SOLR-5776: *sigh* Revert this for now.

git-svn-id: https://svn.apache.org/repos/asf/lucene/dev/trunk@1588406 13f79535-47bb-0310-9956-ffa450edef68
2014-04-18 02:56:48 +00:00 · 2014-04-18 02:56:48 +00:00 · bbad949644
parent 5630a25118
commit bbad949644
18 changed files with 31 additions and 39 deletions
--- a/solr/CHANGES.txt
+++ b/solr/CHANGES.txt
@ -82,9 +82,6 @@ Other Changes

 * SOLR-5868: HttpClient should be configured to use ALLOW_ALL_HOSTNAME hostname
  verifier to simplify SSL setup. (Steve Davids via Mark Miller)
-  
-* SOLR-5776: Enabled SSL tests can easily exhaust random generator entropy and
-  block. (Mark Miller, hossman, Steve Davids)

 ==================  4.9.0 ==================

--- a/solr/core/src/java/org/apache/solr/client/solrj/embedded/JettySolrRunner.java
+++ b/solr/core/src/java/org/apache/solr/client/solrj/embedded/JettySolrRunner.java
@ -358,9 +358,6 @@ public class JettySolrRunner {
      if (null != sslConfig.getTrustStorePassword()) {
        sslcontext.setTrustStorePassword(sslConfig.getTrustStorePassword());
      }
-      if (null != sslConfig.getSecureRandomAlgorithm()) {
-        sslcontext.setSecureRandomAlgorithm(sslConfig.getSecureRandomAlgorithm());
-      }
      sslcontext.setNeedClientAuth(sslConfig.isClientAuthMode());
    } else {
      boolean jettySsl = Boolean.getBoolean(System.getProperty("tests.jettySsl"));
--- a/solr/core/src/java/org/apache/solr/client/solrj/embedded/SSLConfig.java
+++ b/solr/core/src/java/org/apache/solr/client/solrj/embedded/SSLConfig.java
@ -25,7 +25,6 @@ public class SSLConfig {
  private String keyStorePassword;
  private String trustStore;
  private String trustStorePassword;
-  private String secureRandomAlgorithm;
  
  public SSLConfig(boolean useSSL, boolean clientAuth, String keyStore, String keyStorePassword, String trustStore, String trustStorePassword) {
    this.useSsl = useSSL;
@ -44,10 +43,6 @@ public class SSLConfig {
    this.clientAuth = clientAuth;
  }
  
-  public void setSecureRandomAlgorithm(String secureRandomAlgorithm) {
-    this.secureRandomAlgorithm = secureRandomAlgorithm;
-  }
-  
  public boolean isSSLMode() {
    return useSsl;
  }
@ -71,8 +66,4 @@ public class SSLConfig {
  public String getTrustStorePassword() {
    return trustStorePassword;
  }
-
-  public String getSecureRandomAlgorithm() {
-    return secureRandomAlgorithm;
-  }
 }
--- a/solr/core/src/test/org/apache/solr/cloud/BasicDistributedZk2Test.java
+++ b/solr/core/src/test/org/apache/solr/cloud/BasicDistributedZk2Test.java
@ -26,6 +26,7 @@ import java.util.regex.Pattern;

