SOLR-5776: *sigh* Revert this for now.

git-svn-id: https://svn.apache.org/repos/asf/lucene/dev/trunk@1588406 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Mark Robert Miller 2014-04-18 02:56:48 +00:00
parent 5630a25118
commit bbad949644
18 changed files with 31 additions and 39 deletions

View File

@ -82,9 +82,6 @@ Other Changes
* SOLR-5868: HttpClient should be configured to use ALLOW_ALL_HOSTNAME hostname * SOLR-5868: HttpClient should be configured to use ALLOW_ALL_HOSTNAME hostname
verifier to simplify SSL setup. (Steve Davids via Mark Miller) verifier to simplify SSL setup. (Steve Davids via Mark Miller)
* SOLR-5776: Enabled SSL tests can easily exhaust random generator entropy and
block. (Mark Miller, hossman, Steve Davids)
================== 4.9.0 ================== ================== 4.9.0 ==================

View File

@ -358,9 +358,6 @@ public class JettySolrRunner {
if (null != sslConfig.getTrustStorePassword()) { if (null != sslConfig.getTrustStorePassword()) {
sslcontext.setTrustStorePassword(sslConfig.getTrustStorePassword()); sslcontext.setTrustStorePassword(sslConfig.getTrustStorePassword());
} }
if (null != sslConfig.getSecureRandomAlgorithm()) {
sslcontext.setSecureRandomAlgorithm(sslConfig.getSecureRandomAlgorithm());
}
sslcontext.setNeedClientAuth(sslConfig.isClientAuthMode()); sslcontext.setNeedClientAuth(sslConfig.isClientAuthMode());
} else { } else {
boolean jettySsl = Boolean.getBoolean(System.getProperty("tests.jettySsl")); boolean jettySsl = Boolean.getBoolean(System.getProperty("tests.jettySsl"));

View File

@ -25,7 +25,6 @@ public class SSLConfig {
private String keyStorePassword; private String keyStorePassword;
private String trustStore; private String trustStore;
private String trustStorePassword; private String trustStorePassword;
private String secureRandomAlgorithm;
public SSLConfig(boolean useSSL, boolean clientAuth, String keyStore, String keyStorePassword, String trustStore, String trustStorePassword) { public SSLConfig(boolean useSSL, boolean clientAuth, String keyStore, String keyStorePassword, String trustStore, String trustStorePassword) {
this.useSsl = useSSL; this.useSsl = useSSL;
@ -44,10 +43,6 @@ public class SSLConfig {
this.clientAuth = clientAuth; this.clientAuth = clientAuth;
} }
public void setSecureRandomAlgorithm(String secureRandomAlgorithm) {
this.secureRandomAlgorithm = secureRandomAlgorithm;
}
public boolean isSSLMode() { public boolean isSSLMode() {
return useSsl; return useSsl;
} }
@ -71,8 +66,4 @@ public class SSLConfig {
public String getTrustStorePassword() { public String getTrustStorePassword() {
return trustStorePassword; return trustStorePassword;
} }
public String getSecureRandomAlgorithm() {
return secureRandomAlgorithm;
}
} }

View File

@ -26,6 +26,7 @@ import java.util.regex.Pattern;
import org.apache.http.client.methods.HttpGet; import org.apache.http.client.methods.HttpGet;
import org.apache.http.impl.client.BasicResponseHandler; import org.apache.http.impl.client.BasicResponseHandler;
import org.apache.solr.SolrTestCaseJ4.SuppressSSL;
import org.apache.solr.client.solrj.SolrQuery; import org.apache.solr.client.solrj.SolrQuery;
import org.apache.solr.client.solrj.SolrServer; import org.apache.solr.client.solrj.SolrServer;
import org.apache.solr.client.solrj.SolrServerException; import org.apache.solr.client.solrj.SolrServerException;
@ -49,6 +50,7 @@ import org.apache.solr.util.AbstractSolrTestCase;
* This test simply does a bunch of basic things in solrcloud mode and asserts things * This test simply does a bunch of basic things in solrcloud mode and asserts things
* work as expected. * work as expected.
*/ */
@SuppressSSL(bugUrl = "https://issues.apache.org/jira/browse/SOLR-5776")
public class BasicDistributedZk2Test extends AbstractFullDistribZkTestBase { public class BasicDistributedZk2Test extends AbstractFullDistribZkTestBase {
private static final String SHARD2 = "shard2"; private static final String SHARD2 = "shard2";
private static final String SHARD1 = "shard1"; private static final String SHARD1 = "shard1";

