleted, a Null Pointer Exception is shown. Contributed by Arun Suresh. 
(cherry picked from commit 9cdaec6a6f6cb1680ad6e44d7b0c8d70cdcbe3fa)
 2014-12-05 12:01:32 -08:00
Andrew Wang
696e15f0d1 HADOOP-11342. KMS key ACL should ignore ALL operation for default key ACL and whitelist key ACL. Contributed by Dian Fu. 
(cherry picked from commit 1812241ee10c0a98844bffb9341f770d54655f52)
 2014-12-03 12:00:29 -08:00
Andrew Wang
c962eef533 HADOOP-11344. KMS kms-config.sh sets a default value for the keystore password even in non-ssl setup. Contributed by Arun Suresh. 
(cherry picked from commit 3d48ad7eb424206dd1528179b35de4cdf51afdf3)
 2014-12-02 19:04:33 -08:00
Andrew Wang
881c77107e HADOOP-11341. KMS support for whitelist key ACLs. Contributed by Arun Suresh. 
(cherry picked from commit 31b4d2daa14a7f6e8ee73fd3160e126d8db62ffb)
 2014-12-01 21:58:21 -08:00
Andrew Wang
084667aad9 HADOOP-11337. KeyAuthorizationKeyProvider access checks need to be done atomically. Contributed by Dian Fu. 
(cherry picked from commit 9fa29902575ac3774bf3728e7bcde7f3eefb1d4c)
 2014-12-01 21:22:03 -08:00
Andrew Wang
aad16f8f5c HADOOP-11300. KMS startup scripts must not display the keystore / truststore passwords. Contributed by Arun Suresh. 
(cherry picked from commit 56f3eecc129486d3297d082d9b97f26b40d0a2c6)
 2014-11-25 15:12:09 -08:00