 import org.apache.http.client.methods.HttpGet;
 import org.apache.http.impl.client.BasicResponseHandler;
+import org.apache.solr.SolrTestCaseJ4.SuppressSSL;
 import org.apache.solr.client.solrj.SolrQuery;
 import org.apache.solr.client.solrj.SolrServer;
 import org.apache.solr.client.solrj.SolrServerException;
@ -49,6 +50,7 @@ import org.apache.solr.util.AbstractSolrTestCase;
 * This test simply does a bunch of basic things in solrcloud mode and asserts things
 * work as expected.
 */
+@SuppressSSL(bugUrl = "https://issues.apache.org/jira/browse/SOLR-5776")
 public class BasicDistributedZk2Test extends AbstractFullDistribZkTestBase {
  private static final String SHARD2 = "shard2";
  private static final String SHARD1 = "shard1";
--- a/solr/core/src/test/org/apache/solr/cloud/BasicDistributedZkTest.java
+++ b/solr/core/src/test/org/apache/solr/cloud/BasicDistributedZkTest.java
@ -38,6 +38,7 @@ import java.util.concurrent.atomic.AtomicInteger;
 import org.apache.commons.lang.StringUtils;
 import org.apache.lucene.util.LuceneTestCase.Slow;
 import org.apache.solr.JSONTestUtil;
+import org.apache.solr.SolrTestCaseJ4.SuppressSSL;
 import org.apache.solr.client.solrj.SolrQuery;
 import org.apache.solr.client.solrj.SolrRequest;
 import org.apache.solr.client.solrj.SolrServer;
@ -76,6 +77,7 @@ import org.junit.BeforeClass;
 * work as expected.
 */
@Slow 
+@SuppressSSL(bugUrl = "https://issues.apache.org/jira/browse/SOLR-5776")
 public class BasicDistributedZkTest extends AbstractFullDistribZkTestBase {
  
  private static final String DEFAULT_COLLECTION = "collection1";
--- a/solr/core/src/test/org/apache/solr/cloud/ChaosMonkeyNothingIsSafeTest.java
+++ b/solr/core/src/test/org/apache/solr/cloud/ChaosMonkeyNothingIsSafeTest.java
@ -26,6 +26,7 @@ import java.util.concurrent.atomic.AtomicInteger;

 import org.apache.http.client.HttpClient;
 import org.apache.lucene.util.LuceneTestCase.Slow;
+import org.apache.solr.SolrTestCaseJ4.SuppressSSL;
 import org.apache.solr.client.solrj.SolrQuery;
 import org.apache.solr.client.solrj.SolrServer;
 import org.apache.solr.client.solrj.impl.CloudSolrServer;
@ -46,6 +47,7 @@ import org.slf4j.LoggerFactory;
 import com.carrotsearch.randomizedtesting.annotations.ThreadLeakLingering;

@Slow
+@SuppressSSL
@ThreadLeakLingering(linger = 60000)
 public class ChaosMonkeyNothingIsSafeTest extends AbstractFullDistribZkTestBase {
  private static final int FAIL_TOLERANCE = 20;
--- a/solr/core/src/test/org/apache/solr/cloud/FullSolrCloudDistribCmdsTest.java
+++ b/solr/core/src/test/org/apache/solr/cloud/FullSolrCloudDistribCmdsTest.java
@ -21,7 +21,9 @@ import java.io.IOException;
 import java.util.ArrayList;
 import java.util.List;

+import org.apache.lucene.util.LuceneTestCase.BadApple;
 import org.apache.lucene.util.LuceneTestCase.Slow;
+import org.apache.solr.SolrTestCaseJ4.SuppressSSL;
 import org.apache.solr.client.solrj.SolrQuery;
 import org.apache.solr.client.solrj.SolrServer;
 import org.apache.solr.client.solrj.SolrServerException;
@ -47,6 +49,7 @@ import org.junit.BeforeClass;
 * Super basic testing, no shard restarting or anything.
 */
@Slow
+@SuppressSSL(bugUrl = "https://issues.apache.org/jira/browse/SOLR-5776")
 public class FullSolrCloudDistribCmdsTest extends AbstractFullDistribZkTestBase {
  
  @BeforeClass
--- a/solr/core/src/test/org/apache/solr/cloud/SSLMigrationTest.java
+++ b/solr/core/src/test/org/apache/solr/cloud/SSLMigrationTest.java
@ -47,7 +47,7 @@ import org.apache.lucene.util.LuceneTestCase.Slow;
 * off in the cluster.
 */
@Slow
-@SuppressSSL // tests starts with SSL off
+@SuppressSSL
 public class SSLMigrationTest extends AbstractFullDistribZkTestBase {
  
  @Override
--- a/solr/core/src/test/org/apache/solr/cloud/UnloadDistributedZkTest.java
+++ b/solr/core/src/test/org/apache/solr/cloud/UnloadDistributedZkTest.java
@ -24,6 +24,7 @@ import java.util.concurrent.SynchronousQueue;
 import java.util.concurrent.ThreadPoolExecutor;
 import java.util.concurrent.TimeUnit;