View File

@ -38,6 +38,7 @@ import java.util.concurrent.atomic.AtomicInteger;
import org.apache.commons.lang.StringUtils; import org.apache.commons.lang.StringUtils;
import org.apache.lucene.util.LuceneTestCase.Slow; import org.apache.lucene.util.LuceneTestCase.Slow;
import org.apache.solr.JSONTestUtil; import org.apache.solr.JSONTestUtil;
import org.apache.solr.SolrTestCaseJ4.SuppressSSL;
import org.apache.solr.client.solrj.SolrQuery; import org.apache.solr.client.solrj.SolrQuery;
import org.apache.solr.client.solrj.SolrRequest; import org.apache.solr.client.solrj.SolrRequest;
import org.apache.solr.client.solrj.SolrServer; import org.apache.solr.client.solrj.SolrServer;
@ -76,6 +77,7 @@ import org.junit.BeforeClass;
* work as expected. * work as expected.
*/ */
@Slow @Slow
@SuppressSSL(bugUrl = "https://issues.apache.org/jira/browse/SOLR-5776")
public class BasicDistributedZkTest extends AbstractFullDistribZkTestBase { public class BasicDistributedZkTest extends AbstractFullDistribZkTestBase {
private static final String DEFAULT_COLLECTION = "collection1"; private static final String DEFAULT_COLLECTION = "collection1";

View File

@ -26,6 +26,7 @@ import java.util.concurrent.atomic.AtomicInteger;
import org.apache.http.client.HttpClient; import org.apache.http.client.HttpClient;
import org.apache.lucene.util.LuceneTestCase.Slow; import org.apache.lucene.util.LuceneTestCase.Slow;
import org.apache.solr.SolrTestCaseJ4.SuppressSSL;
import org.apache.solr.client.solrj.SolrQuery; import org.apache.solr.client.solrj.SolrQuery;
import org.apache.solr.client.solrj.SolrServer; import org.apache.solr.client.solrj.SolrServer;
import org.apache.solr.client.solrj.impl.CloudSolrServer; import org.apache.solr.client.solrj.impl.CloudSolrServer;
@ -46,6 +47,7 @@ import org.slf4j.LoggerFactory;
import com.carrotsearch.randomizedtesting.annotations.ThreadLeakLingering; import com.carrotsearch.randomizedtesting.annotations.ThreadLeakLingering;
@Slow @Slow
@SuppressSSL
@ThreadLeakLingering(linger = 60000) @ThreadLeakLingering(linger = 60000)
public class ChaosMonkeyNothingIsSafeTest extends AbstractFullDistribZkTestBase { public class ChaosMonkeyNothingIsSafeTest extends AbstractFullDistribZkTestBase {
private static final int FAIL_TOLERANCE = 20; private static final int FAIL_TOLERANCE = 20;

