SOLR-5776: *sigh* Revert this for now.

git-svn-id: https://svn.apache.org/repos/asf/lucene/dev/trunk@1588406 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Mark Robert Miller 2014-04-18 02:56:48 +00:00
parent 5630a25118
commit bbad949644
18 changed files with 31 additions and 39 deletions

View File

@ -83,9 +83,6 @@ Other Changes
* SOLR-5868: HttpClient should be configured to use ALLOW_ALL_HOSTNAME hostname
verifier to simplify SSL setup. (Steve Davids via Mark Miller)
* SOLR-5776: Enabled SSL tests can easily exhaust random generator entropy and
block. (Mark Miller, hossman, Steve Davids)
================== 4.9.0 ==================
Versions of Major Components

View File

@ -358,9 +358,6 @@ public class JettySolrRunner {
if (null != sslConfig.getTrustStorePassword()) {
sslcontext.setTrustStorePassword(sslConfig.getTrustStorePassword());
}
if (null != sslConfig.getSecureRandomAlgorithm()) {
sslcontext.setSecureRandomAlgorithm(sslConfig.getSecureRandomAlgorithm());
}
sslcontext.setNeedClientAuth(sslConfig.isClientAuthMode());
} else {
boolean jettySsl = Boolean.getBoolean(System.getProperty("tests.jettySsl"));

View File

@ -25,7 +25,6 @@ public class SSLConfig {
private String keyStorePassword;
private String trustStore;
private String trustStorePassword;
private String secureRandomAlgorithm;
public SSLConfig(boolean useSSL, boolean clientAuth, String keyStore, String keyStorePassword, String trustStore, String trustStorePassword) {
this.useSsl = useSSL;
@ -44,10 +43,6 @@ public class SSLConfig {
this.clientAuth = clientAuth;
}
public void setSecureRandomAlgorithm(String secureRandomAlgorithm) {
this.secureRandomAlgorithm = secureRandomAlgorithm;
}
public boolean isSSLMode() {
return useSsl;
}
@ -71,8 +66,4 @@ public class SSLConfig {
public String getTrustStorePassword() {
return trustStorePassword;
}
public String getSecureRandomAlgorithm() {
return secureRandomAlgorithm;
}
}

View File

@ -26,6 +26,7 @@ import java.util.regex.Pattern;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.impl.client.BasicResponseHandler;
import org.apache.solr.SolrTestCaseJ4.SuppressSSL;
import org.apache.solr.client.solrj.SolrQuery;
import org.apache.solr.client.solrj.SolrServer;
import org.apache.solr.client.solrj.SolrServerException;
@ -49,6 +50,7 @@ import org.apache.solr.util.AbstractSolrTestCase;
* This test simply does a bunch of basic things in solrcloud mode and asserts things
* work as expected.
*/
@SuppressSSL(bugUrl = "https://issues.apache.org/jira/browse/SOLR-5776")
public class BasicDistributedZk2Test extends AbstractFullDistribZkTestBase {
private static final String SHARD2 = "shard2";
private static final String SHARD1 = "shard1";

View File

@ -38,6 +38,7 @@ import java.util.concurrent.atomic.AtomicInteger;
import org.apache.commons.lang.StringUtils;
import org.apache.lucene.util.LuceneTestCase.Slow;
import org.apache.solr.JSONTestUtil;
import org.apache.solr.SolrTestCaseJ4.SuppressSSL;
import org.apache.solr.client.solrj.SolrQuery;
import org.apache.solr.client.solrj.SolrRequest;
import org.apache.solr.client.solrj.SolrServer;
@ -76,6 +77,7 @@ import org.junit.BeforeClass;
* work as expected.
*/
@Slow
@SuppressSSL(bugUrl = "https://issues.apache.org/jira/browse/SOLR-5776")
public class BasicDistributedZkTest extends AbstractFullDistribZkTestBase {
private static final String DEFAULT_COLLECTION = "collection1";

View File

@ -26,6 +26,7 @@ import java.util.concurrent.atomic.AtomicInteger;
import org.apache.http.client.HttpClient;
import org.apache.lucene.util.LuceneTestCase.Slow;
import org.apache.solr.SolrTestCaseJ4.SuppressSSL;
import org.apache.solr.client.solrj.SolrQuery;
import org.apache.solr.client.solrj.SolrServer;
import org.apache.solr.client.solrj.impl.CloudSolrServer;
@ -46,6 +47,7 @@ import org.slf4j.LoggerFactory;
import com.carrotsearch.randomizedtesting.annotations.ThreadLeakLingering;
@Slow
@SuppressSSL
@ThreadLeakLingering(linger = 60000)
public class ChaosMonkeyNothingIsSafeTest extends AbstractFullDistribZkTestBase {
private static final int FAIL_TOLERANCE = 20;