+import org.apache.solr.SolrTestCaseJ4.SuppressSSL;
 import org.apache.lucene.util.LuceneTestCase.Slow;
 import org.apache.solr.client.solrj.SolrQuery;
 import org.apache.solr.client.solrj.SolrServer;
@ -45,6 +46,7 @@ import org.junit.BeforeClass;
 * work as expected.
 */
@Slow
+@SuppressSSL(bugUrl = "https://issues.apache.org/jira/browse/SOLR-5776")
 public class UnloadDistributedZkTest extends BasicDistributedZkTest {
  
  @BeforeClass
--- a/solr/core/src/test/org/apache/solr/update/PeerSyncTest.java
+++ b/solr/core/src/test/org/apache/solr/update/PeerSyncTest.java
@ -21,6 +21,7 @@ import java.io.IOException;
 import java.util.Arrays;

 import org.apache.solr.BaseDistributedSearchTestCase;
+import org.apache.solr.SolrTestCaseJ4.SuppressSSL;
 import org.apache.solr.client.solrj.SolrServer;
 import org.apache.solr.client.solrj.SolrServerException;
 import org.apache.solr.client.solrj.request.QueryRequest;
@ -31,6 +32,7 @@ import org.apache.solr.common.util.StrUtils;
 import static org.apache.solr.update.processor.DistributingUpdateProcessorFactory.DISTRIB_UPDATE_PARAM;
 import static org.apache.solr.update.processor.DistributedUpdateProcessor.DistribPhase;

+@SuppressSSL(bugUrl = "https://issues.apache.org/jira/browse/SOLR-5776")
 public class PeerSyncTest extends BaseDistributedSearchTestCase {
  private static int numVersions = 100;  // number of versions to use when syncing
  private final String FROM_LEADER = DistribPhase.FROMLEADER.toString();
--- a/solr/solrj/src/test/org/apache/solr/client/solrj/SolrExampleBinaryTest.java
+++ b/solr/solrj/src/test/org/apache/solr/client/solrj/SolrExampleBinaryTest.java
@ -17,6 +17,7 @@

 package org.apache.solr.client.solrj;

+import org.apache.solr.SolrTestCaseJ4.SuppressSSL;
 import org.apache.solr.client.solrj.SolrExampleTests;
 import org.apache.solr.client.solrj.SolrServer;
 import org.apache.solr.client.solrj.impl.BinaryRequestWriter;
@ -30,6 +31,7 @@ import org.junit.BeforeClass;
 * A subclass of SolrExampleTests that explicitly uses the binary 
 * codec for communication. 
 */
+@SuppressSSL(bugUrl = "https://issues.apache.org/jira/browse/SOLR-5776")
 public class SolrExampleBinaryTest extends SolrExampleTests {
  @BeforeClass
  public static void beforeTest() throws Exception {
--- a/solr/solrj/src/test/org/apache/solr/client/solrj/SolrExampleTests.java
+++ b/solr/solrj/src/test/org/apache/solr/client/solrj/SolrExampleTests.java
@ -32,6 +32,7 @@ import com.google.common.collect.Maps;
 import junit.framework.Assert;

 import org.apache.lucene.util.TestUtil;
+import org.apache.solr.SolrTestCaseJ4.SuppressSSL;
 import org.apache.solr.client.solrj.embedded.EmbeddedSolrServer;
 import org.apache.solr.client.solrj.impl.BinaryResponseParser;
 import org.apache.solr.client.solrj.impl.ConcurrentUpdateSolrServer;
@ -69,6 +70,7 @@ import org.slf4j.LoggerFactory;
 *
 * @since solr 1.3
 */
+@SuppressSSL
 abstract public class SolrExampleTests extends SolrExampleTestsBase
 {
  private static Logger log = LoggerFactory.getLogger(SolrExampleTests.class);
--- a/solr/solrj/src/test/org/apache/solr/client/solrj/SolrExampleXMLTest.java
+++ b/solr/solrj/src/test/org/apache/solr/client/solrj/SolrExampleXMLTest.java
@ -17,6 +17,7 @@

 package org.apache.solr.client.solrj;