View File

@ -21,7 +21,9 @@ import java.io.IOException;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.List; import java.util.List;
import org.apache.lucene.util.LuceneTestCase.BadApple;
import org.apache.lucene.util.LuceneTestCase.Slow; import org.apache.lucene.util.LuceneTestCase.Slow;
import org.apache.solr.SolrTestCaseJ4.SuppressSSL;
import org.apache.solr.client.solrj.SolrQuery; import org.apache.solr.client.solrj.SolrQuery;
import org.apache.solr.client.solrj.SolrServer; import org.apache.solr.client.solrj.SolrServer;
import org.apache.solr.client.solrj.SolrServerException; import org.apache.solr.client.solrj.SolrServerException;
@ -47,6 +49,7 @@ import org.junit.BeforeClass;
* Super basic testing, no shard restarting or anything. * Super basic testing, no shard restarting or anything.
*/ */
@Slow @Slow
@SuppressSSL(bugUrl = "https://issues.apache.org/jira/browse/SOLR-5776")
public class FullSolrCloudDistribCmdsTest extends AbstractFullDistribZkTestBase { public class FullSolrCloudDistribCmdsTest extends AbstractFullDistribZkTestBase {
@BeforeClass @BeforeClass

View File

@ -47,7 +47,7 @@ import org.apache.lucene.util.LuceneTestCase.Slow;
* off in the cluster. * off in the cluster.
*/ */
@Slow @Slow
@SuppressSSL // tests starts with SSL off @SuppressSSL
public class SSLMigrationTest extends AbstractFullDistribZkTestBase { public class SSLMigrationTest extends AbstractFullDistribZkTestBase {
@Override @Override

View File

@ -24,6 +24,7 @@ import java.util.concurrent.SynchronousQueue;
import java.util.concurrent.ThreadPoolExecutor; import java.util.concurrent.ThreadPoolExecutor;
import java.util.concurrent.TimeUnit; import java.util.concurrent.TimeUnit;
import org.apache.solr.SolrTestCaseJ4.SuppressSSL;
import org.apache.lucene.util.LuceneTestCase.Slow; import org.apache.lucene.util.LuceneTestCase.Slow;
import org.apache.solr.client.solrj.SolrQuery; import org.apache.solr.client.solrj.SolrQuery;
import org.apache.solr.client.solrj.SolrServer; import org.apache.solr.client.solrj.SolrServer;
@ -45,6 +46,7 @@ import org.junit.BeforeClass;
* work as expected. * work as expected.
*/ */
@Slow @Slow
@SuppressSSL(bugUrl = "https://issues.apache.org/jira/browse/SOLR-5776")
public class UnloadDistributedZkTest extends BasicDistributedZkTest { public class UnloadDistributedZkTest extends BasicDistributedZkTest {
@BeforeClass @BeforeClass

View File

@ -21,6 +21,7 @@ import java.io.IOException;
import java.util.Arrays; import java.util.Arrays;
import org.apache.solr.BaseDistributedSearchTestCase; import org.apache.solr.BaseDistributedSearchTestCase;
import org.apache.solr.SolrTestCaseJ4.SuppressSSL;
import org.apache.solr.client.solrj.SolrServer; import org.apache.solr.client.solrj.SolrServer;
import org.apache.solr.client.solrj.SolrServerException; import org.apache.solr.client.solrj.SolrServerException;
import org.apache.solr.client.solrj.request.QueryRequest; import org.apache.solr.client.solrj.request.QueryRequest;
@ -31,6 +32,7 @@ import org.apache.solr.common.util.StrUtils;
import static org.apache.solr.update.processor.DistributingUpdateProcessorFactory.DISTRIB_UPDATE_PARAM; import static org.apache.solr.update.processor.DistributingUpdateProcessorFactory.DISTRIB_UPDATE_PARAM;
import static org.apache.solr.update.processor.DistributedUpdateProcessor.DistribPhase; import static org.apache.solr.update.processor.DistributedUpdateProcessor.DistribPhase;
@SuppressSSL(bugUrl = "https://issues.apache.org/jira/browse/SOLR-5776")
public class PeerSyncTest extends BaseDistributedSearchTestCase { public class PeerSyncTest extends BaseDistributedSearchTestCase {
private static int numVersions = 100; // number of versions to use when syncing private static int numVersions = 100; // number of versions to use when syncing
private final String FROM_LEADER = DistribPhase.FROMLEADER.toString(); private final String FROM_LEADER = DistribPhase.FROMLEADER.toString();

