Merge pull request #13538 from rmuir/puff_on_this_aws

Hack around aws security hole of accessing sun.security.ssl, s3 repository works on java 9 again
2015-09-12 17:03:27 -04:00 · 2015-09-12 17:03:27 -04:00 · 39ecda1dad
parent e1efd5f6ba 174ca77ebf
commit 39ecda1dad
3 changed files with 28 additions and 5 deletions
--- a/core/src/main/java/org/elasticsearch/bootstrap/ESPolicy.java
+++ b/core/src/main/java/org/elasticsearch/bootstrap/ESPolicy.java
@ -61,7 +61,35 @@ final class ESPolicy extends Policy {
            }
        }

+        // Special handling for broken AWS code which destroys all SSL security
+        // REMOVE THIS when https://github.com/aws/aws-sdk-java/pull/432 is fixed
+        if (permission instanceof RuntimePermission && "accessClassInPackage.sun.security.ssl".equals(permission.getName())) {
+            for (StackTraceElement element : Thread.currentThread().getStackTrace()) {
+                if ("com.amazonaws.http.conn.ssl.SdkTLSSocketFactory".equals(element.getClassName()) &&
+                      "verifyMasterSecret".equals(element.getMethodName())) {
+                    // we found the horrible method: the hack begins!
+                    // force the aws code to back down, by throwing an exception that it catches.
+                    rethrow(new IllegalAccessException("no amazon, you cannot do this."));
+                }
+            }
+        }
        // otherwise defer to template + dynamic file permissions
        return template.implies(domain, permission) || dynamic.implies(permission);
    }
+
+    /**
+     * Classy puzzler to rethrow any checked exception as an unchecked one.
+     */
+    private static class Rethrower<T extends Throwable> {
+        private void rethrow(Throwable t) throws T {
+            throw (T) t;
+        }
+    }
+
+    /**
+     * Rethrows <code>t</code> (identical object).
+     */
+    private void rethrow(Throwable t) {
+        new Rethrower<Error>().rethrow(t);
+    }
 }
--- a/core/src/main/resources/org/elasticsearch/bootstrap/security.policy
+++ b/core/src/main/resources/org/elasticsearch/bootstrap/security.policy
@ -86,8 +86,6 @@ grant {
  // reflection hacks:
  // needed by groovy engine
  permission java.lang.RuntimePermission "accessClassInPackage.sun.reflect";
-  // needed by aws core sdk (TODO: look into this)
-  permission java.lang.RuntimePermission "accessClassInPackage.sun.security.ssl";
  
  // needed by RandomizedRunner
  permission java.lang.RuntimePermission "accessDeclaredMembers";
--- a/plugins/repository-s3/rest-api-spec/test/repository_s3/20_repository.yaml
+++ b/plugins/repository-s3/rest-api-spec/test/repository_s3/20_repository.yaml
@ -1,9 +1,6 @@
 # Integration tests for Repository S3 component
 #
 "S3 repository can be registereed":
-    - skip:
-        version: "all"
-        reason:  does not work on java9, see https://github.com/aws/aws-sdk-java/pull/432
    - do:
        snapshot.create_repository:
          repository: test_repo_s3_1