mirror of
https://github.com/honeymoose/OpenSearch.git
synced 2025-02-22 04:45:37 +00:00
Avoid blocking non-reproducible randomness in test (#36561)
The security documentation test uses SecureRandom#getStrongInstance. This defaults to securerandom.strongAlgorithms=NativePRNGBlocking:SUN,DRBG:SUN which means a blocking implementation that reads from /dev/random. This means that this test can stall if the entropy on the machine is exhausted. Anyway, it also means that the randomness is non-reproducible, a thing that we try to avoid in tests. This commit switches to a boring randomness source to avoid the blocking, and to keep the test reproducible.
This commit is contained in:
Jason Tedor
GitHub
parent
33152f648f
commit
4a8cd45cca
@ -56,8 +56,6 @@ import org.elasticsearch.client.security.GetSslCertificatesResponse;
|
||||
import org.elasticsearch.client.security.GetUserPrivilegesResponse;
|
||||
import org.elasticsearch.client.security.HasPrivilegesRequest;
|
||||
import org.elasticsearch.client.security.HasPrivilegesResponse;
|
||||
import org.elasticsearch.client.security.user.privileges.ApplicationResourcePrivileges;
|
||||
import org.elasticsearch.client.security.user.privileges.UserIndicesPrivileges;
|
||||
import org.elasticsearch.client.security.InvalidateTokenRequest;
|
||||
import org.elasticsearch.client.security.InvalidateTokenResponse;
|
||||
import org.elasticsearch.client.security.PutPrivilegesRequest;
|
||||
@ -74,19 +72,21 @@ import org.elasticsearch.client.security.support.expressiondsl.RoleMapperExpress
|
||||
import org.elasticsearch.client.security.support.expressiondsl.expressions.AnyRoleMapperExpression;
|
||||
import org.elasticsearch.client.security.support.expressiondsl.fields.FieldRoleMapperExpression;
|
||||
import org.elasticsearch.client.security.user.User;
|
||||
import org.elasticsearch.client.security.user.privileges.Role;
|
||||
import org.elasticsearch.client.security.user.privileges.ApplicationPrivilege;
|
||||
import org.elasticsearch.client.security.user.privileges.ApplicationResourcePrivileges;
|
||||
import org.elasticsearch.client.security.user.privileges.IndicesPrivileges;
|
||||
import org.elasticsearch.client.security.user.privileges.Role;
|
||||
import org.elasticsearch.client.security.user.privileges.UserIndicesPrivileges;
|
||||
import org.elasticsearch.common.util.set.Sets;
|
||||
import org.hamcrest.Matchers;
|
||||
|
||||
import javax.crypto.SecretKeyFactory;
|
||||
import javax.crypto.spec.PBEKeySpec;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.security.SecureRandom;
|
||||
import java.util.Base64;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Arrays;
|
||||
import java.util.Base64;
|
||||
import java.util.Collections;
|
||||
import java.util.HashMap;
|
||||
import java.util.Iterator;
|
||||
@ -97,8 +97,8 @@ import java.util.concurrent.CountDownLatch;
|
||||
import java.util.concurrent.TimeUnit;
|
||||
|
||||
import static org.hamcrest.Matchers.contains;
|
||||
import static org.hamcrest.Matchers.containsString;
|
||||
import static org.hamcrest.Matchers.containsInAnyOrder;
|
||||
import static org.hamcrest.Matchers.containsString;
|
||||
import static org.hamcrest.Matchers.empty;
|
||||
import static org.hamcrest.Matchers.emptyIterable;
|
||||
import static org.hamcrest.Matchers.equalTo;
|
||||
@ -131,7 +131,8 @@ public class SecurityDocumentationIT extends ESRestHighLevelClientTestCase {
|
||||
}
|
||||
{
|
||||
byte[] salt = new byte[32];
|
||||
SecureRandom.getInstanceStrong().nextBytes(salt);
|
||||
// no need for secure random in a test; it could block and would not be reproducible anyway
|
||||
random().nextBytes(salt);
|
||||
char[] password = new char[]{'p', 'a', 's', 's', 'w', 'o', 'r', 'd'};
|
||||
User user = new User("example2", Collections.singletonList("superuser"));
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user