View File

@ -17,6 +17,7 @@
package org.apache.solr.client.solrj; package org.apache.solr.client.solrj;
import org.apache.solr.SolrTestCaseJ4.SuppressSSL;
import org.apache.solr.client.solrj.SolrExampleTests; import org.apache.solr.client.solrj.SolrExampleTests;
import org.apache.solr.client.solrj.SolrServer; import org.apache.solr.client.solrj.SolrServer;
import org.apache.solr.client.solrj.impl.BinaryRequestWriter; import org.apache.solr.client.solrj.impl.BinaryRequestWriter;
@ -30,6 +31,7 @@ import org.junit.BeforeClass;
* A subclass of SolrExampleTests that explicitly uses the binary * A subclass of SolrExampleTests that explicitly uses the binary
* codec for communication. * codec for communication.
*/ */
@SuppressSSL(bugUrl = "https://issues.apache.org/jira/browse/SOLR-5776")
public class SolrExampleBinaryTest extends SolrExampleTests { public class SolrExampleBinaryTest extends SolrExampleTests {
@BeforeClass @BeforeClass
public static void beforeTest() throws Exception { public static void beforeTest() throws Exception {

View File

@ -32,6 +32,7 @@ import com.google.common.collect.Maps;
import junit.framework.Assert; import junit.framework.Assert;
import org.apache.lucene.util.TestUtil; import org.apache.lucene.util.TestUtil;
import org.apache.solr.SolrTestCaseJ4.SuppressSSL;
import org.apache.solr.client.solrj.embedded.EmbeddedSolrServer; import org.apache.solr.client.solrj.embedded.EmbeddedSolrServer;
import org.apache.solr.client.solrj.impl.BinaryResponseParser; import org.apache.solr.client.solrj.impl.BinaryResponseParser;
import org.apache.solr.client.solrj.impl.ConcurrentUpdateSolrServer; import org.apache.solr.client.solrj.impl.ConcurrentUpdateSolrServer;
@ -69,6 +70,7 @@ import org.slf4j.LoggerFactory;
* *
* @since solr 1.3 * @since solr 1.3
*/ */
@SuppressSSL
abstract public class SolrExampleTests extends SolrExampleTestsBase abstract public class SolrExampleTests extends SolrExampleTestsBase
{ {
private static Logger log = LoggerFactory.getLogger(SolrExampleTests.class); private static Logger log = LoggerFactory.getLogger(SolrExampleTests.class);

View File

@ -17,6 +17,7 @@
package org.apache.solr.client.solrj; package org.apache.solr.client.solrj;
import org.apache.solr.SolrTestCaseJ4.SuppressSSL;
import org.apache.solr.client.solrj.impl.HttpSolrServer; import org.apache.solr.client.solrj.impl.HttpSolrServer;
import org.apache.solr.client.solrj.impl.XMLResponseParser; import org.apache.solr.client.solrj.impl.XMLResponseParser;
import org.apache.solr.client.solrj.request.RequestWriter; import org.apache.solr.client.solrj.request.RequestWriter;
@ -27,6 +28,7 @@ import org.junit.BeforeClass;
* A subclass of SolrExampleTests that explicitly uses the xml codec for * A subclass of SolrExampleTests that explicitly uses the xml codec for
* communication. * communication.
*/ */
@SuppressSSL(bugUrl = "https://issues.apache.org/jira/browse/SOLR-5776")
public class SolrExampleXMLTest extends SolrExampleTests { public class SolrExampleXMLTest extends SolrExampleTests {
@BeforeClass @BeforeClass
public static void beforeTest() throws Exception { public static void beforeTest() throws Exception {