+import org.apache.solr.SolrTestCaseJ4.SuppressSSL;
 import org.apache.solr.client.solrj.impl.HttpSolrServer;
 import org.apache.solr.client.solrj.impl.XMLResponseParser;
 import org.apache.solr.client.solrj.request.RequestWriter;
@ -27,6 +28,7 @@ import org.junit.BeforeClass;
 * A subclass of SolrExampleTests that explicitly uses the xml codec for
 * communication.
 */
+@SuppressSSL(bugUrl = "https://issues.apache.org/jira/browse/SOLR-5776")
 public class SolrExampleXMLTest extends SolrExampleTests {
  @BeforeClass
  public static void beforeTest() throws Exception {
--- a/solr/solrj/src/test/org/apache/solr/client/solrj/TestBatchUpdate.java
+++ b/solr/solrj/src/test/org/apache/solr/client/solrj/TestBatchUpdate.java
@ -17,6 +17,7 @@
 package org.apache.solr.client.solrj;

 import org.apache.solr.SolrJettyTestBase;
+import org.apache.solr.SolrTestCaseJ4.SuppressSSL;
 import org.apache.solr.client.solrj.beans.Field;
 import org.apache.solr.client.solrj.impl.BinaryRequestWriter;
 import org.apache.solr.client.solrj.impl.HttpSolrServer;
@ -36,6 +37,7 @@ import java.util.Iterator;
 * @since solr 1.4
 *
 */
+@SuppressSSL(bugUrl = "https://issues.apache.org/jira/browse/SOLR-5776")
 public class TestBatchUpdate extends SolrJettyTestBase {

  @BeforeClass
--- a/solr/solrj/src/test/org/apache/solr/client/solrj/embedded/SolrExampleJettyTest.java
+++ b/solr/solrj/src/test/org/apache/solr/client/solrj/embedded/SolrExampleJettyTest.java
@ -17,6 +17,7 @@

 package org.apache.solr.client.solrj.embedded;

+import org.apache.solr.SolrTestCaseJ4.SuppressSSL;
 import org.apache.solr.client.solrj.SolrExampleTests;
 import org.apache.solr.client.solrj.impl.HttpSolrServer;
 import org.apache.solr.util.ExternalPaths;
@ -30,6 +31,7 @@ import org.junit.Test;
 * rather then open a real connection?
 * 
 */
+@SuppressSSL(bugUrl = "https://issues.apache.org/jira/browse/SOLR-5776")
 public class SolrExampleJettyTest extends SolrExampleTests {

  @BeforeClass
--- a/solr/solrj/src/test/org/apache/solr/client/solrj/embedded/SolrExampleStreamingBinaryTest.java
+++ b/solr/solrj/src/test/org/apache/solr/client/solrj/embedded/SolrExampleStreamingBinaryTest.java
@ -17,6 +17,7 @@ package org.apache.solr.client.solrj.embedded;
 * limitations under the License.
 */

+import org.apache.solr.SolrTestCaseJ4.SuppressSSL;
 import org.apache.lucene.util.LuceneTestCase.Slow;
 import org.apache.solr.client.solrj.SolrServer;
 import org.apache.solr.client.solrj.impl.BinaryRequestWriter;
@ -24,6 +25,7 @@ import org.apache.solr.client.solrj.impl.BinaryResponseParser;
 import org.apache.solr.client.solrj.impl.ConcurrentUpdateSolrServer;

@Slow
+@SuppressSSL(bugUrl = "https://issues.apache.org/jira/browse/SOLR-5776")
 public class SolrExampleStreamingBinaryTest extends SolrExampleStreamingTest {

  @Override
--- a/solr/test-framework/src/java/org/apache/solr/SolrTestCaseJ4.java
+++ b/solr/test-framework/src/java/org/apache/solr/SolrTestCaseJ4.java
@ -238,7 +238,7 @@ public abstract class SolrTestCaseJ4 extends LuceneTestCase {
      return new SSLTestConfig();
    }
    