View File

@ -21,7 +21,9 @@ import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
import org.apache.lucene.util.LuceneTestCase.BadApple;
import org.apache.lucene.util.LuceneTestCase.Slow;
import org.apache.solr.SolrTestCaseJ4.SuppressSSL;
import org.apache.solr.client.solrj.SolrQuery;
import org.apache.solr.client.solrj.SolrServer;
import org.apache.solr.client.solrj.SolrServerException;
@ -47,6 +49,7 @@ import org.junit.BeforeClass;
* Super basic testing, no shard restarting or anything.
*/
@Slow
@SuppressSSL(bugUrl = "https://issues.apache.org/jira/browse/SOLR-5776")
public class FullSolrCloudDistribCmdsTest extends AbstractFullDistribZkTestBase {
@BeforeClass

View File

@ -47,7 +47,7 @@ import org.apache.lucene.util.LuceneTestCase.Slow;
* off in the cluster.
*/
@Slow
@SuppressSSL // tests starts with SSL off
@SuppressSSL
public class SSLMigrationTest extends AbstractFullDistribZkTestBase {
@Override

View File

@ -24,6 +24,7 @@ import java.util.concurrent.SynchronousQueue;
import java.util.concurrent.ThreadPoolExecutor;
import java.util.concurrent.TimeUnit;
import org.apache.solr.SolrTestCaseJ4.SuppressSSL;
import org.apache.lucene.util.LuceneTestCase.Slow;
import org.apache.solr.client.solrj.SolrQuery;
import org.apache.solr.client.solrj.SolrServer;
@ -45,6 +46,7 @@ import org.junit.BeforeClass;
* work as expected.
*/
@Slow
@SuppressSSL(bugUrl = "https://issues.apache.org/jira/browse/SOLR-5776")
public class UnloadDistributedZkTest extends BasicDistributedZkTest {
@BeforeClass

View File

@ -21,6 +21,7 @@ import java.io.IOException;
import java.util.Arrays;
import org.apache.solr.BaseDistributedSearchTestCase;
import org.apache.solr.SolrTestCaseJ4.SuppressSSL;
import org.apache.solr.client.solrj.SolrServer;
import org.apache.solr.client.solrj.SolrServerException;
import org.apache.solr.client.solrj.request.QueryRequest;
@ -31,6 +32,7 @@ import org.apache.solr.common.util.StrUtils;
import static org.apache.solr.update.processor.DistributingUpdateProcessorFactory.DISTRIB_UPDATE_PARAM;
import static org.apache.solr.update.processor.DistributedUpdateProcessor.DistribPhase;
@SuppressSSL(bugUrl = "https://issues.apache.org/jira/browse/SOLR-5776")
public class PeerSyncTest extends BaseDistributedSearchTestCase {
private static int numVersions = 100; // number of versions to use when syncing
private final String FROM_LEADER = DistribPhase.FROMLEADER.toString();

View File

@ -17,6 +17,7 @@
package org.apache.solr.client.solrj;
import org.apache.solr.SolrTestCaseJ4.SuppressSSL;
import org.apache.solr.client.solrj.SolrExampleTests;
import org.apache.solr.client.solrj.SolrServer;
import org.apache.solr.client.solrj.impl.BinaryRequestWriter;
@ -30,6 +31,7 @@ import org.junit.BeforeClass;
* A subclass of SolrExampleTests that explicitly uses the binary
* codec for communication.
*/
@SuppressSSL(bugUrl = "https://issues.apache.org/jira/browse/SOLR-5776")
public class SolrExampleBinaryTest extends SolrExampleTests {
@BeforeClass
public static void beforeTest() throws Exception {

View File

@ -32,6 +32,7 @@ import com.google.common.collect.Maps;
import junit.framework.Assert;
import org.apache.lucene.util.TestUtil;
import org.apache.solr.SolrTestCaseJ4.SuppressSSL;
import org.apache.solr.client.solrj.embedded.EmbeddedSolrServer;
import org.apache.solr.client.solrj.impl.BinaryResponseParser;
import org.apache.solr.client.solrj.impl.ConcurrentUpdateSolrServer;
@ -69,6 +70,7 @@ import org.slf4j.LoggerFactory;
*
* @since solr 1.3
*/
@SuppressSSL
abstract public class SolrExampleTests extends SolrExampleTestsBase
{
private static Logger log = LoggerFactory.getLogger(SolrExampleTests.class);

View File

@ -17,6 +17,7 @@
package org.apache.solr.client.solrj;
import org.apache.solr.SolrTestCaseJ4.SuppressSSL;
import org.apache.solr.client.solrj.impl.HttpSolrServer;
import org.apache.solr.client.solrj.impl.XMLResponseParser;
import org.apache.solr.client.solrj.request.RequestWriter;
@ -27,6 +28,7 @@ import org.junit.BeforeClass;
* A subclass of SolrExampleTests that explicitly uses the xml codec for
* communication.
*/
@SuppressSSL(bugUrl = "https://issues.apache.org/jira/browse/SOLR-5776")
public class SolrExampleXMLTest extends SolrExampleTests {
@BeforeClass
public static void beforeTest() throws Exception {