View File

@ -17,6 +17,7 @@
package org.apache.solr.client.solrj; package org.apache.solr.client.solrj;
import org.apache.solr.SolrJettyTestBase; import org.apache.solr.SolrJettyTestBase;
import org.apache.solr.SolrTestCaseJ4.SuppressSSL;
import org.apache.solr.client.solrj.beans.Field; import org.apache.solr.client.solrj.beans.Field;
import org.apache.solr.client.solrj.impl.BinaryRequestWriter; import org.apache.solr.client.solrj.impl.BinaryRequestWriter;
import org.apache.solr.client.solrj.impl.HttpSolrServer; import org.apache.solr.client.solrj.impl.HttpSolrServer;
@ -36,6 +37,7 @@ import java.util.Iterator;
* @since solr 1.4 * @since solr 1.4
* *
*/ */
@SuppressSSL(bugUrl = "https://issues.apache.org/jira/browse/SOLR-5776")
public class TestBatchUpdate extends SolrJettyTestBase { public class TestBatchUpdate extends SolrJettyTestBase {
@BeforeClass @BeforeClass

View File

@ -17,6 +17,7 @@
package org.apache.solr.client.solrj.embedded; package org.apache.solr.client.solrj.embedded;
import org.apache.solr.SolrTestCaseJ4.SuppressSSL;
import org.apache.solr.client.solrj.SolrExampleTests; import org.apache.solr.client.solrj.SolrExampleTests;
import org.apache.solr.client.solrj.impl.HttpSolrServer; import org.apache.solr.client.solrj.impl.HttpSolrServer;
import org.apache.solr.util.ExternalPaths; import org.apache.solr.util.ExternalPaths;
@ -30,6 +31,7 @@ import org.junit.Test;
* rather then open a real connection? * rather then open a real connection?
* *
*/ */
@SuppressSSL(bugUrl = "https://issues.apache.org/jira/browse/SOLR-5776")
public class SolrExampleJettyTest extends SolrExampleTests { public class SolrExampleJettyTest extends SolrExampleTests {
@BeforeClass @BeforeClass

View File

@ -17,6 +17,7 @@ package org.apache.solr.client.solrj.embedded;
* limitations under the License. * limitations under the License.
*/ */
import org.apache.solr.SolrTestCaseJ4.SuppressSSL;
import org.apache.lucene.util.LuceneTestCase.Slow; import org.apache.lucene.util.LuceneTestCase.Slow;
import org.apache.solr.client.solrj.SolrServer; import org.apache.solr.client.solrj.SolrServer;
import org.apache.solr.client.solrj.impl.BinaryRequestWriter; import org.apache.solr.client.solrj.impl.BinaryRequestWriter;
@ -24,6 +25,7 @@ import org.apache.solr.client.solrj.impl.BinaryResponseParser;
import org.apache.solr.client.solrj.impl.ConcurrentUpdateSolrServer; import org.apache.solr.client.solrj.impl.ConcurrentUpdateSolrServer;
@Slow @Slow
@SuppressSSL(bugUrl = "https://issues.apache.org/jira/browse/SOLR-5776")
public class SolrExampleStreamingBinaryTest extends SolrExampleStreamingTest { public class SolrExampleStreamingBinaryTest extends SolrExampleStreamingTest {
@Override @Override

View File

@ -238,7 +238,7 @@ public abstract class SolrTestCaseJ4 extends LuceneTestCase {
return new SSLTestConfig(); return new SSLTestConfig();
} }
final boolean trySsl = true;//random().nextBoolean(); final boolean trySsl = random().nextBoolean();
boolean trySslClientAuth = random().nextBoolean(); boolean trySslClientAuth = random().nextBoolean();
if (Constants.MAC_OS_X) { if (Constants.MAC_OS_X) {
trySslClientAuth = false; trySslClientAuth = false;

