honeymoose
/
OpenSearch
mirror of https://github.com/honeymoose/OpenSearch.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update to incorporate changes made in Netty settings in elasticsearch elastic/elasticsearch#16200 

Original commit: elastic/x-pack-elasticsearch@0e54a24519
This commit is contained in:
Boaz Leskes 2016-01-28 11:11:15 +01:00
parent dfb9068e33
commit 0b73e3ef33
6 changed files with 17 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/transport/ShieldServerTransportService.java
View File

@ -28,7 +28,7 @@ import org.elasticsearch.transport.TransportRequestOptions;
import org.elasticsearch.transport.TransportResponse;
import org.elasticsearch.transport.TransportResponseHandler;
import org.elasticsearch.transport.TransportService;
import org.elasticsearch.transport.netty.NettyTransport;
import org.elasticsearch.transport.TransportSettings;
import java.util.Collections;
import java.util.HashMap;
@ -116,7 +116,7 @@ public class ShieldServerTransportService extends TransportService {
protected Map<String, ServerTransportFilter> initializeProfileFilters() {
if (!(transport instanceof ShieldNettyTransport)) {
return Collections.<String, ServerTransportFilter>singletonMap(NettyTransport.DEFAULT_PROFILE,
return Collections.<String, ServerTransportFilter>singletonMap(TransportSettings.DEFAULT_PROFILE,
new ServerTransportFilter.NodeProfile(authcService, authzService, actionMapper, threadPool.getThreadContext(), false));
}
@ -138,11 +138,11 @@ public class ShieldServerTransportService extends TransportService {
}
}
if (!profileFilters.containsKey(NettyTransport.DEFAULT_PROFILE)) {
if (!profileFilters.containsKey(TransportSettings.DEFAULT_PROFILE)) {
final boolean profileSsl = settings.getAsBoolean(TRANSPORT_SSL_SETTING, TRANSPORT_SSL_DEFAULT);
final boolean clientAuth = SSLClientAuth.parse(settings.get(TRANSPORT_CLIENT_AUTH_SETTING), TRANSPORT_CLIENT_AUTH_DEFAULT).enabled();
final boolean extractClientCert = profileSsl && clientAuth;
profileFilters.put(NettyTransport.DEFAULT_PROFILE, new ServerTransportFilter.NodeProfile(authcService, authzService, actionMapper, threadPool.getThreadContext(), extractClientCert));
profileFilters.put(TransportSettings.DEFAULT_PROFILE, new ServerTransportFilter.NodeProfile(authcService, authzService, actionMapper, threadPool.getThreadContext(), extractClientCert));
}
return Collections.unmodifiableMap(profileFilters);

6
elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/transport/filter/IPFilter.java
View File

@ -18,7 +18,7 @@ import org.elasticsearch.common.transport.BoundTransportAddress;
import org.elasticsearch.common.transport.TransportAddress;
import org.elasticsearch.shield.audit.AuditTrail;
import org.elasticsearch.shield.license.ShieldLicenseState;
import org.elasticsearch.transport.Transport;
import org.elasticsearch.transport.TransportSettings;
import java.net.InetAddress;
import java.util.ArrayList;
@ -103,14 +103,14 @@ public class IPFilter {
isHttpFilterEnabled = IP_FILTER_ENABLED_HTTP_SETTING.get(settings);
isIpFilterEnabled = IP_FILTER_ENABLED_SETTING.get(settings);
this.transportGroups = Transport.TRANSPORT_PROFILES_SETTING.get(settings).getAsGroups(); // this is pretty crazy that we allow this to be updateable!!! - we have to fix this very soon
this.transportGroups = TransportSettings.TRANSPORT_PROFILES_SETTING.get(settings).getAsGroups(); // this is pretty crazy that we allow this to be updateable!!! - we have to fix this very soon
clusterSettings.addSettingsUpdateConsumer(IP_FILTER_ENABLED_HTTP_SETTING, this::setHttpFiltering);
clusterSettings.addSettingsUpdateConsumer(IP_FILTER_ENABLED_SETTING, this::setTransportFiltering);
clusterSettings.addSettingsUpdateConsumer(TRANSPORT_FILTER_ALLOW_SETTING, this::setTransportAllowFilter);
clusterSettings.addSettingsUpdateConsumer(TRANSPORT_FILTER_DENY_SETTING, this::setTransportDenyFilter);
clusterSettings.addSettingsUpdateConsumer(HTTP_FILTER_ALLOW_SETTING, this::setHttpAllowFilter);
clusterSettings.addSettingsUpdateConsumer(HTTP_FILTER_DENY_SETTING, this::setHttpDenyFilter);
clusterSettings.addSettingsUpdateConsumer(Transport.TRANSPORT_PROFILES_SETTING, this::setTransportProfiles);
clusterSettings.addSettingsUpdateConsumer(TransportSettings.TRANSPORT_PROFILES_SETTING, this::setTransportProfiles);
updateRules();
}

4
elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/transport/ServerTransportFilterTests.java
View File