View File

@ -17,6 +17,7 @@
package org.apache.solr.client.solrj;
import org.apache.solr.SolrJettyTestBase;
import org.apache.solr.SolrTestCaseJ4.SuppressSSL;
import org.apache.solr.client.solrj.beans.Field;
import org.apache.solr.client.solrj.impl.BinaryRequestWriter;
import org.apache.solr.client.solrj.impl.HttpSolrServer;
@ -36,6 +37,7 @@ import java.util.Iterator;
* @since solr 1.4
*
*/
@SuppressSSL(bugUrl = "https://issues.apache.org/jira/browse/SOLR-5776")
public class TestBatchUpdate extends SolrJettyTestBase {
@BeforeClass

View File

@ -17,6 +17,7 @@
package org.apache.solr.client.solrj.embedded;
import org.apache.solr.SolrTestCaseJ4.SuppressSSL;
import org.apache.solr.client.solrj.SolrExampleTests;
import org.apache.solr.client.solrj.impl.HttpSolrServer;
import org.apache.solr.util.ExternalPaths;
@ -30,6 +31,7 @@ import org.junit.Test;
* rather then open a real connection?
*
*/
@SuppressSSL(bugUrl = "https://issues.apache.org/jira/browse/SOLR-5776")
public class SolrExampleJettyTest extends SolrExampleTests {
@BeforeClass

View File

@ -17,6 +17,7 @@ package org.apache.solr.client.solrj.embedded;
* limitations under the License.
*/
import org.apache.solr.SolrTestCaseJ4.SuppressSSL;
import org.apache.lucene.util.LuceneTestCase.Slow;
import org.apache.solr.client.solrj.SolrServer;
import org.apache.solr.client.solrj.impl.BinaryRequestWriter;
@ -24,6 +25,7 @@ import org.apache.solr.client.solrj.impl.BinaryResponseParser;
import org.apache.solr.client.solrj.impl.ConcurrentUpdateSolrServer;
@Slow
@SuppressSSL(bugUrl = "https://issues.apache.org/jira/browse/SOLR-5776")
public class SolrExampleStreamingBinaryTest extends SolrExampleStreamingTest {
@Override

View File

@ -238,7 +238,7 @@ public abstract class SolrTestCaseJ4 extends LuceneTestCase {
return new SSLTestConfig();
}
final boolean trySsl = true;//random().nextBoolean();
final boolean trySsl = random().nextBoolean();
boolean trySslClientAuth = random().nextBoolean();
if (Constants.MAC_OS_X) {
trySslClientAuth = false;

View File

@ -22,7 +22,6 @@ import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import javax.net.ssl.SSLContext;
@ -41,7 +40,7 @@ import org.eclipse.jetty.util.security.CertificateUtils;
public class SSLTestConfig extends SSLConfig {
public static File TEST_KEYSTORE = ExternalPaths.EXAMPLE_HOME == null ? null
: new File(ExternalPaths.EXAMPLE_HOME, "../etc/solrtest.keystore");
private static String SECURE_RANDOM_ALGORITHM = "SHA1PRNG";
private static String TEST_KEYSTORE_PATH = TEST_KEYSTORE != null
&& TEST_KEYSTORE.exists() ? TEST_KEYSTORE.getAbsolutePath() : null;
private static String TEST_KEYSTORE_PASSWORD = "secret";
@ -52,12 +51,11 @@ public class SSLTestConfig extends SSLConfig {
}
public SSLTestConfig(boolean useSSL, boolean clientAuth) {
this(useSSL, clientAuth, TEST_KEYSTORE_PATH, TEST_KEYSTORE_PASSWORD, TEST_KEYSTORE_PATH, TEST_KEYSTORE_PASSWORD);
super(useSSL, clientAuth, TEST_KEYSTORE_PATH, TEST_KEYSTORE_PASSWORD, TEST_KEYSTORE_PATH, TEST_KEYSTORE_PASSWORD);
}
public SSLTestConfig(boolean useSSL, boolean clientAuth, String keyStore, String keyStorePassword, String trustStore, String trustStorePassword) {
super(useSSL, clientAuth, keyStore, keyStorePassword, trustStore, trustStorePassword);
setSecureRandomAlgorithm(SECURE_RANDOM_ALGORITHM);
}
/**
@ -78,8 +76,7 @@ public class SSLTestConfig extends SSLConfig {
return SSLContexts.custom()
.loadKeyMaterial(buildKeyStore(getKeyStore(), getKeyStorePassword()), getKeyStorePassword().toCharArray())
.loadTrustMaterial(buildKeyStore(getTrustStore(), getTrustStorePassword()), new TrustSelfSignedStrategy())
.setSecureRandom(new NullSecureRandom()).build();
.loadTrustMaterial(buildKeyStore(getTrustStore(), getTrustStorePassword()), new TrustSelfSignedStrategy()).build();
}
@ -121,19 +118,4 @@ public class SSLTestConfig extends SSLConfig {
System.clearProperty("javax.net.ssl.trustStorePassword");
}
/**
* We use this to avoid SecureRandom blocking issues due to too many
* instances or not enough random entropy. Tests do not need secure SSL.
*/
private static class NullSecureRandom extends SecureRandom {
public byte[] generateSeed(int numBytes) {
return new byte[numBytes];
}
synchronized public void nextBytes(byte[] bytes) {
}
synchronized public void setSeed(byte[] seed) {
}
}
}