-    final boolean trySsl = true;//random().nextBoolean();
+    final boolean trySsl = random().nextBoolean();
    boolean trySslClientAuth = random().nextBoolean();
    if (Constants.MAC_OS_X) {
      trySslClientAuth = false;
--- a/solr/test-framework/src/java/org/apache/solr/util/SSLTestConfig.java
+++ b/solr/test-framework/src/java/org/apache/solr/util/SSLTestConfig.java
@ -22,7 +22,6 @@ import java.security.KeyManagementException;
 import java.security.KeyStore;
 import java.security.KeyStoreException;
 import java.security.NoSuchAlgorithmException;
-import java.security.SecureRandom;
 import java.security.UnrecoverableKeyException;

 import javax.net.ssl.SSLContext;
@ -41,7 +40,7 @@ import org.eclipse.jetty.util.security.CertificateUtils;
 public class SSLTestConfig extends SSLConfig {
  public static File TEST_KEYSTORE = ExternalPaths.EXAMPLE_HOME == null ? null
      : new File(ExternalPaths.EXAMPLE_HOME, "../etc/solrtest.keystore");
-  private static String SECURE_RANDOM_ALGORITHM = "SHA1PRNG";
+  
  private static String TEST_KEYSTORE_PATH = TEST_KEYSTORE != null
      && TEST_KEYSTORE.exists() ? TEST_KEYSTORE.getAbsolutePath() : null;
  private static String TEST_KEYSTORE_PASSWORD = "secret";
@ -52,12 +51,11 @@ public class SSLTestConfig extends SSLConfig {
  }
  
  public SSLTestConfig(boolean useSSL, boolean clientAuth) {
-    this(useSSL, clientAuth, TEST_KEYSTORE_PATH, TEST_KEYSTORE_PASSWORD, TEST_KEYSTORE_PATH, TEST_KEYSTORE_PASSWORD);
+    super(useSSL, clientAuth, TEST_KEYSTORE_PATH, TEST_KEYSTORE_PASSWORD, TEST_KEYSTORE_PATH, TEST_KEYSTORE_PASSWORD);
  }
 
  public SSLTestConfig(boolean useSSL, boolean clientAuth, String keyStore, String keyStorePassword, String trustStore, String trustStorePassword) {
    super(useSSL, clientAuth, keyStore, keyStorePassword, trustStore, trustStorePassword);
-    setSecureRandomAlgorithm(SECURE_RANDOM_ALGORITHM);
  }
  
  /**
@ -75,11 +73,10 @@ public class SSLTestConfig extends SSLConfig {
   */
  protected SSLContext buildSSLContext() throws KeyManagementException, 
    UnrecoverableKeyException, NoSuchAlgorithmException, KeyStoreException {
-
+    
    return SSLContexts.custom()
        .loadKeyMaterial(buildKeyStore(getKeyStore(), getKeyStorePassword()), getKeyStorePassword().toCharArray())
-        .loadTrustMaterial(buildKeyStore(getTrustStore(), getTrustStorePassword()), new TrustSelfSignedStrategy())
-        .setSecureRandom(new NullSecureRandom()).build();
+        .loadTrustMaterial(buildKeyStore(getTrustStore(), getTrustStorePassword()), new TrustSelfSignedStrategy()).build();
  }
  
  
@ -121,19 +118,4 @@ public class SSLTestConfig extends SSLConfig {
    System.clearProperty("javax.net.ssl.trustStorePassword");
  }
  
-  /**
-   * We use this to avoid SecureRandom blocking issues due to too many
-   * instances or not enough random entropy. Tests do not need secure SSL.
-   */
-  private static class NullSecureRandom extends SecureRandom {
-    public byte[] generateSeed(int numBytes) {
-      return new byte[numBytes];
-    }
-    
-    synchronized public void nextBytes(byte[] bytes) {
-    }
-    
-    synchronized public void setSeed(byte[] seed) {
-    }
-  }
 }