@ -14,7 +14,7 @@ import org.elasticsearch.shield.authc.AuthenticationService;
import org.elasticsearch.shield.authz.AuthorizationService;
import org.elasticsearch.test.ESTestCase;
import org.elasticsearch.transport.TransportRequest;
import org.elasticsearch.transport.netty.NettyTransport;
import org.elasticsearch.transport.TransportSettings;
import org.elasticsearch.transport.netty.NettyTransportChannel;
import org.junit.Before;
@ -41,7 +41,7 @@ public class ServerTransportFilterTests extends ESTestCase {
authcService = mock(AuthenticationService.class);
authzService = mock(AuthorizationService.class);
channel = mock(NettyTransportChannel.class);
when(channel.getProfileName()).thenReturn(NettyTransport.DEFAULT_PROFILE);
when(channel.getProfileName()).thenReturn(TransportSettings.DEFAULT_PROFILE);
filter = new ServerTransportFilter.NodeProfile(authcService, authzService, new ShieldActionMapper(), new ThreadContext(Settings.EMPTY), false);
}

8
elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/transport/TransportFilterTests.java
View File

@ -30,7 +30,7 @@ import org.elasticsearch.transport.TransportRequestHandler;
import org.elasticsearch.transport.TransportResponse;
import org.elasticsearch.transport.TransportResponseHandler;
import org.elasticsearch.transport.TransportService;
import org.elasticsearch.transport.netty.NettyTransport;
import org.elasticsearch.transport.TransportSettings;
import org.mockito.InOrder;
import java.io.IOException;
@ -95,8 +95,8 @@ public class TransportFilterTests extends ESIntegTestCase {
targetService.sendRequest(sourceNode, "_action", new Request("trgt_to_src"), new ResponseHandler(new Response("src_to_trgt"), latch));
await(latch);
ServerTransportFilter sourceServerFilter = ((InternalPluginServerTransportService)sourceService).transportFilter(NettyTransport.DEFAULT_PROFILE);
ServerTransportFilter targetServerFilter = ((InternalPluginServerTransportService)targetService).transportFilter(NettyTransport.DEFAULT_PROFILE);
ServerTransportFilter sourceServerFilter = ((InternalPluginServerTransportService) sourceService).transportFilter(TransportSettings.DEFAULT_PROFILE);
ServerTransportFilter targetServerFilter = ((InternalPluginServerTransportService) targetService).transportFilter(TransportSettings.DEFAULT_PROFILE);
ClientTransportFilter sourceClientFilter = internalCluster().getInstance(ClientTransportFilter.class, source);
ClientTransportFilter targetClientFilter = internalCluster().getInstance(ClientTransportFilter.class, target);
@ -307,7 +307,7 @@ public class TransportFilterTests extends ESIntegTestCase {
@Override
protected Map<String, ServerTransportFilter> initializeProfileFilters() {
return Collections.<String, ServerTransportFilter>singletonMap(NettyTransport.DEFAULT_PROFILE, mock(ServerTransportFilter.NodeProfile.class));
return Collections.<String, ServerTransportFilter>singletonMap(TransportSettings.DEFAULT_PROFILE, mock(ServerTransportFilter.NodeProfile.class));
}
}
}

3
elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/transport/filter/IPFilterTests.java
View File

@ -19,6 +19,7 @@ import org.elasticsearch.shield.license.ShieldLicenseState;
import org.elasticsearch.test.ESTestCase;
import org.elasticsearch.test.junit.annotations.Network;
import org.elasticsearch.transport.Transport;
import org.elasticsearch.transport.TransportSettings;
import org.junit.Before;
import org.mockito.ArgumentCaptor;
@ -62,7 +63,7 @@ public class IPFilterTests extends ESTestCase {
IPFilter.IP_FILTER_ENABLED_SETTING,
IPFilter.TRANSPORT_FILTER_ALLOW_SETTING,
IPFilter.TRANSPORT_FILTER_DENY_SETTING,
Transport.TRANSPORT_PROFILES_SETTING)));
TransportSettings.TRANSPORT_PROFILES_SETTING)));
httpTransport = mock(HttpServerTransport.class);
InetSocketTransportAddress httpAddress = new InetSocketTransportAddress(InetAddress.getLoopbackAddress(), 9200);

3
elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/transport/netty/IPFilterNettyUpstreamHandlerTests.java
View File

@ -18,6 +18,7 @@ import org.elasticsearch.shield.license.ShieldLicenseState;
import org.elasticsearch.shield.transport.filter.IPFilter;
import org.elasticsearch.test.ESTestCase;
import org.elasticsearch.transport.Transport;
import org.elasticsearch.transport.TransportSettings;
import org.jboss.netty.channel.Channel;
import org.jboss.netty.channel.ChannelConfig;
import org.jboss.netty.channel.ChannelEvent;
@ -66,7 +67,7 @@ public class IPFilterNettyUpstreamHandlerTests extends ESTestCase {
IPFilter.IP_FILTER_ENABLED_SETTING,
IPFilter.TRANSPORT_FILTER_ALLOW_SETTING,
IPFilter.TRANSPORT_FILTER_DENY_SETTING,
Transport.TRANSPORT_PROFILES_SETTING)));
TransportSettings.TRANSPORT_PROFILES_SETTING)));
ShieldLicenseState licenseState = mock(ShieldLicenseState.class);
when(licenseState.securityEnabled()).thenReturn(true);
IPFilter ipFilter = new IPFilter(settings, AuditTrail.NOOP, clusterSettings, licenseState);