View File

@ -22,7 +22,6 @@ import java.security.KeyManagementException;
import java.security.KeyStore; import java.security.KeyStore;
import java.security.KeyStoreException; import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException; import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException; import java.security.UnrecoverableKeyException;
import javax.net.ssl.SSLContext; import javax.net.ssl.SSLContext;
@ -41,7 +40,7 @@ import org.eclipse.jetty.util.security.CertificateUtils;
public class SSLTestConfig extends SSLConfig { public class SSLTestConfig extends SSLConfig {
public static File TEST_KEYSTORE = ExternalPaths.EXAMPLE_HOME == null ? null public static File TEST_KEYSTORE = ExternalPaths.EXAMPLE_HOME == null ? null
: new File(ExternalPaths.EXAMPLE_HOME, "../etc/solrtest.keystore"); : new File(ExternalPaths.EXAMPLE_HOME, "../etc/solrtest.keystore");
private static String SECURE_RANDOM_ALGORITHM = "SHA1PRNG";
private static String TEST_KEYSTORE_PATH = TEST_KEYSTORE != null private static String TEST_KEYSTORE_PATH = TEST_KEYSTORE != null
&& TEST_KEYSTORE.exists() ? TEST_KEYSTORE.getAbsolutePath() : null; && TEST_KEYSTORE.exists() ? TEST_KEYSTORE.getAbsolutePath() : null;
private static String TEST_KEYSTORE_PASSWORD = "secret"; private static String TEST_KEYSTORE_PASSWORD = "secret";
@ -52,12 +51,11 @@ public class SSLTestConfig extends SSLConfig {
} }
public SSLTestConfig(boolean useSSL, boolean clientAuth) { public SSLTestConfig(boolean useSSL, boolean clientAuth) {
this(useSSL, clientAuth, TEST_KEYSTORE_PATH, TEST_KEYSTORE_PASSWORD, TEST_KEYSTORE_PATH, TEST_KEYSTORE_PASSWORD); super(useSSL, clientAuth, TEST_KEYSTORE_PATH, TEST_KEYSTORE_PASSWORD, TEST_KEYSTORE_PATH, TEST_KEYSTORE_PASSWORD);
} }
public SSLTestConfig(boolean useSSL, boolean clientAuth, String keyStore, String keyStorePassword, String trustStore, String trustStorePassword) { public SSLTestConfig(boolean useSSL, boolean clientAuth, String keyStore, String keyStorePassword, String trustStore, String trustStorePassword) {
super(useSSL, clientAuth, keyStore, keyStorePassword, trustStore, trustStorePassword); super(useSSL, clientAuth, keyStore, keyStorePassword, trustStore, trustStorePassword);
setSecureRandomAlgorithm(SECURE_RANDOM_ALGORITHM);
} }
/** /**
@ -75,11 +73,10 @@ public class SSLTestConfig extends SSLConfig {
*/ */
protected SSLContext buildSSLContext() throws KeyManagementException, protected SSLContext buildSSLContext() throws KeyManagementException,
UnrecoverableKeyException, NoSuchAlgorithmException, KeyStoreException { UnrecoverableKeyException, NoSuchAlgorithmException, KeyStoreException {
return SSLContexts.custom() return SSLContexts.custom()
.loadKeyMaterial(buildKeyStore(getKeyStore(), getKeyStorePassword()), getKeyStorePassword().toCharArray()) .loadKeyMaterial(buildKeyStore(getKeyStore(), getKeyStorePassword()), getKeyStorePassword().toCharArray())
.loadTrustMaterial(buildKeyStore(getTrustStore(), getTrustStorePassword()), new TrustSelfSignedStrategy()) .loadTrustMaterial(buildKeyStore(getTrustStore(), getTrustStorePassword()), new TrustSelfSignedStrategy()).build();
.setSecureRandom(new NullSecureRandom()).build();
} }
@ -121,19 +118,4 @@ public class SSLTestConfig extends SSLConfig {
System.clearProperty("javax.net.ssl.trustStorePassword"); System.clearProperty("javax.net.ssl.trustStorePassword");
} }
/**
* We use this to avoid SecureRandom blocking issues due to too many
* instances or not enough random entropy. Tests do not need secure SSL.
*/
private static class NullSecureRandom extends SecureRandom {
public byte[] generateSeed(int numBytes) {
return new byte[numBytes];
}
synchronized public void nextBytes(byte[] bytes) {
}
synchronized public void setSeed(byte[] seed) {
}
}
} }